fe9f351cdfc63e22263e05af489538ced6b0891afdf8d778128849275344c6a5 | Triage

Resubmissions

14-09-2024 16:34

240914-t3a7tstcml 6

14-09-2024 16:33

240914-t2ylqstgph 7

14-09-2024 16:32

240914-t2ehvstbrp 6

14-09-2024 16:32

240914-t128jatgmd 7

Sharing

General

Target

kanade-armeabi-v7a-v0.5.0.apk
Size

9.9MB
Sample

240914-t2ylqstgph
MD5

1c139a009f71675a9fe4cf8b5b54a5c2
SHA1

8deb9f4739597aa8554e919a8364cecdb7183390
SHA256

fe9f351cdfc63e22263e05af489538ced6b0891afdf8d778128849275344c6a5
SHA512

8c9d40e95c752a553e5d3252c016e7fbe4a1705d40dbb5ad2760b5c357a25fa14697f3d43685535d757519e914d9804ab058aa4733866044e4a49311a6c1d0bb
SSDEEP

196608:puEnHcv9OBK/f8CDG6LGPqqIZV5sRdzpjE8cTKxk0hbQ444F9rR/NzeiREF+R:pu2cv9OBK38CCWn5Ap7c2o44CxRRa+R

Score

7^/10

android banker discovery persistence

Malware Config

Targets

- Target
  
  kanade-armeabi-v7a-v0.5.0.apk
- Size
  
  9.9MB
- MD5
  
  1c139a009f71675a9fe4cf8b5b54a5c2
- SHA1
  
  8deb9f4739597aa8554e919a8364cecdb7183390
- SHA256
  
  fe9f351cdfc63e22263e05af489538ced6b0891afdf8d778128849275344c6a5
- SHA512
  
  8c9d40e95c752a553e5d3252c016e7fbe4a1705d40dbb5ad2760b5c357a25fa14697f3d43685535d757519e914d9804ab058aa4733866044e4a49311a6c1d0bb
- SSDEEP
  
  196608:puEnHcv9OBK/f8CDG6LGPqqIZV5sRdzpjE8cTKxk0hbQ444F9rR/NzeiREF+R:pu2cv9OBK38CCWn5Ap7c2o44CxRRa+R
Score

7^/10

banker discovery persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoverypersistence