0789c62609e473d37e99e0370a3654f06867f06bb49779bddcf450fe3b22c370 | Triage

Resubmissions

15/09/2024, 04:51

240915-fg1cyawfpc 8

Sharing

Copy URL Twitter E-mail

General

Target

anilab-latest.apk
Size

17.3MB
Sample

240915-fg1cyawfpc
MD5

15dd11ebf0949a950ad522eb84279a2f
SHA1

9342130543bc4987cb12148fd1064f45e7df4fa0
SHA256

0789c62609e473d37e99e0370a3654f06867f06bb49779bddcf450fe3b22c370
SHA512

98935ada32bb59e1d74a78ffd980c70080b132a9e4e9d38988c4323ca13ed3e23a8879be61b67d3b23daea50e8d49b45ceb2705a3042d5af615bd64a16056f41
SSDEEP

196608:st7kvKs34iHv92yNr1+7XPLxxjGkKilmiNEbNcDnD+YnOMYkAkmGF:sBkSpe2+r1+LV/lJyWCr9A

Score

8^/10

android discovery evasion execution impact persistence

Malware Config

Targets

- Target
  
  anilab-latest.apk
- Size
  
  17.3MB
- MD5
  
  15dd11ebf0949a950ad522eb84279a2f
- SHA1
  
  9342130543bc4987cb12148fd1064f45e7df4fa0
- SHA256
  
  0789c62609e473d37e99e0370a3654f06867f06bb49779bddcf450fe3b22c370
- SHA512
  
  98935ada32bb59e1d74a78ffd980c70080b132a9e4e9d38988c4323ca13ed3e23a8879be61b67d3b23daea50e8d49b45ceb2705a3042d5af615bd64a16056f41
- SSDEEP
  
  196608:st7kvKs34iHv92yNr1+7XPLxxjGkKilmiNEbNcDnD+YnOMYkAkmGF:sBkSpe2+r1+LV/lJyWCr9A
Score

8^/10

discovery evasion execution impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionexecutionimpactpersistence