General
-
Target
c17d5c8b8b68e6e574688e93b9c80e4cdcb15162614f465be0baecec0f261974
-
Size
4.2MB
-
Sample
240418-h263bsed84
-
MD5
00aa9900205771b8c9e7927153b77cf2
-
SHA1
b43094c27584f5e0fc5feaa5c621e56d7c2f3ccb
-
SHA256
c17d5c8b8b68e6e574688e93b9c80e4cdcb15162614f465be0baecec0f261974
-
SHA512
a19d2e339b25bea61b158bbd13f632793aeb4c3f20776793dd0bee15c4bd9283644d7915d55b46b6adf5803ca30651392dc6ccb40f843bdf0c72208fb70890d1
-
SSDEEP
98304:FZxlRoI9e3PxUjrBbuF1voH30PITIgN/S6zYx/EmZMRye0vLOYrlQEjLE:Huke3Px0u/QH70OYdEmGye0jLc
Malware Config
Targets
-
-
Target
c17d5c8b8b68e6e574688e93b9c80e4cdcb15162614f465be0baecec0f261974
-
Size
4.2MB
-
MD5
00aa9900205771b8c9e7927153b77cf2
-
SHA1
b43094c27584f5e0fc5feaa5c621e56d7c2f3ccb
-
SHA256
c17d5c8b8b68e6e574688e93b9c80e4cdcb15162614f465be0baecec0f261974
-
SHA512
a19d2e339b25bea61b158bbd13f632793aeb4c3f20776793dd0bee15c4bd9283644d7915d55b46b6adf5803ca30651392dc6ccb40f843bdf0c72208fb70890d1
-
SSDEEP
98304:FZxlRoI9e3PxUjrBbuF1voH30PITIgN/S6zYx/EmZMRye0vLOYrlQEjLE:Huke3Px0u/QH70OYdEmGye0jLc
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries account information for other applications stored on the device.
Application may abuse the framework's APIs to collect account information stored on the device.
-
Reads the contacts stored on the device.
-
Reads the content of photos stored on the user's device.
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Checks the presence of a debugger
-