General

  • Target

    0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0.zip

  • Size

    13.5MB

  • Sample

    240902-kbeaqswdmp

  • MD5

    e89523b1b78b6496e7e16ced21cea221

  • SHA1

    17ff2697daaa243b9bd648ccf93f11558e612fea

  • SHA256

    c1a3932fcfab6a27b4da47f54ded6039cc1d258b32be8b3d13b94b4f8331469c

  • SHA512

    9944d98072ccf31f5af93edc37a33263ea07489f0943d33fa0362db8738070994ec2ac755ce31133734a21632f878c4c5f425b2506e54a778c0b769a53956e09

  • SSDEEP

    393216:/kl1/i7R7l06dNFCSZj7AcjhiEArG17i2gFAwUE:/sS7GPe7dUrs+NKE

Malware Config

Targets

    • Target

      0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0.apk

    • Size

      16.0MB

    • MD5

      be5e2f074432526ef36156e82bb219cf

    • SHA1

      6cf0b782485e77218710fa024f1c11f122d84f60

    • SHA256

      0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0

    • SHA512

      84633c70391513b388cdaf77634e0c6a60d270be121bfef6d94cbcc5f88e34a929659d13d2f05348e83f56c356be3eb9dc9fc44fbeca8cf6637cc19cba8af845

    • SSDEEP

      393216:yf0YUtNuYwbvbaSafQ0Wejue+95sweOsjIYPaP:y9GNujbDaS4WeaeI5sqC8

    • Checks if the Android device is rooted.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks