General
-
Target
9146e0ede1c0e9014341ef0859ca62d230bea5d6535d800591a796e8dfe1dff9
-
Size
2.9MB
-
Sample
240410-pwz56afh88
-
MD5
5ef94cbc5a182cba6d65ec6884e98a21
-
SHA1
4f8145805eec0c4d8fc32b020744d4f3f1e39ccb
-
SHA256
9146e0ede1c0e9014341ef0859ca62d230bea5d6535d800591a796e8dfe1dff9
-
SHA512
ed8ce47c881bcb456026c5827fc5b9aeb9a412d709e5b9a60e247b9fc041a62ad7e29980007cfa5f960375960924901e95fef9d2d8d0f8a86d4c57ba2f68f90c
-
SSDEEP
49152:CCSq3bA25W0D04emo5SvbDuQmYs6uRMA7QqywT0EdyqDVpZfVJQ:5j3/I42SDFmLQLkzDVpfu
Malware Config
Targets
-
-
Target
9146e0ede1c0e9014341ef0859ca62d230bea5d6535d800591a796e8dfe1dff9
-
Size
2.9MB
-
MD5
5ef94cbc5a182cba6d65ec6884e98a21
-
SHA1
4f8145805eec0c4d8fc32b020744d4f3f1e39ccb
-
SHA256
9146e0ede1c0e9014341ef0859ca62d230bea5d6535d800591a796e8dfe1dff9
-
SHA512
ed8ce47c881bcb456026c5827fc5b9aeb9a412d709e5b9a60e247b9fc041a62ad7e29980007cfa5f960375960924901e95fef9d2d8d0f8a86d4c57ba2f68f90c
-
SSDEEP
49152:CCSq3bA25W0D04emo5SvbDuQmYs6uRMA7QqywT0EdyqDVpZfVJQ:5j3/I42SDFmLQLkzDVpfu
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device.
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-