e37dfe93dfa159c2388acd9219e4590dcdd906066ef2778d6f7c4beb4c12e2eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc7fd59810030b8988719dc7f1c929ef
Size

9.9MB
Sample

240315-27l4wsfc79
MD5

cc7fd59810030b8988719dc7f1c929ef
SHA1

6d7365ce8c30a2b109ecd06dc5bc1db94c2a0217
SHA256

e37dfe93dfa159c2388acd9219e4590dcdd906066ef2778d6f7c4beb4c12e2eb
SHA512

da6bd80158bebb16bf031ee975deeec66775f059cb1b389a704196809d68b822aa2b0e02f8a63c6132f5cb998fd0dea5341c10ec5a08995ab972288a104cfc17
SSDEEP

196608:JDWFwtYtIVS0QpxOs9wRu1YyKo4rtzJ3++YNQwkSn0j:JDcwqtyUN9wRsh4rFJ+hTkSnE

Score

8^/10

android collection discovery evasion

Malware Config

Targets

- Target
  
  cc7fd59810030b8988719dc7f1c929ef
- Size
  
  9.9MB
- MD5
  
  cc7fd59810030b8988719dc7f1c929ef
- SHA1
  
  6d7365ce8c30a2b109ecd06dc5bc1db94c2a0217
- SHA256
  
  e37dfe93dfa159c2388acd9219e4590dcdd906066ef2778d6f7c4beb4c12e2eb
- SHA512
  
  da6bd80158bebb16bf031ee975deeec66775f059cb1b389a704196809d68b822aa2b0e02f8a63c6132f5cb998fd0dea5341c10ec5a08995ab972288a104cfc17
- SSDEEP
  
  196608:JDWFwtYtIVS0QpxOs9wRu1YyKo4rtzJ3++YNQwkSn0j:JDcwqtyUN9wRsh4rFJ+hTkSnE
Score

8^/10

collection discovery evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Location Tracking

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryevasion

behavioral2