Analysis
-
max time kernel
19s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
-
submitted
22-05-2024 12:22
General
-
Target
AAA_OTL_1.5.1.apk
-
Size
9.8MB
-
MD5
b92146427445598b49d0bba02139758b
-
SHA1
79791e06081a0b51a189f109272d20de444f2162
-
SHA256
0efdc8f5e0c75e1c4a4b7008b1406a25915f5df9e6b0d08c69dcd2786909c2c3
-
SHA512
9b699ec7babe19833b673fd8a7f6c44fb2e90d30ffff5bbb6d86a4c52fa8ecf6294aa1c3c3a41031f906ba611cf812fa75116147ff305eb582de45dbdba89529
-
SSDEEP
196608:2uhTgnaC91Bv9qBnnuN94iuAeqizOW3SbkeT3L5C6hbG1uRwiTyaxdIGfFvPL:Rny156nSa0eqiz7CbkeT3NphbG1uRPuS
Score
8/10
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 14 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the presence of a debugger
Processes
-
org.outline.android.client1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
-
org.outline.android.client:vpn1⤵
- Checks if the Android device is rooted.