Analysis
-
max time kernel
11s -
max time network
132s -
platform
android_x64 -
resource
android-33-x64-arm64-20240514-en -
resource tags
-
submitted
23-05-2024 12:18
General
-
Target
yssaas-release_104.apk
-
Size
10.0MB
-
MD5
0345baf80b07c40cfc31b9071dea18fc
-
SHA1
91bf2dbeb8398a77e8b2ade63f5d8cd7ab84270b
-
SHA256
86f93ef3367f00d04baf81b225793af79c2e68cc3ced0235330f37d6bc836395
-
SHA512
33b795a12a1ddd585f0dc59185519f0c473ae30ed7de919cea48aec98ca85803990d20524c1cff33c6fa0a11a883452d6a9efa911526a4146d81f28c80399b6f
-
SSDEEP
196608:tAjwNCz+VZUI+dvEABMNI6m/wXCaRFdLJdk1Elm4RkhYveR4kVJQ9WTyS7Vyt+nf:tAjwJUIlNN+4XCa/d2Elm4RkhYE4kVJj
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.yisheng.saas1⤵
- Requests cell location
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.yisheng.saas/files/libcuid.soFilesize
109B
MD5477b6bef36b9f86f3485724c4cdee195
SHA180f1d16b172009c49dcdb6dc32426831bba2f79f
SHA2561185d340e47e544def3045ff3e1146269d9576668507cea67b3e34c21953642b
SHA5127441a7aee0a9fe1d2b7a3b55b191b06f0153d578ed7f18f7a574e45fc215e3ff33dcc71ad5eee5ea867040fa39ca3884e8d8ecf378de687c8f5efbfc4166cf57