0614226cde4e557699919924f92df3ef72ed24f396b21b333803436ba7a59130 | Triage

Sharing

General

Target

tsuki-odyssey-1.9.79-mod.apk
Size

573.6MB
Sample

240601-gwsr3scc9w
MD5

f741a1484ecd9f86373fc552cde9b12b
SHA1

929fa42c2916acc100942bb76f5358783a140bfa
SHA256

0614226cde4e557699919924f92df3ef72ed24f396b21b333803436ba7a59130
SHA512

6d7a92b447bee78afcfe5a1e3c41d06ed0816dde54e65baed35253965a383fbed0269f9ca2c688440e9b3c153c4dc1decd826ace5be8fb3c9bdabdcf5bae3433
SSDEEP

12582912:a104oF7GOgGkESuYWGwzZYFyIDOLtZmSyM:R7GpESuYWFzZYFyKOB7

Score

8^/10

android discovery evasion

Malware Config

Targets

- Target
  
  tsuki-odyssey-1.9.79-mod.apk
- Size
  
  573.6MB
- MD5
  
  f741a1484ecd9f86373fc552cde9b12b
- SHA1
  
  929fa42c2916acc100942bb76f5358783a140bfa
- SHA256
  
  0614226cde4e557699919924f92df3ef72ed24f396b21b333803436ba7a59130
- SHA512
  
  6d7a92b447bee78afcfe5a1e3c41d06ed0816dde54e65baed35253965a383fbed0269f9ca2c688440e9b3c153c4dc1decd826ace5be8fb3c9bdabdcf5bae3433
- SSDEEP
  
  12582912:a104oF7GOgGkESuYWGwzZYFyIDOLtZmSyM:R7GpESuYWFzZYFyKOB7
Score

8^/10

discovery evasion
- Checks if the Android device is rooted.
  evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion

behavioral3