Overview

overview

7

Static

static

6

yswork1.0.5.apk

android-9-x86

7

BaiduNaviS..._0.apk

android-9-x86

BaiduNaviS..._0.apk

android-10-x64

BaiduNaviS..._0.apk

android-11-x64

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    yswork1.0.5.apk

  • Size

    8.6MB

  • Sample

    240523-n1s2zafd52

  • MD5

    b452f703b8cf04cee554a37e7ae2addd

  • SHA1

    fb06f191ecc328a7569f4a6e931a85d01685d4ba

  • SHA256

    917447004b5f762d50a3b7740691ff3cc5a0fbff49c956ce72b27c56c985fd5d

  • SHA512

    2ab96dd94d45cdf1b765e5a617d953df792370dae1dbc9bba27ed7af3fc487f1b41873e796dc142bec9598cdade3db40ec36a56c88e725cb0f3f05b7de135252

  • SSDEEP

    196608:+lzLALb9OLXxU1MfwlEm9pINjbD4aH6RvkKIR2Sg812iFIGIaIvQSRrX6z:+lz81cNL6iKI2LiFmaiQIDC

Score
7/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      yswork1.0.5.apk

    • Size

      8.6MB

    • MD5

      b452f703b8cf04cee554a37e7ae2addd

    • SHA1

      fb06f191ecc328a7569f4a6e931a85d01685d4ba

    • SHA256

      917447004b5f762d50a3b7740691ff3cc5a0fbff49c956ce72b27c56c985fd5d

    • SHA512

      2ab96dd94d45cdf1b765e5a617d953df792370dae1dbc9bba27ed7af3fc487f1b41873e796dc142bec9598cdade3db40ec36a56c88e725cb0f3f05b7de135252

    • SSDEEP

      196608:+lzLALb9OLXxU1MfwlEm9pINjbD4aH6RvkKIR2Sg812iFIGIaIvQSRrX6z:+lz81cNL6iKI2LiFmaiQIDC

    Score
    7/10
    discoveryevasionimpactpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1

    • Target

      BaiduNaviSDK_Resource_v1_0_0.png

    • Size

      1.4MB

    • MD5

      038c785558c6743e09a31631b9f04d1d

    • SHA1

      42ae6b74d418c4d839600471718b62dfd7d812a9

    • SHA256

      e9fc11fa95dc1e95a2cd4ef86905acdd79cfb71ba4ff9912c8e46b59ed685e45

    • SHA512

      573bfcc3effcece86e5ef8f0e9a84e9dd523936ef9224861a0ff834d35fb7d662e965e13ed5265306549c61d4458c7687471f680d7bf217004590c118de15794

    • SSDEEP

      24576:w9o5l0aiDLYxvm6iugA1Ft3unH1jR49OLt1xJqkqFn/wS2mM4:6ql07DL4e6Fpj36Hz49OLt1xorh/1M4

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      plugin-deploy.jar

    • Size

      206KB

    • MD5

      02fe22caeb17a9d7c7f5c3914e3cda29

    • SHA1

      7e3293216263ab967ca6e9a3c55ba589444e3de7

    • SHA256

      0fba8eedb44faf95448ed7e25bcba48b49aa981e1e1e154fcbd90e48447813a4

    • SHA512

      020324dd3b38d6d75fbb54f18caf0bfdff38e27b0c18aa83989b53e9da96a6d6c780f281b21da8f1b41e3de1206306954dc9d1e42aa2dd12f500b66e04f4c647

    • SSDEEP

      6144:QVMQdIey/0Jl8L9umLtnWy6C0mNiEfWBm63:QVMbL/q2nL4g0mNXf7o

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Matrix

Tasks