General
-
Target
AndroidApkAnalyzer.apk
-
Size
4.4MB
-
Sample
240521-ggn6cafb7z
-
MD5
cc57da1a0886b63e913d166bdce662bc
-
SHA1
4d8b5353120c5ed142a88bdededad978cf67aecb
-
SHA256
35614cbb81b159d2dc0c8c4a6d4678e70e2b0d6d335fe51f9431a3665efbe77d
-
SHA512
fb70e69845c101c4c7ab5a63354d7865b6cec12143b665a8a7c8d8825aa17dcc9fae9df97311fa438c0e599f9c4901a7ef9a1ef7b07bd2007ffe74d037dba989
-
SSDEEP
98304:aJt3boZniB8qwthoLaVAv1sVt2teerxgTbL:cCZnk81tuaU1+SeQ2TP
Malware Config
Targets
-
-
Target
AndroidApkAnalyzer.apk
-
Size
4.4MB
-
MD5
cc57da1a0886b63e913d166bdce662bc
-
SHA1
4d8b5353120c5ed142a88bdededad978cf67aecb
-
SHA256
35614cbb81b159d2dc0c8c4a6d4678e70e2b0d6d335fe51f9431a3665efbe77d
-
SHA512
fb70e69845c101c4c7ab5a63354d7865b6cec12143b665a8a7c8d8825aa17dcc9fae9df97311fa438c0e599f9c4901a7ef9a1ef7b07bd2007ffe74d037dba989
-
SSDEEP
98304:aJt3boZniB8qwthoLaVAv1sVt2teerxgTbL:cCZnk81tuaU1+SeQ2TP
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2