Overview

overview

8

Static

static

6

com.visax.....0.apk

android-9-x86

8

com.visax.....0.apk

android-10-x64

8

com.visax.....0.apk

android-11-x64

8

Resubmissions

28/05/2024, 13:40

240528-qyxcqagg83 8

28/05/2024, 13:39

240528-qx8dlagg56 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    com.visax.varisa_3.0.apk

  • Size

    5.4MB

  • Sample

    240528-qx8dlagg56

  • MD5

    97b8df6a48145e6afaaaf4df5e204c07

  • SHA1

    dac8a2e72c453cc53c794a9d4d677bc20c845436

  • SHA256

    eca02a7dbca7a85c78bd76931bb7ae7a284f98009af7223b8c3c68ef095b7c50

  • SHA512

    361b676781075598907a749f428a18eeb36f01c2cc868dd538c686edbea470a07c4e4d8417ee43b8dc2ae1ab521bc0cfe47f1cd9e94c802eead9527679331ded

  • SSDEEP

    98304:pz4WDwYtM6CDZIvtVufuX/PYwP5rJuxzKZD2Q752J7/qkkerrxxi+tJPSWvv7QuX:lXvtMxmouXth1smZtVg/ZkerygQuX

Score
8/10
androidbankercollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      com.visax.varisa_3.0.apk

    • Size

      5.4MB

    • MD5

      97b8df6a48145e6afaaaf4df5e204c07

    • SHA1

      dac8a2e72c453cc53c794a9d4d677bc20c845436

    • SHA256

      eca02a7dbca7a85c78bd76931bb7ae7a284f98009af7223b8c3c68ef095b7c50

    • SHA512

      361b676781075598907a749f428a18eeb36f01c2cc868dd538c686edbea470a07c4e4d8417ee43b8dc2ae1ab521bc0cfe47f1cd9e94c802eead9527679331ded

    • SSDEEP

      98304:pz4WDwYtM6CDZIvtVufuX/PYwP5rJuxzKZD2Q752J7/qkkerrxxi+tJPSWvv7QuX:lXvtMxmouXth1smZtVg/ZkerygQuX

    Score
    8/10
    bankerdiscoveryevasionpersistencecollectioncredential_accessimpact

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks