General

  • Target

    com.zlya.intfire.apk

  • Size

    12.9MB

  • Sample

    240523-qa283abh68

  • MD5

    71740901772cf9dfbfda3f4484d251cd

  • SHA1

    f2efed8f57978367fb9b6f5e39b948ae3fc33a93

  • SHA256

    9d01d2fbca0381a4823c073699ab5f9790228a19e26e481bac73061ef836d320

  • SHA512

    ccc555a47ab8c8301edf81ffc60b47c4c5025c0199270ab3cf55153e25c4464b3eaff48963bc4611da3cdf15df59d8e9a420437db8a7a1f40719ef9335a367aa

  • SSDEEP

    196608:+bHsnJz5FS6nPWE6N3q1HMiZ7ElDv3QvpB7I9rUmM+kf09LXHysSFCPbb4gn:+Ob46nhT5fZ7ccvpY91SCPP

Malware Config

Targets

    • Target

      com.zlya.intfire.apk

    • Size

      12.9MB

    • MD5

      71740901772cf9dfbfda3f4484d251cd

    • SHA1

      f2efed8f57978367fb9b6f5e39b948ae3fc33a93

    • SHA256

      9d01d2fbca0381a4823c073699ab5f9790228a19e26e481bac73061ef836d320

    • SHA512

      ccc555a47ab8c8301edf81ffc60b47c4c5025c0199270ab3cf55153e25c4464b3eaff48963bc4611da3cdf15df59d8e9a420437db8a7a1f40719ef9335a367aa

    • SSDEEP

      196608:+bHsnJz5FS6nPWE6N3q1HMiZ7ElDv3QvpB7I9rUmM+kf09LXHysSFCPbb4gn:+Ob46nhT5fZ7ccvpY91SCPP

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks