General
-
Target
FMWhatsApp_v10.06.apk
-
Size
76.3MB
-
Sample
240601-vn4fhaaa85
-
MD5
bf97889a83a3502537b75a838e2dfbcb
-
SHA1
2fd399cdac741394ccfbc4c3b0830d224493b6f1
-
SHA256
8e23d2a47a28f012c3a0f41657cab8ba3930a3f56786e7b12598b194f1721e01
-
SHA512
2750cff9a4671609f7abec642f83def3aba81a3cdc179a1c507c0eb4d5e05265616f5b084f58cfe44ace746b0df2dfeaac74fc5ee5cd042cab858e7bfb351729
-
SSDEEP
1572864:V1oJUAOLAjIo0dVZPapJHhbozNd4TpQnJH/JgQhDJdVk:YNR0dTQJoRu8fSQhbVk
Malware Config
Targets
-
-
Target
FMWhatsApp_v10.06.apk
-
Size
76.3MB
-
MD5
bf97889a83a3502537b75a838e2dfbcb
-
SHA1
2fd399cdac741394ccfbc4c3b0830d224493b6f1
-
SHA256
8e23d2a47a28f012c3a0f41657cab8ba3930a3f56786e7b12598b194f1721e01
-
SHA512
2750cff9a4671609f7abec642f83def3aba81a3cdc179a1c507c0eb4d5e05265616f5b084f58cfe44ace746b0df2dfeaac74fc5ee5cd042cab858e7bfb351729
-
SSDEEP
1572864:V1oJUAOLAjIo0dVZPapJHhbozNd4TpQnJH/JgQhDJdVk:YNR0dTQJoRu8fSQhbVk
-
Patched UPX-packed file
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-