79458217354ae2bc62498ee3f61c73662f8b3baf8331a5c8e894ccc86294ae85 | Triage

Sharing

General

Target

1.21.0.03_arm64_patched.apk
Size

259.2MB
Sample

240709-d2cq9swflc
MD5

19f16135542d5ea52b19ca882f87f6ca
SHA1

c069545676c80fc2affd97a17b404958e97c99f0
SHA256

79458217354ae2bc62498ee3f61c73662f8b3baf8331a5c8e894ccc86294ae85
SHA512

09e695411f0e2a001900c4b8138ee14851cd5e668a40d24a8d505e5da9400264cfeb7b9134333e116bfca9035c6511e25faab625b76c9e67ce4b2a8cbaf9180a
SSDEEP

6291456:Jk3Rr3Qcotkqok1Ro/yGFcYndCSSyV8gzVP6ENKz:Jk3x3QcotkqokwyGFtCSrJVyMQ

Score

8^/10

android collection discovery evasion execution persistence

Malware Config

Targets

- Target
  
  1.21.0.03_arm64_patched.apk
- Size
  
  259.2MB
- MD5
  
  19f16135542d5ea52b19ca882f87f6ca
- SHA1
  
  c069545676c80fc2affd97a17b404958e97c99f0
- SHA256
  
  79458217354ae2bc62498ee3f61c73662f8b3baf8331a5c8e894ccc86294ae85
- SHA512
  
  09e695411f0e2a001900c4b8138ee14851cd5e668a40d24a8d505e5da9400264cfeb7b9134333e116bfca9035c6511e25faab625b76c9e67ce4b2a8cbaf9180a
- SSDEEP
  
  6291456:Jk3Rr3Qcotkqok1Ro/yGFcYndCSSyV8gzVP6ENKz:Jk3x3QcotkqokwyGFtCSrJVyMQ
Score

8^/10

collection discovery evasion execution persistence
- Checks if the Android device is rooted.
  evasion
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Acquires the wake lock
- Queries information about active data network
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Stored Application Data

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryevasionexecutionpersistence