General
-
Target
4f2b73a6f2a7816e54ff0b15b9dd555f
-
Size
4.1MB
-
Sample
240517-w1brpacf26
-
MD5
4f2b73a6f2a7816e54ff0b15b9dd555f
-
SHA1
f6e585e552cfdfc762d809a95bd48e41bc15c605
-
SHA256
29b0d86ae68d83f9578c3f36041df943195bc55a7f3f1d45a9c23f145d75af9d
-
SHA512
9d7759eee7082f28439ffb17e81c366dc1b92f15c074643bdd42d76fd404257e46bb644c3dccc7ce35efb734cb7e5f7a45393590ef75909654d6a9c463425a2d
-
SSDEEP
98304:F+iSqvb1KDI75XCuRHDwodfeeC8sB34wT+/ayBP77GSj10GAa:dSqDQDSjK8o3NT+/797eGAa
Static task
static1
Behavioral task
behavioral1
Sample
4f2b73a6f2a7816e54ff0b15b9dd555f.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
4f2b73a6f2a7816e54ff0b15b9dd555f.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
4f2b73a6f2a7816e54ff0b15b9dd555f.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
4f2b73a6f2a7816e54ff0b15b9dd555f
-
Size
4.1MB
-
MD5
4f2b73a6f2a7816e54ff0b15b9dd555f
-
SHA1
f6e585e552cfdfc762d809a95bd48e41bc15c605
-
SHA256
29b0d86ae68d83f9578c3f36041df943195bc55a7f3f1d45a9c23f145d75af9d
-
SHA512
9d7759eee7082f28439ffb17e81c366dc1b92f15c074643bdd42d76fd404257e46bb644c3dccc7ce35efb734cb7e5f7a45393590ef75909654d6a9c463425a2d
-
SSDEEP
98304:F+iSqvb1KDI75XCuRHDwodfeeC8sB34wT+/ayBP77GSj10GAa:dSqDQDSjK8o3NT+/797eGAa
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-