General
-
Target
2.apk
-
Size
14.5MB
-
Sample
240523-pxrv6saf64
-
MD5
a3d241bd45ef4dfed526a913a103e3ea
-
SHA1
7678886043841fe0b8320ff68c2d0c6beca2dc98
-
SHA256
b631229d7c9ba7864ecbe95f5599ec76e9dd1db7f242c57a47969b0602a15e53
-
SHA512
7a3145ade31bf606eb3c1b1af7368797fad3500c2eceebe18b1bdf89aad26a5839ebff387fa36b98d3456719ada37e7d2bc0bc8aaf4cd950e9c5505da63bd1a5
-
SSDEEP
393216:YYsLq2lQKg45MLxCMHEQfUNmeBhhvjBxvsPh509n5a0hJLbjz/:YYmq0Q054kUJfkBXjBxvtJ5aGLPT
Malware Config
Targets
-
-
Target
2.apk
-
Size
14.5MB
-
MD5
a3d241bd45ef4dfed526a913a103e3ea
-
SHA1
7678886043841fe0b8320ff68c2d0c6beca2dc98
-
SHA256
b631229d7c9ba7864ecbe95f5599ec76e9dd1db7f242c57a47969b0602a15e53
-
SHA512
7a3145ade31bf606eb3c1b1af7368797fad3500c2eceebe18b1bdf89aad26a5839ebff387fa36b98d3456719ada37e7d2bc0bc8aaf4cd950e9c5505da63bd1a5
-
SSDEEP
393216:YYsLq2lQKg45MLxCMHEQfUNmeBhhvjBxvsPh509n5a0hJLbjz/:YYmq0Q054kUJfkBXjBxvtJ5aGLPT
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-