Overview

overview

8

Static

static

6

Mimo_v4.43...ed.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Mimo_v4.43_Patched_by_youarefinished.apk

  • Size

    74.3MB

  • Sample

    240522-j91e7ahd59

  • MD5

    fb5aef89d0c876d49f2a516b99ea8d53

  • SHA1

    45dbf4c6f952398aa88c195b53a27cb35161a0ec

  • SHA256

    b682ae54f767059e150196cb86d9152c6a7217cb1764eecee4ef620917cbbce9

  • SHA512

    e4b7be958b84ee32401e04f749cd93eb0393753192101e37191dfd55af01a7f4ee6b2f6415f60f615b8e2e457d584684d46e1981a0d748010c6c1cfcb938938e

  • SSDEEP

    786432:Pmr28+2+Vcke9z+xk/s5+xtNIxpyoaxnzHe951XSBNbzu0BkhR7BkwrXNIIu:erN+jHa+xQpHFiH1R0B2rXNS

Score
8/10
androidcollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      Mimo_v4.43_Patched_by_youarefinished.apk

    • Size

      74.3MB

    • MD5

      fb5aef89d0c876d49f2a516b99ea8d53

    • SHA1

      45dbf4c6f952398aa88c195b53a27cb35161a0ec

    • SHA256

      b682ae54f767059e150196cb86d9152c6a7217cb1764eecee4ef620917cbbce9

    • SHA512

      e4b7be958b84ee32401e04f749cd93eb0393753192101e37191dfd55af01a7f4ee6b2f6415f60f615b8e2e457d584684d46e1981a0d748010c6c1cfcb938938e

    • SSDEEP

      786432:Pmr28+2+Vcke9z+xk/s5+xtNIxpyoaxnzHe951XSBNbzu0BkhR7BkwrXNIIu:erN+jHa+xQpHFiH1R0B2rXNS

    Score
    8/10
    collectioncredential_accessdiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence

    • Checks the presence of a debugger

      evasion

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks