General

  • Target

    GTASA AML1.1 FLA6.5.apk

  • Size

    18.2MB

  • Sample

    240604-afhhvafa37

  • MD5

    197d74dd79285809add3392f14231ba6

  • SHA1

    e8877efc655458ac7142fcc82a9afd7478cc2635

  • SHA256

    54c5b2a442be07e22c60155d05f7b6898b76119923bd178bc96fa458a4a00aaa

  • SHA512

    2b04cc3d5c36c7490a2ae0c2ea8a8e63e2cd9ced03e26987556dbb699348d4a71384065d4e2568a4c6602f0b0accf68d9ddf9e111fc94e7ba080c9d8912af541

  • SSDEEP

    393216:nB8gXNdHDKR1FZUIYw5M5FVaRN2uiE6iSuHVsYQ4KJo/RFMt33AhnkCTb78nSUML:B8gXNdmR18IYvaRHNT7Q4WZAhnkCjsSn

Malware Config

Targets

    • Target

      GTASA AML1.1 FLA6.5.apk

    • Size

      18.2MB

    • MD5

      197d74dd79285809add3392f14231ba6

    • SHA1

      e8877efc655458ac7142fcc82a9afd7478cc2635

    • SHA256

      54c5b2a442be07e22c60155d05f7b6898b76119923bd178bc96fa458a4a00aaa

    • SHA512

      2b04cc3d5c36c7490a2ae0c2ea8a8e63e2cd9ced03e26987556dbb699348d4a71384065d4e2568a4c6602f0b0accf68d9ddf9e111fc94e7ba080c9d8912af541

    • SSDEEP

      393216:nB8gXNdHDKR1FZUIYw5M5FVaRN2uiE6iSuHVsYQ4KJo/RFMt33AhnkCTb78nSUML:B8gXNdmR18IYvaRHNT7Q4WZAhnkCjsSn

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Legitimate hosting services abused for malware hosting/C2

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks