e8a21dfdcaaa2e06a29c07fdfae31c8c57b4d7104f24e9f07c2fa44b750d1fb1 | Triage

Submit
Reports

Overview

overview

8

Static

static

6

e8a21dfdca...b1.apk

android-9-x86

8

Sharing

General

Target

e8a21dfdcaaa2e06a29c07fdfae31c8c57b4d7104f24e9f07c2fa44b750d1fb1.bin
Size

975KB
Sample

240423-1xjekscd26
MD5

d62c4c00976a12f568b5ee1346ddde9c
SHA1

01b9eb1a2ece212553e1bf12d7c06988858317c3
SHA256

e8a21dfdcaaa2e06a29c07fdfae31c8c57b4d7104f24e9f07c2fa44b750d1fb1
SHA512

3dbf58f6608f56744cff074ea32cbfa1e68096cdb6ede7e4df572a76da448a49dc4c302323e2b6786f5e0dbc175401c5cc8f08c012569ed97a7de51594a20803
SSDEEP

12288:2G61LtYY30M2upYS34vEs++0U4k1hlfDsKQ8HCbkmI19fIdszF/YjPTkhUMBmiei:2d1LtYc0M2uMMs+yDxbX+ce+lqPLhlc

Score

8^/10

android discovery evasion impact persistence privilege_escalation stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e8a21dfdcaaa2e06a29c07fdfae31c8c57b4d7104f24e9f07c2fa44b750d1fb1.apk

Resource

android-x86-arm-20240221-en

discovery evasion impact persistence privilege_escalation stealth trojan

android-9-x86

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e8a21dfdcaaa2e06a29c07fdfae31c8c57b4d7104f24e9f07c2fa44b750d1fb1.bin
- Size
  
  975KB
- MD5
  
  d62c4c00976a12f568b5ee1346ddde9c
- SHA1
  
  01b9eb1a2ece212553e1bf12d7c06988858317c3
- SHA256
  
  e8a21dfdcaaa2e06a29c07fdfae31c8c57b4d7104f24e9f07c2fa44b750d1fb1
- SHA512
  
  3dbf58f6608f56744cff074ea32cbfa1e68096cdb6ede7e4df572a76da448a49dc4c302323e2b6786f5e0dbc175401c5cc8f08c012569ed97a7de51594a20803
- SSDEEP
  
  12288:2G61LtYY30M2upYS34vEs++0U4k1hlfDsKQ8HCbkmI19fIdszF/YjPTkhUMBmiei:2d1LtYc0M2uMMs+yDxbX+ce+lqPLhlc
Score

8^/10

discovery evasion impact persistence privilege_escalation stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Tries to add a device administrator.
  privilege_escalation impact
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionimpactpersistenceprivilege_escalationstealthtrojan

© 2018-2024

Terms | Privacy