General
-
Target
37c94b09b98f3caf5a3fe3d391802dd3
-
Size
4.6MB
-
Sample
240517-wzlv9sce74
-
MD5
37c94b09b98f3caf5a3fe3d391802dd3
-
SHA1
f2351a31903222b8a7c451d331b2edbdbca1c9f6
-
SHA256
fe6cfe7b6e2e91a80ffbbce19629062de42efcc55cdd9ce54b13ce9a482fd280
-
SHA512
379b0f366ab9189b943b49778b5ba89cf814e82b6c16a4b3a0c506fadfc7e3653089f498ee45836534a7fe9af0c75b30fba4fd3e4a715832be3a856e12464019
-
SSDEEP
98304:K6QwrIl96T42v0Q01rW/h4GVtJLLahz2AXsV4A8NRBkSrYKtlfA0:K+gczwoh4GVtJve2ksKA2kmJtlfA0
Static task
static1
Behavioral task
behavioral1
Sample
37c94b09b98f3caf5a3fe3d391802dd3.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
37c94b09b98f3caf5a3fe3d391802dd3.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
37c94b09b98f3caf5a3fe3d391802dd3.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
37c94b09b98f3caf5a3fe3d391802dd3
-
Size
4.6MB
-
MD5
37c94b09b98f3caf5a3fe3d391802dd3
-
SHA1
f2351a31903222b8a7c451d331b2edbdbca1c9f6
-
SHA256
fe6cfe7b6e2e91a80ffbbce19629062de42efcc55cdd9ce54b13ce9a482fd280
-
SHA512
379b0f366ab9189b943b49778b5ba89cf814e82b6c16a4b3a0c506fadfc7e3653089f498ee45836534a7fe9af0c75b30fba4fd3e4a715832be3a856e12464019
-
SSDEEP
98304:K6QwrIl96T42v0Q01rW/h4GVtJLLahz2AXsV4A8NRBkSrYKtlfA0:K+gczwoh4GVtJve2ksKA2kmJtlfA0
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-