56fec181f0b43afa87d7cb76fbc5523ae788e5fed56356d5732a2f2b2cf6ab88 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

Vencord-v1.0.6.apk

android-9-x86

7

Vencord-v1.0.6.apk

android-10-x64

7

Vencord-v1.0.6.apk

android-11-x64

7

Sharing

General

Target

Vencord-v1.0.6.apk
Size

1.2MB
Sample

240425-jcj2yagg94
MD5

c7a2996b321266ee65a05265ca8dfc71
SHA1

8bebb56419b329f15065ae9908bfb26f59d91a2e
SHA256

56fec181f0b43afa87d7cb76fbc5523ae788e5fed56356d5732a2f2b2cf6ab88
SHA512

63b6c9b37a5f1734a18e5dedfc1415bfc42f815afcef342cfac6f3bfb5fcffdcea7fe26ed0abb46b18fbaf905e196092ff3c7955e7d3e2dec0cd8104dacd2721
SSDEEP

24576:tdqbaAnGsPRwn4izoTu6tmkXYhafQTnHyxJhRwvarW6uMDT6nmtiS7bszq7K:tdqLGw6n4GujXKV7HyxJwvF46nmtiZqK

Score

7^/10

android collection credential_access discovery evasion impact persistence

Static task

static1

Behavioral task

behavioral1

Sample

Vencord-v1.0.6.apk

Resource

android-x86-arm-20240221-en

discovery evasion persistence

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Vencord-v1.0.6.apk

Resource

android-x64-20240221-en

collection credential_access discovery evasion impact persistence

android-10-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

Vencord-v1.0.6.apk

Resource

android-x64-arm64-20240221-en

collection credential_access discovery evasion impact

android-11-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  Vencord-v1.0.6.apk
- Size
  
  1.2MB
- MD5
  
  c7a2996b321266ee65a05265ca8dfc71
- SHA1
  
  8bebb56419b329f15065ae9908bfb26f59d91a2e
- SHA256
  
  56fec181f0b43afa87d7cb76fbc5523ae788e5fed56356d5732a2f2b2cf6ab88
- SHA512
  
  63b6c9b37a5f1734a18e5dedfc1415bfc42f815afcef342cfac6f3bfb5fcffdcea7fe26ed0abb46b18fbaf905e196092ff3c7955e7d3e2dec0cd8104dacd2721
- SSDEEP
  
  24576:tdqbaAnGsPRwn4izoTu6tmkXYhafQTnHyxJhRwvarW6uMDT6nmtiS7bszq7K:tdqLGw6n4GujXKV7HyxJwvF46nmtiZqK
Score

7^/10

discovery evasion persistence collection credential_access impact
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessdiscoveryevasionimpact

© 2018-2024

Terms | Privacy