General
-
Target
vpn3000.apk
-
Size
11.8MB
-
Sample
240523-prdrcshg8z
-
MD5
25b615ad17a2c229cd2693a8124c2ab1
-
SHA1
116d18de7432390ca4b00d815e3319b58ae7d373
-
SHA256
3277e4ffaa712e938996baa02f765a82c804924dd3bd10f7a1467644770772da
-
SHA512
08dc1960b08e1a9a40803f876a44061e3c72de0dfdf799cd038c96c5cd6fb0d7d865cf8f162ae82d1cd12f30b37a0781f98a1db31dfde20c42e4cbd0e08c7189
-
SSDEEP
196608:EUcpeW0suT9yoqBwU00wrlya9NqlpuQsdzWc7yi0U56n521Cec58UxAMxlBD4K9c:E6Io0wr0acl22xR5CCwAfR4K9VO
Malware Config
Targets
-
-
Target
vpn3000.apk
-
Size
11.8MB
-
MD5
25b615ad17a2c229cd2693a8124c2ab1
-
SHA1
116d18de7432390ca4b00d815e3319b58ae7d373
-
SHA256
3277e4ffaa712e938996baa02f765a82c804924dd3bd10f7a1467644770772da
-
SHA512
08dc1960b08e1a9a40803f876a44061e3c72de0dfdf799cd038c96c5cd6fb0d7d865cf8f162ae82d1cd12f30b37a0781f98a1db31dfde20c42e4cbd0e08c7189
-
SSDEEP
196608:EUcpeW0suT9yoqBwU00wrlya9NqlpuQsdzWc7yi0U56n521Cec58UxAMxlBD4K9c:E6Io0wr0acl22xR5CCwAfR4K9VO
Score8/10-
Checks if the Android device is rooted.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Legitimate hosting services abused for malware hosting/C2
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks the presence of a debugger
-