General
-
Target
fe95855691cada4493641bc4f01eb00c670c002166d6591fe38073dd0ea1d001
-
Size
2.9MB
-
Sample
240410-shj4kacd37
-
MD5
0e9122e851abfa05a132b88b234d9bf3
-
SHA1
9f949b095c2ab4b305b2ea168ae376adbba72ffb
-
SHA256
fe95855691cada4493641bc4f01eb00c670c002166d6591fe38073dd0ea1d001
-
SHA512
e275096af659fe700245cd8d3953fd7fba613675af19108b26b8fe2073b45faf141a94901c601b2791fdee40c5ed3dc437dd1541d84a26aef53aeb9d70851aa5
-
SSDEEP
49152:Br5qyWl9vKOVTJKWJWs0p2NllLlFO6uRMA7YqyALoEdyqDVbgSw:lIym9SgTJKWUb6uYLkzDV0D
Malware Config
Targets
-
-
Target
fe95855691cada4493641bc4f01eb00c670c002166d6591fe38073dd0ea1d001
-
Size
2.9MB
-
MD5
0e9122e851abfa05a132b88b234d9bf3
-
SHA1
9f949b095c2ab4b305b2ea168ae376adbba72ffb
-
SHA256
fe95855691cada4493641bc4f01eb00c670c002166d6591fe38073dd0ea1d001
-
SHA512
e275096af659fe700245cd8d3953fd7fba613675af19108b26b8fe2073b45faf141a94901c601b2791fdee40c5ed3dc437dd1541d84a26aef53aeb9d70851aa5
-
SSDEEP
49152:Br5qyWl9vKOVTJKWJWs0p2NllLlFO6uRMA7YqyALoEdyqDVbgSw:lIym9SgTJKWUb6uYLkzDV0D
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device.
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-