15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d | Triage

Submit
Reports

Overview

overview

8

Static

static

6

15e5439975...2d.apk

android-9-x86

8

15e5439975...2d.apk

android-10-x64

8

15e5439975...2d.apk

android-11-x64

8

Sharing

General

Target

15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d.bin
Size

3.0MB
Sample

240423-1x1nvscd38
MD5

225785cd6b4dee46d8921b68e6947394
SHA1

303b37e927ac2973a1a247d60c65abd43a779e65
SHA256

15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d
SHA512

f5a129beffdf2131a5a1875b1497876e27bacde480137f7700c1eda98687ad335a55a357d58e6a510fd9be1150df8f8dcbbac8b3465e464d60138de20f573e9c
SSDEEP

12288:xTPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPJ:Kr

Score

8^/10

android collection credential_access discovery evasion impact persistence privilege_escalation stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d.apk

Resource

android-x86-arm-20240221-en

discovery evasion impact persistence privilege_escalation stealth trojan

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d.apk

Resource

android-x64-20240221-en

collection credential_access discovery evasion impact persistence stealth trojan

android-10-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d.apk

Resource

android-x64-arm64-20240221-en

collection credential_access discovery evasion impact privilege_escalation stealth trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d.bin
- Size
  
  3.0MB
- MD5
  
  225785cd6b4dee46d8921b68e6947394
- SHA1
  
  303b37e927ac2973a1a247d60c65abd43a779e65
- SHA256
  
  15e5439975308e17ec56ceeb2726dd5c17debde4433c094fabae29fd1660b12d
- SHA512
  
  f5a129beffdf2131a5a1875b1497876e27bacde480137f7700c1eda98687ad335a55a357d58e6a510fd9be1150df8f8dcbbac8b3465e464d60138de20f573e9c
- SSDEEP
  
  12288:xTPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPNwNPJ:Kr
Score

8^/10

discovery evasion impact persistence privilege_escalation stealth trojan collection credential_access
- Removes its main activity from the application launcher
  stealth trojan evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Tries to add a device administrator.
  privilege_escalation impact
- Acquires the wake lock
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionimpactpersistenceprivilege_escalationstealthtrojan

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistencestealthtrojan

behavioral3

collectioncredential_accessdiscoveryevasionimpactprivilege_escalationstealthtrojan

© 2018-2024

Terms | Privacy