Analysis
-
max time kernel
161s -
max time network
140s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
26-05-2024 12:58
General
-
Target
rsbd.1.7.apk
-
Size
6.9MB
-
MD5
274d646ebe3870bf4644d11febb1808a
-
SHA1
05257f0f6028283cbe5b698f6e160de3f82720f8
-
SHA256
0212839b0851fdfd17724d3b6854f1ffa4c23115bf3328ac45b5cb0fda8ce275
-
SHA512
48575d316ef0feadaaf088db059465121f6548c91c9adc677c2318f448f0111f3dc4fef315a372c4a47b01ec11bbe792961fc029ea78c8c92864a133b0ba63c6
-
SSDEEP
98304:Ko0D7CJe3sxNJ+kdkMdenwCryh1N2T5NO6yNhoTBm/zKwEcWL0v+PGyrS+jJ5Eiy:KjiJe8xaMSrVTjWoQrpEczv+OyrS+fw
Score
7/10
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks the presence of a debugger
Processes
-
net.yunshi360.rsbd1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)