Overview

overview

7

Static

static

6

Vanguard_G...ll.apk

android-9-x86

1

Vanguard_G...ll.apk

android-13-x64

1

origin.apk

android-9-x86

7

origin.apk

android-10-x64

7

origin.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Vanguard_Group_2.0_r_kill.apk

  • Size

    6.5MB

  • Sample

    240524-p6ra1adh2t

  • MD5

    e7406474b3b51d9a718769d9e7ce1910

  • SHA1

    9b4d12d1a9350a11b342542f3e8507120406f51b

  • SHA256

    cfd22fdb18d49dc85b72463380eceec8c78439dfc09d396f79f3c27b72c78512

  • SHA512

    0d1dc2e5d12c2fd41ec879a1975c03dc3bdf651d6c053d44289a3a139238543542cc5c4ff7ae4ca713b2fe0b60f7e6654fd906ddb3a1a3582a27f15698455b74

  • SSDEEP

    98304:8xTiqm92aVRbQ9cvCo2SCcGQUkkeeTiqm92aVRbQ9cvCo2SCcGQUkkLv:8ZRQTbhvK8keGRQTbhvK8kLv

Score
7/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      Vanguard_Group_2.0_r_kill.apk

    • Size

      6.5MB

    • MD5

      e7406474b3b51d9a718769d9e7ce1910

    • SHA1

      9b4d12d1a9350a11b342542f3e8507120406f51b

    • SHA256

      cfd22fdb18d49dc85b72463380eceec8c78439dfc09d396f79f3c27b72c78512

    • SHA512

      0d1dc2e5d12c2fd41ec879a1975c03dc3bdf651d6c053d44289a3a139238543542cc5c4ff7ae4ca713b2fe0b60f7e6654fd906ddb3a1a3582a27f15698455b74

    • SSDEEP

      98304:8xTiqm92aVRbQ9cvCo2SCcGQUkkeeTiqm92aVRbQ9cvCo2SCcGQUkkLv:8ZRQTbhvK8keGRQTbhvK8kLv

    Score
    1/10
    behavioral1behavioral2

    • Target

      origin.apk

    • Size

      3.3MB

    • MD5

      fc1c8fc279e20bb9991caa991964d111

    • SHA1

      a85f47baa878b0453abfd39b139eb085f474502d

    • SHA256

      1f8b90ceb13e0d9103d3adedf1eafb026c7223dd5bce4fae8d56d719e19f478f

    • SHA512

      6b028ecd17fb5b65cf455cb18999617418a9c139a2d4f6f9bcbf189640df3635e30bd44b76c7d9cd592a6d6e1822993e7e0a745eaa9e8f58192356b2464aca8b

    • SSDEEP

      49152:ypTiqNCp92ell5BOI9RbxEp9cvCQxz2/q0/5iGQ5mxp9aBkB5GcZgb1:YTiqm92aVRbQ9cvCo2SCcGQUkkej

    Score
    7/10
    discoveryevasionpersistencecollectioncredential_accessimpact

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery
    behavioral3behavioral4behavioral5

MITRE ATT&CK Matrix

Tasks