General

  • Target

    hexeditor.apk

  • Size

    3.9MB

  • Sample

    240817-hcddqavfpk

  • MD5

    3c7e5465ff66068f00989fdc9acc36e2

  • SHA1

    054d442c7497d220d673d73f6ea9fb4c04cf4707

  • SHA256

    cf2c8d900ff63b7e56d6d994066ef93dc94de5d07c8e8d7806c980fd3e5ce5ea

  • SHA512

    43b42a3fe729b449ac070ef7ed5aacb6ef9e3a3613a1e1b701f7477c6a5b9147e875ebd6e94868ad2dd36665319b4c5508f51714c440af681e89ecb4de849825

  • SSDEEP

    98304:KYtxPuU8bybHSDRSLds+Vx375CoaYHAvtdmbE8Du0ZM7DU4d:KYtxPSbybHSDRAVxLkVoAME8DZM7Df

Malware Config

Targets

    • Target

      hexeditor.apk

    • Size

      3.9MB

    • MD5

      3c7e5465ff66068f00989fdc9acc36e2

    • SHA1

      054d442c7497d220d673d73f6ea9fb4c04cf4707

    • SHA256

      cf2c8d900ff63b7e56d6d994066ef93dc94de5d07c8e8d7806c980fd3e5ce5ea

    • SHA512

      43b42a3fe729b449ac070ef7ed5aacb6ef9e3a3613a1e1b701f7477c6a5b9147e875ebd6e94868ad2dd36665319b4c5508f51714c440af681e89ecb4de849825

    • SSDEEP

      98304:KYtxPuU8bybHSDRSLds+Vx375CoaYHAvtdmbE8Du0ZM7DU4d:KYtxPSbybHSDRAVxLkVoAME8DZM7Df

    • Checks if the Android device is rooted.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

MITRE ATT&CK Mobile v15

Tasks