General

  • Target

    GolgeTV-PLUS-1.2.7.apk

  • Size

    4.3MB

  • Sample

    240603-shffdabf29

  • MD5

    35b8a0221ca6dd2cef4c57c5ecfc44ae

  • SHA1

    09fd6208be9dd7eab3abd020168668e105e65ecd

  • SHA256

    d45d435a278e9ea1729cac26403f2331cba88bc429b997cd5324e20e4fbaa169

  • SHA512

    7b5ba2684e28b3a98f1c6c46baee22124e6c8b8f69909c47365b9b618a5c95a7f940130da5cbb73376686abf028c7611418883e7321a9786913eecc955bc13f9

  • SSDEEP

    98304:87E0g9oYwFf6Wy7MO3b4ddkeFH2x1KBG4fr0mr0wC3:sE05BKj3bNPkHrBC3

Malware Config

Targets

    • Target

      GolgeTV-PLUS-1.2.7.apk

    • Size

      4.3MB

    • MD5

      35b8a0221ca6dd2cef4c57c5ecfc44ae

    • SHA1

      09fd6208be9dd7eab3abd020168668e105e65ecd

    • SHA256

      d45d435a278e9ea1729cac26403f2331cba88bc429b997cd5324e20e4fbaa169

    • SHA512

      7b5ba2684e28b3a98f1c6c46baee22124e6c8b8f69909c47365b9b618a5c95a7f940130da5cbb73376686abf028c7611418883e7321a9786913eecc955bc13f9

    • SSDEEP

      98304:87E0g9oYwFf6Wy7MO3b4ddkeFH2x1KBG4fr0mr0wC3:sE05BKj3bNPkHrBC3

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Checks if the internet connection is available

    • Legitimate hosting services abused for malware hosting/C2

    • Reads information about phone network operator.

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks