General
-
Target
100010.apk
-
Size
88.9MB
-
Sample
240512-xxw4wsca5x
-
MD5
e44f7ae01872784580b58df01a96b2b6
-
SHA1
e2c50cb29287c40d1201fdecab61298ec7f2c53d
-
SHA256
b73544e080f9b30cee9aa94dbdfefee5e1e61118cd22436ebdb79c35c2834cd3
-
SHA512
b76d97612086c62fb84ca5c099a79db31d5a466f55d17ed2fd42e8c932e2d1378ee3cf77e695374a7a27fb5f68f71c5bb2770bcd374c780b2c6d609407f3c454
-
SSDEEP
1572864:aFUbBxURAZr5HPapJH0V0gvDNV5QUGEmHY1E7L7QDH94o0Z3hVtm7nuhgMq6B:Mkk6Zr5vQ0bLNLQUGEUY1E7vrguhMA
Behavioral task
behavioral1
Sample
100010.apk
Resource
android-x86-arm-20240506-en
Malware Config
Targets
-
-
Target
100010.apk
-
Size
88.9MB
-
MD5
e44f7ae01872784580b58df01a96b2b6
-
SHA1
e2c50cb29287c40d1201fdecab61298ec7f2c53d
-
SHA256
b73544e080f9b30cee9aa94dbdfefee5e1e61118cd22436ebdb79c35c2834cd3
-
SHA512
b76d97612086c62fb84ca5c099a79db31d5a466f55d17ed2fd42e8c932e2d1378ee3cf77e695374a7a27fb5f68f71c5bb2770bcd374c780b2c6d609407f3c454
-
SSDEEP
1572864:aFUbBxURAZr5HPapJH0V0gvDNV5QUGEmHY1E7L7QDH94o0Z3hVtm7nuhgMq6B:Mkk6Zr5vQ0bLNLQUGEUY1E7vrguhMA
-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Patched UPX-packed file
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks the presence of a debugger
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2