71681246e76db8456246a2ed80fcc599e7c0dc416185c4d56d5e9bec41f18205 | Triage

Sharing

General

Target

app-release-xjtwms_4.1.3.apk
Size

8.8MB
Sample

240521-f4kk1abh2z
MD5

89edd8274e2bddb3bd619fffb6ac0011
SHA1

11a453db24ff9e919f7c8bccb4d4ee0ba6fd3b4f
SHA256

71681246e76db8456246a2ed80fcc599e7c0dc416185c4d56d5e9bec41f18205
SHA512

9fb3bf8837eb1939ae0c7d00f8fbb82a7f2d9e0f561d54c6da8049d1b79bfd0b2c4feb427f3bc3082f1a40d80b6117ba48a10ec2848ba96e0ea782bedede2e60
SSDEEP

196608:GJAUuyHoJEe++ko9tyL3YV7lLUm/t0AIXxNEwszmh+ZMO97rI6XyUHarGz:LRuoJM30yzWd7eLFh+ZMOJrI0Nz

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  app-release-xjtwms_4.1.3.apk
- Size
  
  8.8MB
- MD5
  
  89edd8274e2bddb3bd619fffb6ac0011
- SHA1
  
  11a453db24ff9e919f7c8bccb4d4ee0ba6fd3b4f
- SHA256
  
  71681246e76db8456246a2ed80fcc599e7c0dc416185c4d56d5e9bec41f18205
- SHA512
  
  9fb3bf8837eb1939ae0c7d00f8fbb82a7f2d9e0f561d54c6da8049d1b79bfd0b2c4feb427f3bc3082f1a40d80b6117ba48a10ec2848ba96e0ea782bedede2e60
- SSDEEP
  
  196608:GJAUuyHoJEe++ko9tyL3YV7lLUm/t0AIXxNEwszmh+ZMO97rI6XyUHarGz:LRuoJM30yzWd7eLFh+ZMOJrI0Nz
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence