General
-
Target
a041bc05ffa20dc6df3387818a06329b54c84ca70cb281c0358d936aee0b3858.apk
-
Size
68.9MB
-
Sample
240521-rmybbagg99
-
MD5
7a5a2264a38d14ec36629301a1f97ed3
-
SHA1
9ff4d9a4fd79a6decdfc452d21f5954a90703398
-
SHA256
a041bc05ffa20dc6df3387818a06329b54c84ca70cb281c0358d936aee0b3858
-
SHA512
88bb457453d9831805199f588b24517e2f88a86fb1e0bafd3b1be3cb19b4ae115e6f42081aa723ec1653d6bfd6ea95601dc39b7893a7812f417e4b232f6843a5
-
SSDEEP
1572864:zbjAo4jkKsBxhMCb7ZMU1B+3cd9xXX0GQocKL:bcjkVhMChv1S+DfcI
Malware Config
Targets
-
-
Target
a041bc05ffa20dc6df3387818a06329b54c84ca70cb281c0358d936aee0b3858.apk
-
Size
68.9MB
-
MD5
7a5a2264a38d14ec36629301a1f97ed3
-
SHA1
9ff4d9a4fd79a6decdfc452d21f5954a90703398
-
SHA256
a041bc05ffa20dc6df3387818a06329b54c84ca70cb281c0358d936aee0b3858
-
SHA512
88bb457453d9831805199f588b24517e2f88a86fb1e0bafd3b1be3cb19b4ae115e6f42081aa723ec1653d6bfd6ea95601dc39b7893a7812f417e4b232f6843a5
-
SSDEEP
1572864:zbjAo4jkKsBxhMCb7ZMU1B+3cd9xXX0GQocKL:bcjkVhMChv1S+DfcI
Score10/10-
BadBazaar
BadBazaar is an Android spyware used by GREF APT group.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Reads the contacts stored on the device.
-
Reads the content of photos stored on the user's device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-