afd3071567cef205e0c5c0d15e03f5d687b288b8aa9f2cc427d2af6c2346a161

Resubmissions

03-07-2024 22:10

240703-13hp8szerb 8

03-07-2024 20:22

240703-y5s8msxfrc 8

Sharing

Copy URL

Twitter E-mail

General

Target

18055337421.zip
Size

5.3MB
Sample

240703-y5s8msxfrc
MD5

8f39ab65771bde5dcf2f5d340de8c400
SHA1

af98269a8baf2f13ac87ca7dce0f7fe4f9236f44
SHA256

afd3071567cef205e0c5c0d15e03f5d687b288b8aa9f2cc427d2af6c2346a161
SHA512

fcf77e427f584c5c11511899d1ef05ea08126e954190004c75ac16d808b5a678c8c9b43c06755c5efe77cf7f837e1811febdec35bb6079bf290a280690de343b
SSDEEP

98304:LDDijn+F0SEu5GKIi8txowcI39O6XolpLE/35HgNxcC7C:LDCU0SpHT8txqm9O6YbLW35AICG

Score

8^/10

Malware Config

Targets

- Target
  
  40c3265fc0c4c11a794db83e6b34c97899c91ea7f74501287548e1b8724306fc
- Size
  
  3.2MB
- MD5
  
  9cfa43698582e8e4f8a4411b627b5900
- SHA1
  
  1fa961e710c8f6db15615132d11ef1888b31d0a2
- SHA256
  
  40c3265fc0c4c11a794db83e6b34c97899c91ea7f74501287548e1b8724306fc
- SHA512
  
  9c2cd73e20c5bcd2183bab8471dda306fca274afb3f787326a87a06307ca1b0e8e8579badbddc0d36872187591aed78c448293b3ed475401a071dce1085871de
- SSDEEP
  
  49152:M0xrsBBdFjDaONx+kJKt812WB0XPVAQI8HP7gA0v5DZQ5SmNZSabYdURbSKTvg7q:Rsnd4S/ZafV9vPY5USm7SeeUapttJ2
Score

7^/10

discovery persistence collection credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3
- Target
  
  80c5d3b12385ae9255aaa4732a35eb352e2d09b7361462d059f6212c067d930f
- Size
  
  1.2MB
- MD5
  
  8b1cc053bc3bd45543548de89ed678bc
- SHA1
  
  c6723ccfa5e6f3f166012f2784f1779eff9fa86e
- SHA256
  
  80c5d3b12385ae9255aaa4732a35eb352e2d09b7361462d059f6212c067d930f
- SHA512
  
  af34a1fd90216a14deacf9a42b2c799fe50a097783bea28c734ca1a92c39616fc49b2eae9a128319777fc462f22a21edc0b82e5cf5414af2bb8097b7159e56db
- SSDEEP
  
  24576:e06szS5DvTcSmksiRYfZw8WlzPTyBALHCfwEQPsz1vE+yF1KTEggt:eFEYlYxw8UnyBu1EL03ggt
Score

7^/10

discovery evasion impact persistence collection credential_access
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
behavioral4 behavioral5 behavioral6
- Target
  
  f802b8b26060f5b1192179b085035c3eb0aebc9c83b6a29dbd6f7f998f391ee4
- Size
  
  1.2MB
- MD5
  
  1f5f8a2310d497225e67470bc796e4ee
- SHA1
  
  332d57b8d6ef40deb7882accfef5df3b2fb2b80b
- SHA256
  
  f802b8b26060f5b1192179b085035c3eb0aebc9c83b6a29dbd6f7f998f391ee4
- SHA512
  
  b3f742a01adfc3346c6e596896b82fef5c3575ff3374a29debd30a02cb6af0393fc5373a91e49faf417cec221a425f502781271f466f6c88e844752970aec3d3
- SSDEEP
  
  24576:G8KcQYAHjY+6bZQlY2C9C5kb6jMSo2fOlGjD2SYK6y49wsM7kwbkY:G8xAHjYkWj9RGjMSoidsCsM7F
Score

8^/10

discovery evasion impact persistence collection credential_access
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral7 behavioral8 behavioral9