antidot | dd5c87b925a0c29b9f7767c7e4704a50d91aee0db428cdf25ca87f1ca9b66172 | Triage

Sharing

General

Target

hotmoviesv3.618adultcontentpremiummodapkcrackshash.apk
Size

5.3MB
Sample

240918-w5d3lsxanr
MD5

65e0a4f776a2c8c2da5bead2b983c10f
SHA1

04fbdefecfbd10cbb79082d60d2cc6ef657c6c51
SHA256

dd5c87b925a0c29b9f7767c7e4704a50d91aee0db428cdf25ca87f1ca9b66172
SHA512

b061fce29d06d91b54ebaaa2213d22f596eeb442b979b982f5a3e868a22e0a358891ae299e910de39b2e063ec149225babbdb72ba4fae294bccdc0b669c4fa0d
SSDEEP

98304:e7a517r0+hh0xvIpRIZKR7ls25aQlQ9btgx4S1XX+OCvibXXWRwBmOQzJOmjMq:aC17rbgGHZmQ40XXieN6Mq

Score

10^/10

antidot android discovery evasion execution persistence

Malware Config

Targets

- Target
  
  hotmoviesv3.618adultcontentpremiummodapkcrackshash.apk
- Size
  
  5.3MB
- MD5
  
  65e0a4f776a2c8c2da5bead2b983c10f
- SHA1
  
  04fbdefecfbd10cbb79082d60d2cc6ef657c6c51
- SHA256
  
  dd5c87b925a0c29b9f7767c7e4704a50d91aee0db428cdf25ca87f1ca9b66172
- SHA512
  
  b061fce29d06d91b54ebaaa2213d22f596eeb442b979b982f5a3e868a22e0a358891ae299e910de39b2e063ec149225babbdb72ba4fae294bccdc0b669c4fa0d
- SSDEEP
  
  98304:e7a517r0+hh0xvIpRIZKR7ls25aQlQ9btgx4S1XX+OCvibXXWRwBmOQzJOmjMq:aC17rbgGHZmQ40XXieN6Mq
Score

8^/10

discovery evasion execution persistence
- Checks if the Android device is rooted.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionexecutionpersistence

behavioral2

discoveryevasionpersistence

behavioral3

discoveryevasion