General
-
Target
hack-app-data.apk
-
Size
6.4MB
-
Sample
240807-f53g7ssdmn
-
MD5
2a19b8bcfd9dfa131f495b127df0bf32
-
SHA1
e97b2b52cfc96a28a46cf615c69d74f4e1731a79
-
SHA256
540036d3f23c660326a4f4399f5ec3b50beaec69cf1bc2b6a3ac87d52ec132bc
-
SHA512
00c23970ebc98499eaa59f6269dbcb35f74678077d3bba25bfbc030fc735e9bb570bb8252f46087804acbe95c9cd619dc1d29d3b705a39652ca7b8b59b23642b
-
SSDEEP
196608:mJWuz0Ip2Emygq7JbchJiiTWjCA03ZtWFW:mpz3p2EQq7hcpdtT
Malware Config
Targets
-
-
Target
hack-app-data.apk
-
Size
6.4MB
-
MD5
2a19b8bcfd9dfa131f495b127df0bf32
-
SHA1
e97b2b52cfc96a28a46cf615c69d74f4e1731a79
-
SHA256
540036d3f23c660326a4f4399f5ec3b50beaec69cf1bc2b6a3ac87d52ec132bc
-
SHA512
00c23970ebc98499eaa59f6269dbcb35f74678077d3bba25bfbc030fc735e9bb570bb8252f46087804acbe95c9cd619dc1d29d3b705a39652ca7b8b59b23642b
-
SSDEEP
196608:mJWuz0Ip2Emygq7JbchJiiTWjCA03ZtWFW:mpz3p2EQq7hcpdtT
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1