General
-
Target
Danak-v0.68-qa.3.apk
-
Size
8.7MB
-
Sample
240523-pqmb4shh89
-
MD5
10b7ee902313e9e321c88c8cf4d27f19
-
SHA1
51b3dc1dbb4909ec628f02b5b612b0df415bcb73
-
SHA256
59bd63c6e74dc3df3e141ee28c61d4330ddb90c9712ff3c505baba50d1187f73
-
SHA512
7d79a0a428c551ec4112b06d5dfaf4264194ec9a5437c600e886649e384fb7d12fa990c8fcb1ad7fc80d77bd0e12a31f9a166586ec6d28307c5329d6ec9a1f84
-
SSDEEP
196608:vjr+rIzHL9y6nQxncZPSHCWpVfCCL1RGQppHy+RHer4gb2:n+UTLgsQxnqSHtnL2QppS78gb2
Malware Config
Targets
-
-
Target
Danak-v0.68-qa.3.apk
-
Size
8.7MB
-
MD5
10b7ee902313e9e321c88c8cf4d27f19
-
SHA1
51b3dc1dbb4909ec628f02b5b612b0df415bcb73
-
SHA256
59bd63c6e74dc3df3e141ee28c61d4330ddb90c9712ff3c505baba50d1187f73
-
SHA512
7d79a0a428c551ec4112b06d5dfaf4264194ec9a5437c600e886649e384fb7d12fa990c8fcb1ad7fc80d77bd0e12a31f9a166586ec6d28307c5329d6ec9a1f84
-
SSDEEP
196608:vjr+rIzHL9y6nQxncZPSHCWpVfCCL1RGQppHy+RHer4gb2:n+UTLgsQxnqSHtnL2QppS78gb2
Score8/10-
Checks if the Android device is rooted.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-