cbf10c793219adf26ce3c9a69df26b467d326e31d857c49e4c964000a3c84e3c | Triage

Submit
Reports

Overview

overview

7

Static

static

6

pda.apk

android-9-x86

7

pda.apk

android-10-x64

7

Sharing

General

Target

pda.apk
Size

4.9MB
Sample

240523-n5ys1sfg73
MD5

c4c3285e3c5b7481e3357004e50a581a
SHA1

6441f051acff781994c84730210fe1cb61708b28
SHA256

cbf10c793219adf26ce3c9a69df26b467d326e31d857c49e4c964000a3c84e3c
SHA512

66a780bbb6ddbcde1120f60c9312028c7ebc7fb45f0fd919826d31954ec094ed68cb2b49b8e83c91a2b551bdb21d00af9efde438da029b72fb8bd3967f2f9eff
SSDEEP

98304:sUTJ0ANW2ZGpYQcgCJ+F7u8hiqDrhp2jnisVUCTfEh5pBa4Eiu+4ES+i0:s+2AGIgIizhiqDrhp2rifR+72

Score

7^/10

android collection credential_access discovery evasion impact persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

pda.apk

Resource

android-x86-arm-20240514-en

discovery evasion impact persistence

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

pda.apk

Resource

android-x64-20240514-en

collection credential_access discovery evasion impact persistence

android-10-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  pda.apk
- Size
  
  4.9MB
- MD5
  
  c4c3285e3c5b7481e3357004e50a581a
- SHA1
  
  6441f051acff781994c84730210fe1cb61708b28
- SHA256
  
  cbf10c793219adf26ce3c9a69df26b467d326e31d857c49e4c964000a3c84e3c
- SHA512
  
  66a780bbb6ddbcde1120f60c9312028c7ebc7fb45f0fd919826d31954ec094ed68cb2b49b8e83c91a2b551bdb21d00af9efde438da029b72fb8bd3967f2f9eff
- SSDEEP
  
  98304:sUTJ0ANW2ZGpYQcgCJ+F7u8hiqDrhp2jnisVUCTfEh5pBa4Eiu+4ES+i0:s+2AGIgIizhiqDrhp2rifR+72
Score

7^/10

discovery evasion impact persistence collection credential_access
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

© 2018-2024

Terms | Privacy