General
-
Target
cjzf_mba_fwpt_mobile.apk
-
Size
3.8MB
-
Sample
240523-nz1qesfb4z
-
MD5
5c8548a25e6e58fc76489b0ccebd3b04
-
SHA1
5f580e2c5249c35c8642485600bb4ea434a7dab8
-
SHA256
9eaebf67c308aa2ff1f661ff765d1116aca6a31684eb868e9326282bc59c2f0d
-
SHA512
624337a4e351413496606ba09aad3b23855b1a798c17bc2868ffbaa372763241a456e7e6d1667d6dac104f68bd75022d0964f258a60fdbb22399221c0f03c363
-
SSDEEP
98304:30oiyvSIl+dBlyvSIl+3yvSIl+feNtDkUwYzlpncoF:EXyvS6wyvS6yyvS6uerppcoF
Malware Config
Targets
-
-
Target
cjzf_mba_fwpt_mobile.apk
-
Size
3.8MB
-
MD5
5c8548a25e6e58fc76489b0ccebd3b04
-
SHA1
5f580e2c5249c35c8642485600bb4ea434a7dab8
-
SHA256
9eaebf67c308aa2ff1f661ff765d1116aca6a31684eb868e9326282bc59c2f0d
-
SHA512
624337a4e351413496606ba09aad3b23855b1a798c17bc2868ffbaa372763241a456e7e6d1667d6dac104f68bd75022d0964f258a60fdbb22399221c0f03c363
-
SSDEEP
98304:30oiyvSIl+dBlyvSIl+3yvSIl+feNtDkUwYzlpncoF:EXyvS6wyvS6yyvS6uerppcoF
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-