Overview

overview

7

Static

static

6

YSWorker_1.0.6.apk

android-9-x86

7

BaiduNaviS..._0.apk

android-9-x86

BaiduNaviS..._0.apk

android-10-x64

BaiduNaviS..._0.apk

android-11-x64

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    YSWorker_1.0.6.apk

  • Size

    8.6MB

  • Sample

    240523-plqtqshe65

  • MD5

    0a0f2eaab55ba8d552045b8d13a5730a

  • SHA1

    f3a4ad04703cb8ae10dbbb02245b4bcc5aac7fbe

  • SHA256

    2527a6e2d8c6dad9fe2cb9ba1d363c9ffceeb7fae89848239523eb1655e71319

  • SHA512

    0fa64a15c9159e7ea923d2d005e87f691c8219f9ee5d1b06ed4b6465cf6c8f21bb46117059b80720d57fe637a762dce9799d4ec961fa1db9c543e57ddeb01472

  • SSDEEP

    196608:q2pLALb9OLXxU1MxwlEj//gNjbD4aH6LvkKIvTpnzDjlzvTlg4f/u1s:q2p81dNL6QKILdXjl7d/F

Score
7/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      YSWorker_1.0.6.apk

    • Size

      8.6MB

    • MD5

      0a0f2eaab55ba8d552045b8d13a5730a

    • SHA1

      f3a4ad04703cb8ae10dbbb02245b4bcc5aac7fbe

    • SHA256

      2527a6e2d8c6dad9fe2cb9ba1d363c9ffceeb7fae89848239523eb1655e71319

    • SHA512

      0fa64a15c9159e7ea923d2d005e87f691c8219f9ee5d1b06ed4b6465cf6c8f21bb46117059b80720d57fe637a762dce9799d4ec961fa1db9c543e57ddeb01472

    • SSDEEP

      196608:q2pLALb9OLXxU1MxwlEj//gNjbD4aH6LvkKIvTpnzDjlzvTlg4f/u1s:q2p81dNL6QKILdXjl7d/F

    Score
    7/10
    discoveryevasionimpactpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1

    • Target

      BaiduNaviSDK_Resource_v1_0_0.png

    • Size

      1.4MB

    • MD5

      038c785558c6743e09a31631b9f04d1d

    • SHA1

      42ae6b74d418c4d839600471718b62dfd7d812a9

    • SHA256

      e9fc11fa95dc1e95a2cd4ef86905acdd79cfb71ba4ff9912c8e46b59ed685e45

    • SHA512

      573bfcc3effcece86e5ef8f0e9a84e9dd523936ef9224861a0ff834d35fb7d662e965e13ed5265306549c61d4458c7687471f680d7bf217004590c118de15794

    • SSDEEP

      24576:w9o5l0aiDLYxvm6iugA1Ft3unH1jR49OLt1xJqkqFn/wS2mM4:6ql07DL4e6Fpj36Hz49OLt1xorh/1M4

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      plugin-deploy.jar

    • Size

      206KB

    • MD5

      02fe22caeb17a9d7c7f5c3914e3cda29

    • SHA1

      7e3293216263ab967ca6e9a3c55ba589444e3de7

    • SHA256

      0fba8eedb44faf95448ed7e25bcba48b49aa981e1e1e154fcbd90e48447813a4

    • SHA512

      020324dd3b38d6d75fbb54f18caf0bfdff38e27b0c18aa83989b53e9da96a6d6c780f281b21da8f1b41e3de1206306954dc9d1e42aa2dd12f500b66e04f4c647

    • SSDEEP

      6144:QVMQdIey/0Jl8L9umLtnWy6C0mNiEfWBm63:QVMbL/q2nL4g0mNXf7o

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Mobile v15

Tasks