Analysis
-
max time kernel
156s -
max time network
177s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
23/05/2024, 12:50
General
-
Target
com.zlya.intfire-2.1.19.apk
-
Size
12.7MB
-
MD5
5e676f122c3c2d3e5bb7dd0cecf67de8
-
SHA1
38ea665ee74341892c34ed1c177e7646e18e1920
-
SHA256
a2d84f922955b79be2e7d4e166f7f5fc91e34086d37dff79577fc3e9615d1fd4
-
SHA512
f65b89d4e8b89bd29a9d09ac2acaf6cb3fcbd0a52d97271b466f0cb57e00ecb6d12f660464f425758b424e8792354309cb88c1de9c269fd72007dcaf950334bf
-
SSDEEP
196608:t/bHwnDz5FS6nPWE6N3q1HMiZ7ElDv3QvpBBI9rUmM+5gluU6LXweY0LpHSrB:t/qp46nhT5fZ7ccvp3luJbAd
Score
7/10
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks the presence of a debugger
Processes
-
com.zlya.intfire1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)