General

  • Target

    coocoo_whatsapp_WhatsAppGold_11971059_defalult_202306292034.apk

  • Size

    77.2MB

  • Sample

    240611-m7emgsvfjl

  • MD5

    d59ed6167c900e44b0843b1bf0244379

  • SHA1

    aa9ebf75f22d8daed955fc6ef8e198e4a455e826

  • SHA256

    49fae67ce10a313c55609623186900dd36b2e479bb2ecd3b49e562dcf74d907b

  • SHA512

    915059ad7fb84ba09ca1b9d46511c2628f2f85a6b06eb838582da75f1e20a1db43fc1a5b39497b08b2d39351b104c36824e1484556553c3952980bf00c60f8a1

  • SSDEEP

    1572864:RwlVlUCxdGRXyt/at6Gb9JKZisc1HImbYZZW+jAthXoZCjrXS0O9kUxyy:R8/GRXytSt6GfK8skHIKYZZWpthXwGXU

Malware Config

Targets

    • Target

      coocoo_whatsapp_WhatsAppGold_11971059_defalult_202306292034.apk

    • Size

      77.2MB

    • MD5

      d59ed6167c900e44b0843b1bf0244379

    • SHA1

      aa9ebf75f22d8daed955fc6ef8e198e4a455e826

    • SHA256

      49fae67ce10a313c55609623186900dd36b2e479bb2ecd3b49e562dcf74d907b

    • SHA512

      915059ad7fb84ba09ca1b9d46511c2628f2f85a6b06eb838582da75f1e20a1db43fc1a5b39497b08b2d39351b104c36824e1484556553c3952980bf00c60f8a1

    • SSDEEP

      1572864:RwlVlUCxdGRXyt/at6Gb9JKZisc1HImbYZZW+jAthXoZCjrXS0O9kUxyy:R8/GRXytSt6GfK8skHIKYZZWpthXwGXU

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks