antidot | 230f53253482d5c1cbd464b50ef0f05b0f8c12e6215583eb91165074e250801f | Triage

Sharing

General

Target

app-game-release.apk
Size

28.0MB
Sample

240703-1bxebayhlf
MD5

531a999bf01645c501626eb321dbde93
SHA1

60d41ac0eaecdbebce7b3979b48e08097505efed
SHA256

230f53253482d5c1cbd464b50ef0f05b0f8c12e6215583eb91165074e250801f
SHA512

a4087b5148f559f24b116ec7d8807fbeb4d2212b9917c67285afee32c9d6f174e39145c02f514ce379273f2b918ef448e6ef1dc0983da2f34ea5b7f81a2fb372
SSDEEP

786432:JvQVGBbQCZX/lQ+aXTTFDh3MJbzhAjbkVVrGbS:JQUU0XNQRh3CbVIbI9

Score

10^/10

antidot android discovery evasion persistence

Malware Config

Targets

- Target
  
  app-game-release.apk
- Size
  
  28.0MB
- MD5
  
  531a999bf01645c501626eb321dbde93
- SHA1
  
  60d41ac0eaecdbebce7b3979b48e08097505efed
- SHA256
  
  230f53253482d5c1cbd464b50ef0f05b0f8c12e6215583eb91165074e250801f
- SHA512
  
  a4087b5148f559f24b116ec7d8807fbeb4d2212b9917c67285afee32c9d6f174e39145c02f514ce379273f2b918ef448e6ef1dc0983da2f34ea5b7f81a2fb372
- SSDEEP
  
  786432:JvQVGBbQCZX/lQ+aXTTFDh3MJbzhAjbkVVrGbS:JQUU0XNQRh3CbVIbI9
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks Android system properties for emulator presence.
  evasion
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence