General
-
Target
app-release (2).apk
-
Size
10.8MB
-
Sample
240825-bdhlhazcnd
-
MD5
b050ca35284f8f18ae40df60019c1af5
-
SHA1
48cf04186423649722c62cea18d6ef4a68fd5e8a
-
SHA256
b198fa81ccf06c24db1ec382b094283a0ec0b7802c2472dc96cfad1128f421b6
-
SHA512
a653951ad91d729d7970f9e434cf98a86069fc5b24917a04a6723a3d8ada3723d5b3453bde0f9787831ac214fb39e2648ab8e86bd857e9b93867ff8a37579805
-
SSDEEP
196608:mPtQMO0OBsAXkhD8j5UBlROcGjUU4q36nqPElXIGraV7qUet47Mt:mlQRFkhD8jA+lQqKnqPodPUetj
Malware Config
Targets
-
-
Target
app-release (2).apk
-
Size
10.8MB
-
MD5
b050ca35284f8f18ae40df60019c1af5
-
SHA1
48cf04186423649722c62cea18d6ef4a68fd5e8a
-
SHA256
b198fa81ccf06c24db1ec382b094283a0ec0b7802c2472dc96cfad1128f421b6
-
SHA512
a653951ad91d729d7970f9e434cf98a86069fc5b24917a04a6723a3d8ada3723d5b3453bde0f9787831ac214fb39e2648ab8e86bd857e9b93867ff8a37579805
-
SSDEEP
196608:mPtQMO0OBsAXkhD8j5UBlROcGjUU4q36nqPElXIGraV7qUet47Mt:mlQRFkhD8jA+lQqKnqPodPUetj
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3