Analysis
-
max time kernel
158s -
max time network
179s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
-
submitted
22-05-2024 11:42
General
-
Target
com.zlya.intfire.apk
-
Size
12.3MB
-
MD5
b6d435344bf58df208d454bb1c0a6712
-
SHA1
b22b1b715caa47f3b16c6506a8fd1c0e01a519a0
-
SHA256
5995d3d351344aa6491501b9bfe907ba4b5eed9d088094f7a05de7dd7e40940a
-
SHA512
f74578328882e5f3fa87107da1912be9b353c755760f2670abfb46bc7caee216fb232017630813c7f930b58b5efd734087360313f82827695772f21434f67bd2
-
SSDEEP
196608:9qHboFwiStUy2b3Vyp8isbN2muzhTLNDMvZgMwDl9rUmM+xgiRWeQ2xsbCnD+EWV:98MS6b5isbYdZLCilSC2EYd
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Checks the presence of a debugger
Processes
-
com.zlya.intfire1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device