General
-
Target
90d315e1f02685be8a04b7a89da79968d6ad3275261b55d3c2877c3612400684
-
Size
20.5MB
-
Sample
240401-cp839sah8t
-
MD5
5ecc15afe2f4f3499403c04ae8fa20a2
-
SHA1
7546d3959a7069eeb58f12dbd426b1de3b61cfe2
-
SHA256
90d315e1f02685be8a04b7a89da79968d6ad3275261b55d3c2877c3612400684
-
SHA512
e70ed0dd452d6ed9c9c396f9da2a96b8423bdfab097a29f5623678ed6e56d60de6b25dec7aff8544964ee45baf83efd7d7e998c970285b55140a7648c693c6f2
-
SSDEEP
393216:3v9/9sJA35z7A79L+bm91mbgafiubccZ3bbT9i/zVN2I+TXYRiKpPbNiRSKcsuJM:f8JA35z7c5jLmbBffc+3hi/zVN2Iko4f
Behavioral task
behavioral1
Sample
90d315e1f02685be8a04b7a89da79968d6ad3275261b55d3c2877c3612400684.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
90d315e1f02685be8a04b7a89da79968d6ad3275261b55d3c2877c3612400684.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
andrmonitor
https://anmon.name/mch.html
Targets
-
-
Target
90d315e1f02685be8a04b7a89da79968d6ad3275261b55d3c2877c3612400684
-
Size
20.5MB
-
MD5
5ecc15afe2f4f3499403c04ae8fa20a2
-
SHA1
7546d3959a7069eeb58f12dbd426b1de3b61cfe2
-
SHA256
90d315e1f02685be8a04b7a89da79968d6ad3275261b55d3c2877c3612400684
-
SHA512
e70ed0dd452d6ed9c9c396f9da2a96b8423bdfab097a29f5623678ed6e56d60de6b25dec7aff8544964ee45baf83efd7d7e998c970285b55140a7648c693c6f2
-
SSDEEP
393216:3v9/9sJA35z7A79L+bm91mbgafiubccZ3bbT9i/zVN2I+TXYRiKpPbNiRSKcsuJM:f8JA35z7c5jLmbBffc+3hi/zVN2Iko4f
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Acquires the wake lock
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-