Overview

overview

10

Static

static

10

daa7874459...1c.apk

android-9-x86

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    daa78744599ce43d41e3a7c99ffe676642f763855ff9bfb39e12a2a9229a2c1c

  • Size

    8.5MB

  • Sample

    240524-ptefnsce72

  • MD5

    557f116f9686f6e766cba9e87448961b

  • SHA1

    a5eef5cf8bbbd5d14b5960240f535c20988094a9

  • SHA256

    daa78744599ce43d41e3a7c99ffe676642f763855ff9bfb39e12a2a9229a2c1c

  • SHA512

    95a7ece1dce844964b84b5402bf523d4a3c0044efbdd9a7c55c2bcea89092d4932ed1224276bd1260db05d862f52e942a5e2600b73a5fa3d95bcebada259a0ce

  • SSDEEP

    98304:S/W1A9XMxaaBgv64eolPT7JWkPGKFEG9IcMMIcAXWhMPVakh7apeRsMuhlv/7OxI:8eA1MF/suKeOIzwlMPNMpeRjO37+DsCY

Score
10/10
smswormandroiddiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      daa78744599ce43d41e3a7c99ffe676642f763855ff9bfb39e12a2a9229a2c1c

    • Size

      8.5MB

    • MD5

      557f116f9686f6e766cba9e87448961b

    • SHA1

      a5eef5cf8bbbd5d14b5960240f535c20988094a9

    • SHA256

      daa78744599ce43d41e3a7c99ffe676642f763855ff9bfb39e12a2a9229a2c1c

    • SHA512

      95a7ece1dce844964b84b5402bf523d4a3c0044efbdd9a7c55c2bcea89092d4932ed1224276bd1260db05d862f52e942a5e2600b73a5fa3d95bcebada259a0ce

    • SSDEEP

      98304:S/W1A9XMxaaBgv64eolPT7JWkPGKFEG9IcMMIcAXWhMPVakh7apeRsMuhlv/7OxI:8eA1MF/suKeOIzwlMPNMpeRjO37+DsCY

    Score
    7/10
    discoveryevasionexecutionimpactpersistence

    • Checks Android system properties for emulator presence.

      evasion

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence
    behavioral1

MITRE ATT&CK Mobile v15

Tasks