Analysis
-
max time kernel
47s -
max time network
159s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
25-04-2024 07:31
Static task
static1
Behavioral task
behavioral1
Sample
Vencord-v1.0.6.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
Vencord-v1.0.6.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
Vencord-v1.0.6.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
Vencord-v1.0.6.apk
-
Size
1.2MB
-
MD5
c7a2996b321266ee65a05265ca8dfc71
-
SHA1
8bebb56419b329f15065ae9908bfb26f59d91a2e
-
SHA256
56fec181f0b43afa87d7cb76fbc5523ae788e5fed56356d5732a2f2b2cf6ab88
-
SHA512
63b6c9b37a5f1734a18e5dedfc1415bfc42f815afcef342cfac6f3bfb5fcffdcea7fe26ed0abb46b18fbaf905e196092ff3c7955e7d3e2dec0cd8104dacd2721
-
SSDEEP
24576:tdqbaAnGsPRwn4izoTu6tmkXYhafQTnHyxJhRwvarW6uMDT6nmtiS7bszq7K:tdqLGw6n4GujXKV7HyxJwvF46nmtiZqK
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 9 IoCs
Processes:
flow ioc 30 discord.com 31 discord.com 34 discord.com 35 discord.com 39 discord.com 40 discord.com 36 discord.com 37 discord.com 38 discord.com