General
-
Target
samsung.apk
-
Size
10.5MB
-
Sample
240524-p9hs2aec2y
-
MD5
5791c3af37f8e78432345ce974faee13
-
SHA1
f5845fe0748e814a52dc89214de728f9bd1decd0
-
SHA256
751d8019a05b7b3ae112ea3ec983a11122aa65d5a499a86c1f23343667ed4bdd
-
SHA512
852db2088bf950c0c3e0add6e8857e930c4da61533032220d83197a6214dc2692ac55a489778e08f9f955abd58f603517629756399f86911e92f8baf3c13153b
-
SSDEEP
196608:GAsDympsd6pXJkxNCj2ZkDBUk9BPDT9AE+FXYeL7WRLydT:GFew6uXMNC6aDBUsAD5YeLaRLK
Malware Config
Targets
-
-
Target
samsung.apk
-
Size
10.5MB
-
MD5
5791c3af37f8e78432345ce974faee13
-
SHA1
f5845fe0748e814a52dc89214de728f9bd1decd0
-
SHA256
751d8019a05b7b3ae112ea3ec983a11122aa65d5a499a86c1f23343667ed4bdd
-
SHA512
852db2088bf950c0c3e0add6e8857e930c4da61533032220d83197a6214dc2692ac55a489778e08f9f955abd58f603517629756399f86911e92f8baf3c13153b
-
SSDEEP
196608:GAsDympsd6pXJkxNCj2ZkDBUk9BPDT9AE+FXYeL7WRLydT:GFew6uXMNC6aDBUsAD5YeLaRLK
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks Android system properties for emulator presence.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-