af2fe81165ae6f9c3048ceadf1b43b6490c3a79121e9fc6fb0d62ca7e99e6ba4 | Triage

Sharing

General

Target

AF2FE81165AE6F9C3048CEADF1B43B6490C3A79121E9FC6FB0D62CA7E99E6BA4.apk
Size

3.2MB
Sample

240627-kekxpa1gnb
MD5

8d3b87db47fcd601bbadfb12621c86f4
SHA1

6d81952dc822d2c5d8834b6b882692d28711a31e
SHA256

af2fe81165ae6f9c3048ceadf1b43b6490c3a79121e9fc6fb0d62ca7e99e6ba4
SHA512

a808b897feb283989928da49809902dd9cb785bb682d59d648c0e7609848d09ee37572c1ef579d1e7de0b8662f905aa40d09e79be0758f3d229f7116494b77f2
SSDEEP

98304:chsQY/kKV8zIb4jV/nYfTh1XDhe7EJIXvgfxc:FQYvVlkjtgFe7EWXIfxc

Score

8^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  AF2FE81165AE6F9C3048CEADF1B43B6490C3A79121E9FC6FB0D62CA7E99E6BA4.apk
- Size
  
  3.2MB
- MD5
  
  8d3b87db47fcd601bbadfb12621c86f4
- SHA1
  
  6d81952dc822d2c5d8834b6b882692d28711a31e
- SHA256
  
  af2fe81165ae6f9c3048ceadf1b43b6490c3a79121e9fc6fb0d62ca7e99e6ba4
- SHA512
  
  a808b897feb283989928da49809902dd9cb785bb682d59d648c0e7609848d09ee37572c1ef579d1e7de0b8662f905aa40d09e79be0758f3d229f7116494b77f2
- SSDEEP
  
  98304:chsQY/kKV8zIb4jV/nYfTh1XDhe7EJIXvgfxc:FQYvVlkjtgFe7EWXIfxc
Score

8^/10

discovery persistence collection credential_access evasion impact
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoverypersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessdiscoveryevasionimpact