cd810f409bab3f549797d70798ff32d3b3afd2b814540d40c442ef59960d4275 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

exteraGram-arm64-v8a-01012024.apk
Size

43.2MB
Sample

240901-qhh56a1glm
MD5

68cbbb85ea030ea79d323f2fe62975b2
SHA1

0cdf498b81aa171c4298c7cf3b7311a9ced9c616
SHA256

cd810f409bab3f549797d70798ff32d3b3afd2b814540d40c442ef59960d4275
SHA512

9c081dfb9b0fc2ab2985095ed7f8659ca75097ddae31c765d311cf539a5b5841b940ab7abe14f1dd35882ec2e88c02eacffbafbc551d3c02afb109654b01e02e
SSDEEP

786432:IxI/2iu/mvhxSTvSGWD0VIqrW75N4gtiqhH3E54KsHqnII4DpBNChCpTid:X3STvVWI/oUgHX0a4ov66id

Score

8^/10

android discovery evasion

Malware Config

Targets

- Target
  
  exteraGram-arm64-v8a-01012024.apk
- Size
  
  43.2MB
- MD5
  
  68cbbb85ea030ea79d323f2fe62975b2
- SHA1
  
  0cdf498b81aa171c4298c7cf3b7311a9ced9c616
- SHA256
  
  cd810f409bab3f549797d70798ff32d3b3afd2b814540d40c442ef59960d4275
- SHA512
  
  9c081dfb9b0fc2ab2985095ed7f8659ca75097ddae31c765d311cf539a5b5841b940ab7abe14f1dd35882ec2e88c02eacffbafbc551d3c02afb109654b01e02e
- SSDEEP
  
  786432:IxI/2iu/mvhxSTvSGWD0VIqrW75N4gtiqhH3E54KsHqnII4DpBNChCpTid:X3STvVWI/oUgHX0a4ov66id
Score

8^/10

discovery evasion
- Checks if the Android device is rooted.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion