General
-
Target
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633
-
Size
11.9MB
-
Sample
240815-19jacasflm
-
MD5
f2cc29dad8d228009d8ba0427e80d862
-
SHA1
67833d6b9da1dadd22e523ecd7057e52fa8dcdd0
-
SHA256
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633
-
SHA512
7e6d3c37672c23cd3512fb951e3c184aebf5e6ea99eaafaf6f33731f9dafd9fa953556fd453b2abd5a5a368ba999d30e3fcd1aa952fc48670a8fd38c480c1d51
-
SSDEEP
196608:BV1DluXHrLs5k01rFQRRwanrEheTOFoxSMh6D/OkuJ0Dt0L+4zFzSvu4+9Coq12N:BLDoXLLs57rFUyeqFQ9eOkuJQtuh5F4C
Behavioral task
behavioral1
Sample
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633
-
Size
11.9MB
-
MD5
f2cc29dad8d228009d8ba0427e80d862
-
SHA1
67833d6b9da1dadd22e523ecd7057e52fa8dcdd0
-
SHA256
a1647fd5225a321a2fd16e3a08cc2b4bfed6e645ccc1ab3d854d5ecd9bc3b633
-
SHA512
7e6d3c37672c23cd3512fb951e3c184aebf5e6ea99eaafaf6f33731f9dafd9fa953556fd453b2abd5a5a368ba999d30e3fcd1aa952fc48670a8fd38c480c1d51
-
SSDEEP
196608:BV1DluXHrLs5k01rFQRRwanrEheTOFoxSMh6D/OkuJ0Dt0L+4zFzSvu4+9Coq12N:BLDoXLLs57rFUyeqFQ9eOkuJQtuh5F4C
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
4System Checks
4