General
-
Target
legion_anime_66.apk
-
Size
26.9MB
-
Sample
240925-tnr7ssvbmj
-
MD5
f2f58be6ce3a0788f0df6d9072d0d750
-
SHA1
6e796d654ea41bc6df55a693187cbd496d1a4d73
-
SHA256
10781f708b988be37cc796901d19cddf1422fccbff49917d41d9a3d6226e67ce
-
SHA512
93eb47d4f76f5f121c39e9c50cbcdf21829aeae2807a16af32331bcd4612a973e56f38cd59998e0b2d9bbced73de4d83556fb159d7c963bef9f61573d57aaf41
-
SSDEEP
786432:JLZtr61ip3afTgiJviOgMXPSv5sd7095Pchtd:vN6SKfJKOg4PShGNtd
Malware Config
Targets
-
-
Target
legion_anime_66.apk
-
Size
26.9MB
-
MD5
f2f58be6ce3a0788f0df6d9072d0d750
-
SHA1
6e796d654ea41bc6df55a693187cbd496d1a4d73
-
SHA256
10781f708b988be37cc796901d19cddf1422fccbff49917d41d9a3d6226e67ce
-
SHA512
93eb47d4f76f5f121c39e9c50cbcdf21829aeae2807a16af32331bcd4612a973e56f38cd59998e0b2d9bbced73de4d83556fb159d7c963bef9f61573d57aaf41
-
SSDEEP
786432:JLZtr61ip3afTgiJviOgMXPSv5sd7095Pchtd:vN6SKfJKOg4PShGNtd
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
1System Checks
1