General
-
Target
mgsProMob_P500_V1_debug.apk
-
Size
38.5MB
-
Sample
240522-lm4v7sba2y
-
MD5
815f993b3484671626137a38cc75040a
-
SHA1
842b632998239220c4fcef38daf254eddb0238b1
-
SHA256
e6e205cfbcace364b17dcc15e6c8f5622bc11eac9bab08e89c7545b7f012afd2
-
SHA512
98a6c959a8042da20536e0fb551b9c5977c9b2e7ff8f906976a71fb96b87738b6554f7a14d7ab3252c6579bcbfa615c9fe6169cbd137dc2fe7c0f096b89c81fa
-
SSDEEP
786432:SBWmKi4u2/0pupAu+bRqJtkTkijwkCeMRrYRAEzRXl0jwh+bRqJa:eRZ2/0puCNqJuo67CeMiAEf4zNqJa
Malware Config
Targets
-
-
Target
mgsProMob_P500_V1_debug.apk
-
Size
38.5MB
-
MD5
815f993b3484671626137a38cc75040a
-
SHA1
842b632998239220c4fcef38daf254eddb0238b1
-
SHA256
e6e205cfbcace364b17dcc15e6c8f5622bc11eac9bab08e89c7545b7f012afd2
-
SHA512
98a6c959a8042da20536e0fb551b9c5977c9b2e7ff8f906976a71fb96b87738b6554f7a14d7ab3252c6579bcbfa615c9fe6169cbd137dc2fe7c0f096b89c81fa
-
SSDEEP
786432:SBWmKi4u2/0pupAu+bRqJtkTkijwkCeMRrYRAEzRXl0jwh+bRqJa:eRZ2/0puCNqJuo67CeMiAEf4zNqJa
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks Android system properties for emulator presence.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks if the internet connection is available
-