8e38d78d6cd0c2506406f8c0faed724a7d8e27db3ce77fec3f3b864be42ea043 | Triage

Submit
Reports

Overview

overview

8

Static

static

6

8e38d78d6c...43.apk

android-9-x86

8

Sharing

General

Target

8e38d78d6cd0c2506406f8c0faed724a7d8e27db3ce77fec3f3b864be42ea043.bin
Size

617KB
Sample

240423-1xl6gacd27
MD5

6f3b93caf9f42c77122efdc86719e935
SHA1

e797c6dc3550f146d260cff15655d39646e162de
SHA256

8e38d78d6cd0c2506406f8c0faed724a7d8e27db3ce77fec3f3b864be42ea043
SHA512

ad4f636f87d0118495dc10a004d3a3898ceb3296a6437f6ebf5b5bbfd6f7cf71a24b78ff6b708827d334e6beb4a8ebd7a6603b9e83e09c1305110c4ef45b64fd
SSDEEP

12288:VVBED9V8HxbQRZO/poJukhQJBv/S8t8K6xoq5rSI9M+PEDkhDZj3aRi:VVBEDn8HxERo/WJuEEx4KARrSIpPEDKv

Score

8^/10

android discovery evasion impact persistence privilege_escalation stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

8e38d78d6cd0c2506406f8c0faed724a7d8e27db3ce77fec3f3b864be42ea043.apk

Resource

android-x86-arm-20240221-en

discovery evasion impact persistence privilege_escalation stealth trojan

android-9-x86

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  8e38d78d6cd0c2506406f8c0faed724a7d8e27db3ce77fec3f3b864be42ea043.bin
- Size
  
  617KB
- MD5
  
  6f3b93caf9f42c77122efdc86719e935
- SHA1
  
  e797c6dc3550f146d260cff15655d39646e162de
- SHA256
  
  8e38d78d6cd0c2506406f8c0faed724a7d8e27db3ce77fec3f3b864be42ea043
- SHA512
  
  ad4f636f87d0118495dc10a004d3a3898ceb3296a6437f6ebf5b5bbfd6f7cf71a24b78ff6b708827d334e6beb4a8ebd7a6603b9e83e09c1305110c4ef45b64fd
- SSDEEP
  
  12288:VVBED9V8HxbQRZO/poJukhQJBv/S8t8K6xoq5rSI9M+PEDkhDZj3aRi:VVBEDn8HxERo/WJuEEx4KARrSIpPEDKv
Score

8^/10

discovery evasion impact persistence privilege_escalation stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Tries to add a device administrator.
  privilege_escalation impact
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionimpactpersistenceprivilege_escalationstealthtrojan

© 2018-2024

Terms | Privacy