General
-
Target
coocoo_whatsapp_WhatsAppGold_11971059_defalult_202306292034.apk
-
Size
77.2MB
-
Sample
240610-jcgltaee99
-
MD5
d59ed6167c900e44b0843b1bf0244379
-
SHA1
aa9ebf75f22d8daed955fc6ef8e198e4a455e826
-
SHA256
49fae67ce10a313c55609623186900dd36b2e479bb2ecd3b49e562dcf74d907b
-
SHA512
915059ad7fb84ba09ca1b9d46511c2628f2f85a6b06eb838582da75f1e20a1db43fc1a5b39497b08b2d39351b104c36824e1484556553c3952980bf00c60f8a1
-
SSDEEP
1572864:RwlVlUCxdGRXyt/at6Gb9JKZisc1HImbYZZW+jAthXoZCjrXS0O9kUxyy:R8/GRXytSt6GfK8skHIKYZZWpthXwGXU
Behavioral task
behavioral1
Sample
coocoo_whatsapp_WhatsAppGold_11971059_defalult_202306292034.apk
Resource
android-x86-arm-20240603-en
Malware Config
Targets
-
-
Target
coocoo_whatsapp_WhatsAppGold_11971059_defalult_202306292034.apk
-
Size
77.2MB
-
MD5
d59ed6167c900e44b0843b1bf0244379
-
SHA1
aa9ebf75f22d8daed955fc6ef8e198e4a455e826
-
SHA256
49fae67ce10a313c55609623186900dd36b2e479bb2ecd3b49e562dcf74d907b
-
SHA512
915059ad7fb84ba09ca1b9d46511c2628f2f85a6b06eb838582da75f1e20a1db43fc1a5b39497b08b2d39351b104c36824e1484556553c3952980bf00c60f8a1
-
SSDEEP
1572864:RwlVlUCxdGRXyt/at6Gb9JKZisc1HImbYZZW+jAthXoZCjrXS0O9kUxyy:R8/GRXytSt6GfK8skHIKYZZWpthXwGXU
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Acquires the wake lock
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
3System Checks
3