General
-
Target
mgsProMob_P500_V1_debug.apk
-
Size
40.7MB
-
Sample
240522-k24y3sac8t
-
MD5
c0e1a0b126f2e0a869828b9dad9952a7
-
SHA1
04ac4e88af4a29154d78d038ec65f0ef661b2d64
-
SHA256
34cf4c116d03231715b4a5071acc361e4aa182e2f147f2b3c249a6b0099f2a66
-
SHA512
a76c368ad8c621711f1d7fc11970ff0498fbde9183481bc779cd7b1786a16c41946e697e2e5b110cd486fe7d0d0caba8c3a332d919357479b47e089896a783c0
-
SSDEEP
786432:lLdyxk3/rQF++5jg+qpKIej6Ikw+bRqJajwqjwfR+Bkh/+bRqJiCeMRrYRAEzRXq:lLwxWck/Xf4CZNqJijgIah2NqJiCeMis
Malware Config
Targets
-
-
Target
mgsProMob_P500_V1_debug.apk
-
Size
40.7MB
-
MD5
c0e1a0b126f2e0a869828b9dad9952a7
-
SHA1
04ac4e88af4a29154d78d038ec65f0ef661b2d64
-
SHA256
34cf4c116d03231715b4a5071acc361e4aa182e2f147f2b3c249a6b0099f2a66
-
SHA512
a76c368ad8c621711f1d7fc11970ff0498fbde9183481bc779cd7b1786a16c41946e697e2e5b110cd486fe7d0d0caba8c3a332d919357479b47e089896a783c0
-
SSDEEP
786432:lLdyxk3/rQF++5jg+qpKIej6Ikw+bRqJajwqjwfR+Bkh/+bRqJiCeMRrYRAEzRXq:lLwxWck/Xf4CZNqJijgIah2NqJiCeMis
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks Android system properties for emulator presence.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Checks the presence of a debugger
-