33de507f2e632fd8a67e221611c8cf36e5cb313d871200d7b2c0cecca640d593 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

app-release-xjtwms_3.5.2.apk
Size

8.2MB
Sample

240521-f7514scd79
MD5

ffe2c01f8b01f24024ac30dd3fae2928
SHA1

d81ffb305e08ec2a74e0a5f7fcb81ecace2dca85
SHA256

33de507f2e632fd8a67e221611c8cf36e5cb313d871200d7b2c0cecca640d593
SHA512

3fe450a0ad3f9e1aa11a576f62ed4e18d7a43b87104274be8736f35acb0ff4e06cafecdf549bd9ed914477ce6181d942d651016eb384f5eda996ffd0cc297528
SSDEEP

196608:sQcWnn0R1T8KMHWf2JPyl1Um/t0AIXxNEwszmh+ZdsC03RZyUHFrG6:d0xnl17eLFh+ZdR0DA6

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  app-release-xjtwms_3.5.2.apk
- Size
  
  8.2MB
- MD5
  
  ffe2c01f8b01f24024ac30dd3fae2928
- SHA1
  
  d81ffb305e08ec2a74e0a5f7fcb81ecace2dca85
- SHA256
  
  33de507f2e632fd8a67e221611c8cf36e5cb313d871200d7b2c0cecca640d593
- SHA512
  
  3fe450a0ad3f9e1aa11a576f62ed4e18d7a43b87104274be8736f35acb0ff4e06cafecdf549bd9ed914477ce6181d942d651016eb384f5eda996ffd0cc297528
- SSDEEP
  
  196608:sQcWnn0R1T8KMHWf2JPyl1Um/t0AIXxNEwszmh+ZdsC03RZyUHFrG6:d0xnl17eLFh+ZdR0DA6
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence