64d34fb27f07b218edaec674fcbb3898cf8b0163fced0c101a23324983d53d98 | Triage

Sharing

General

Target

64D34FB27F07B218EDAEC674FCBB3898CF8B0163FCED0C101A23324983D53D98.apk
Size

4.5MB
Sample

240627-j9jsfatcrn
MD5

c39b1265be1423c94e2954c4abedd167
SHA1

f84dc00d9413fb49fe2b5a2d417af2d5117b5456
SHA256

64d34fb27f07b218edaec674fcbb3898cf8b0163fced0c101a23324983d53d98
SHA512

85430d2d60faac4419641dee0545849b1de3ca94eb608e462935961cb4e434b08a6fe882d44755b093a358eb47208c192151a75b4f7150bda9c5ff568b96fd2c
SSDEEP

98304:PJHC1SPxdqEV4x+4T+EIi2o8OgKQw2v8QwsEj6unR+FZ9lE5N:QSZV4Qmb18m6MMtlI

Score

8^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  64D34FB27F07B218EDAEC674FCBB3898CF8B0163FCED0C101A23324983D53D98.apk
- Size
  
  4.5MB
- MD5
  
  c39b1265be1423c94e2954c4abedd167
- SHA1
  
  f84dc00d9413fb49fe2b5a2d417af2d5117b5456
- SHA256
  
  64d34fb27f07b218edaec674fcbb3898cf8b0163fced0c101a23324983d53d98
- SHA512
  
  85430d2d60faac4419641dee0545849b1de3ca94eb608e462935961cb4e434b08a6fe882d44755b093a358eb47208c192151a75b4f7150bda9c5ff568b96fd2c
- SSDEEP
  
  98304:PJHC1SPxdqEV4x+4T+EIi2o8OgKQw2v8QwsEj6unR+FZ9lE5N:QSZV4Qmb18m6MMtlI
Score

8^/10

discovery evasion persistence collection credential_access impact
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessdiscoveryevasionimpact