General
-
Target
Danak-v0.68-qa.2.apk
-
Size
8.7MB
-
Sample
240523-prwxyaab28
-
MD5
0613b94a057a87b1a2f9ca7df4ffe1af
-
SHA1
2fbf3c47f31b0f4f61691d49ab8dd8bd499effcd
-
SHA256
4995801ec6eb570920a9c9541bfd04ba6828746327423cc4884d5a9cb5d5b2b2
-
SHA512
285d50ee64c444dbc36392f7136d0e4516ab63b10c833c59d390fa842cb772a258ae767efa6d49752ec15f2ae5424cddcaee2f75e1ed496bacd49d2dadc6e079
-
SSDEEP
196608:mjr+rIzHL9y6nQxncZPuaisclubF5HzmdHy+RHer4CP:S+UTLgsQxnquT4bDcS78CP
Malware Config
Targets
-
-
Target
Danak-v0.68-qa.2.apk
-
Size
8.7MB
-
MD5
0613b94a057a87b1a2f9ca7df4ffe1af
-
SHA1
2fbf3c47f31b0f4f61691d49ab8dd8bd499effcd
-
SHA256
4995801ec6eb570920a9c9541bfd04ba6828746327423cc4884d5a9cb5d5b2b2
-
SHA512
285d50ee64c444dbc36392f7136d0e4516ab63b10c833c59d390fa842cb772a258ae767efa6d49752ec15f2ae5424cddcaee2f75e1ed496bacd49d2dadc6e079
-
SSDEEP
196608:mjr+rIzHL9y6nQxncZPuaisclubF5HzmdHy+RHer4CP:S+UTLgsQxnquT4bDcS78CP
Score8/10-
Checks if the Android device is rooted.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-