General
-
Target
Aliucord.apk
-
Size
110.8MB
-
Sample
240618-s52bcstgmk
-
MD5
6edc0b741f73ffc963e1ec4b3d842c5b
-
SHA1
fd33e311d6b12ed466d625ebb66e31cde46f570c
-
SHA256
bfa2fd5ac16c58752f19d6f6800ad09c87f5b4d62cb67c167a4e23158506aafc
-
SHA512
95fa993541baad12924e2dae971240f37a7e8b3664ab8e0dcb26b4706aa8600f91611141ab24feafd18de8a9dedf5539bdd477a5e44c0876e87ebc160abd5056
-
SSDEEP
1572864:GDCCktdz78pr9qZJAQEBlcByxj4Caj+nJqORtgI3AK7bV2K:yCCktdz78VCIBKwHaj+n3tg5IV2K
Static task
static1
Behavioral task
behavioral1
Sample
Aliucord.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
Aliucord.apk
Resource
android-33-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
Aliucord.apk
-
Size
110.8MB
-
MD5
6edc0b741f73ffc963e1ec4b3d842c5b
-
SHA1
fd33e311d6b12ed466d625ebb66e31cde46f570c
-
SHA256
bfa2fd5ac16c58752f19d6f6800ad09c87f5b4d62cb67c167a4e23158506aafc
-
SHA512
95fa993541baad12924e2dae971240f37a7e8b3664ab8e0dcb26b4706aa8600f91611141ab24feafd18de8a9dedf5539bdd477a5e44c0876e87ebc160abd5056
-
SSDEEP
1572864:GDCCktdz78pr9qZJAQEBlcByxj4Caj+nJqORtgI3AK7bV2K:yCCktdz78VCIBKwHaj+n3tg5IV2K
Score8/10-
Checks if the Android device is rooted.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Reads the content of photos stored on the user's device.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Checks the presence of a debugger
-
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
1System Checks
1