xamalicious | cc5ba183ca686b45e37b903de57063d98c97914cddf0db2feaec70ce0d6f96b6 | Triage

Sharing

General

Target

114-1.apk
Size

14.1MB
Sample

240522-pcf8yahc5v
MD5

a3d4e51edb653cdb33883229cd432d00
SHA1

89a03c75e1269bb89df6c1e4b55a97ce69569ae5
SHA256

cc5ba183ca686b45e37b903de57063d98c97914cddf0db2feaec70ce0d6f96b6
SHA512

356f6332f2b996c9218f32891611b27dc070e16124a426d714c92104eecfcba5c009c5977e99ac5800c6316777432787d831d4643a89de6f8090c4d74d2237f6
SSDEEP

196608:U5SKj7zfdgAKQX7IBoex0BHQ7BOnhQrQM3rWwXa1Y/sec7S9i53m2/kh/Rgy:zW7T2A/7u5aBqB0kQeqSU57n5r/ksy

Score

10^/10

xamalicious android discovery evasion persistence

Malware Config

Targets

- Target
  
  114-1.apk
- Size
  
  14.1MB
- MD5
  
  a3d4e51edb653cdb33883229cd432d00
- SHA1
  
  89a03c75e1269bb89df6c1e4b55a97ce69569ae5
- SHA256
  
  cc5ba183ca686b45e37b903de57063d98c97914cddf0db2feaec70ce0d6f96b6
- SHA512
  
  356f6332f2b996c9218f32891611b27dc070e16124a426d714c92104eecfcba5c009c5977e99ac5800c6316777432787d831d4643a89de6f8090c4d74d2237f6
- SSDEEP
  
  196608:U5SKj7zfdgAKQX7IBoex0BHQ7BOnhQrQM3rWwXa1Y/sec7S9i53m2/kh/Rgy:zW7T2A/7u5aBqB0kQeqSU57n5r/ksy
Score

7^/10

discovery evasion persistence
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence