e78a8dff098c31bbbaa3f2f6321dc9d99a5dfb14278b0936169b590b737fa78b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

E78A8DFF098C31BBBAA3F2F6321DC9D99A5DFB14278B0936169B590B737FA78B.apk
Size

9.0MB
Sample

240627-j8rfwstckk
MD5

5a600a4de059b271fa8fc71206f8c91a
SHA1

eaf5035ed3017e1ee4c2853328adec7f20a4d2e1
SHA256

e78a8dff098c31bbbaa3f2f6321dc9d99a5dfb14278b0936169b590b737fa78b
SHA512

99bb188ca400be26c340976ba010864a886e8930adbf13f31c4b5c85033714fa94c9cbc76a6af7e0dd0168a92b4358477519ae015c40c9816d05f5a1a2640ae8
SSDEEP

196608:DYiOSyuYlCuJFbNuxe6ejx5YO7RRlxPxpYvY2aq7fELyiqegaJMwLfCSQwxyouf:DTyLCucM6IoOfxp07gFqNajLCSQwTuf

Score

8^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  E78A8DFF098C31BBBAA3F2F6321DC9D99A5DFB14278B0936169B590B737FA78B.apk
- Size
  
  9.0MB
- MD5
  
  5a600a4de059b271fa8fc71206f8c91a
- SHA1
  
  eaf5035ed3017e1ee4c2853328adec7f20a4d2e1
- SHA256
  
  e78a8dff098c31bbbaa3f2f6321dc9d99a5dfb14278b0936169b590b737fa78b
- SHA512
  
  99bb188ca400be26c340976ba010864a886e8930adbf13f31c4b5c85033714fa94c9cbc76a6af7e0dd0168a92b4358477519ae015c40c9816d05f5a1a2640ae8
- SSDEEP
  
  196608:DYiOSyuYlCuJFbNuxe6ejx5YO7RRlxPxpYvY2aq7fELyiqegaJMwLfCSQwxyouf:DTyLCucM6IoOfxp07gFqNajLCSQwTuf
Score

8^/10

discovery evasion impact persistence collection credential_access
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpact