General
-
Target
ee5ffa9a25bf909b27e35c9ad2341522600248eef7e744833c0e1dc383376ff3.apk
-
Size
53.6MB
-
Sample
240521-rhaz8agf65
-
MD5
84282112dbe52849adf0031eec26bb2c
-
SHA1
21dac90ce09633ef08fe592e098301307200751d
-
SHA256
ee5ffa9a25bf909b27e35c9ad2341522600248eef7e744833c0e1dc383376ff3
-
SHA512
a4b29b47dd7b85e05c2104dffb35d0193c84d7925e54143355ed54dc7b7e20fb08d64f25b5226f084fe1dba566b2bade10cc95e589f064942eff66e9f9c40262
-
SSDEEP
393216:6M2G64U1/sOv96jFCTq4xcTlS3OnxHj8kKx8qpDFsjely0YyeS:j64U1fdMxgkJ4DFO5yeS
Static task
static1
Behavioral task
behavioral1
Sample
ee5ffa9a25bf909b27e35c9ad2341522600248eef7e744833c0e1dc383376ff3.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
ee5ffa9a25bf909b27e35c9ad2341522600248eef7e744833c0e1dc383376ff3.apk
Resource
android-x64-20240514-en
Malware Config
Targets
-
-
Target
ee5ffa9a25bf909b27e35c9ad2341522600248eef7e744833c0e1dc383376ff3.apk
-
Size
53.6MB
-
MD5
84282112dbe52849adf0031eec26bb2c
-
SHA1
21dac90ce09633ef08fe592e098301307200751d
-
SHA256
ee5ffa9a25bf909b27e35c9ad2341522600248eef7e744833c0e1dc383376ff3
-
SHA512
a4b29b47dd7b85e05c2104dffb35d0193c84d7925e54143355ed54dc7b7e20fb08d64f25b5226f084fe1dba566b2bade10cc95e589f064942eff66e9f9c40262
-
SSDEEP
393216:6M2G64U1/sOv96jFCTq4xcTlS3OnxHj8kKx8qpDFsjely0YyeS:j64U1fdMxgkJ4DFO5yeS
-
Checks if the Android device is rooted.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks the presence of a debugger
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2