General
-
Target
app1211684.apk
-
Size
12.2MB
-
Sample
240625-mwp9vayaqq
-
MD5
0c9685834174ec73159ce161da226907
-
SHA1
a205e808f00cae2bc00bda93906ed7eaa5e8b87c
-
SHA256
0cc56d2add55c6584921e8454308718b9f9e43bde581d8afd7e4d1a65bf6d3a4
-
SHA512
7e6bbef4acd6c030e45b42ef2c27cb5ea3e274098d3e344ed539357453c475eb4a4eae34394012fdaf41439869df34035010c190bfb644161364efd1841e5bcb
-
SSDEEP
196608:Uyd7pyOZ2AWlYijEnqV5CEfkzfZdXtw6TMxKvgOgajUwtCkZnqEcWtpUh:Ui7E4mZjq5Dtwc5vgsjUV
Malware Config
Targets
-
-
Target
app1211684.apk
-
Size
12.2MB
-
MD5
0c9685834174ec73159ce161da226907
-
SHA1
a205e808f00cae2bc00bda93906ed7eaa5e8b87c
-
SHA256
0cc56d2add55c6584921e8454308718b9f9e43bde581d8afd7e4d1a65bf6d3a4
-
SHA512
7e6bbef4acd6c030e45b42ef2c27cb5ea3e274098d3e344ed539357453c475eb4a4eae34394012fdaf41439869df34035010c190bfb644161364efd1841e5bcb
-
SSDEEP
196608:Uyd7pyOZ2AWlYijEnqV5CEfkzfZdXtw6TMxKvgOgajUwtCkZnqEcWtpUh:Ui7E4mZjq5Dtwc5vgsjUV
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3