Analysis
-
max time kernel
35s -
max time network
146s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
23-05-2024 12:28
General
-
Target
zzhy0407-备份.apk
-
Size
7.1MB
-
MD5
0c59a1e6996cd4038213bc4655db7fe3
-
SHA1
8c0e78e4381a479ac7b46594e8f39be6f7093e7e
-
SHA256
77b9a0c15465443fb48ff3168866488fa91c53aafce1f2e037d534830e488b0b
-
SHA512
70d5b16c414846544b5f22ec2a17e8be07bf5b67a9460544ce3e96a547060bedbc89fbf169a818afb200901a12206a84a84cce91540ff52c04603644b6c68cd7
-
SSDEEP
196608:iUywdHql/E+9DnF1pje32Se3wd+1BFmoSumks:iXl7BnDpe3J43PFvSumR
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.b2515912829.fig1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.b2515912829.fig/files/APICLOUD_INSTANCE_IDFilesize
32B
MD58e2b21157fff5cee2453d4bd306d5bc8
SHA1236c716fe292c38bc92789e973b62537beddf88b
SHA2568b2919bc48c0fee77758a2ffb05115d7746f7aedbb43b497e4cc2a17a4d6dfa7
SHA512e685154b4cd80c66684691e608e8eda66771620a0132e701ae8e942e37cef1e302e8206a44c18eb31fde780b8dc933be99f10fa57e05b94a2b72c84c960290f6