Overview

overview

8

Static

static

6

Viber_Mess...om.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Viber_Messenger_v23.6.2.0_MOD_modded-1.com.apk

  • Size

    123.1MB

  • Sample

    240930-tmgdxayaqf

  • MD5

    d5dc57054b0c21aac205193419be3920

  • SHA1

    fc7bf2f91570404c0827c4526b49f26c452b8673

  • SHA256

    c18c09a9f3c23ef66be1691f45bcf92f2243670622e909614c5c8fb8de2377fc

  • SHA512

    450124f8b41f51c0a637121e708bad895f0d3a0d8c7aff581354095cf291045dc090bc8b468b09fa8fd93e9fb38be572a8ab6facffbff49dec9e34217c5151a8

  • SSDEEP

    786432:+3ffXCdEjOgD+96WT3a9NNRqppTG+DxUownipTiAQQQQQQQQQQQQQQQQQQQQQQQp:+3CroTfopT7petj2T7Lyqmpxj2/oz

Score
8/10
androidcollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      Viber_Messenger_v23.6.2.0_MOD_modded-1.com.apk

    • Size

      123.1MB

    • MD5

      d5dc57054b0c21aac205193419be3920

    • SHA1

      fc7bf2f91570404c0827c4526b49f26c452b8673

    • SHA256

      c18c09a9f3c23ef66be1691f45bcf92f2243670622e909614c5c8fb8de2377fc

    • SHA512

      450124f8b41f51c0a637121e708bad895f0d3a0d8c7aff581354095cf291045dc090bc8b468b09fa8fd93e9fb38be572a8ab6facffbff49dec9e34217c5151a8

    • SSDEEP

      786432:+3ffXCdEjOgD+96WT3a9NNRqppTG+DxUownipTiAQQQQQQQQQQQQQQQQQQQQQQQp:+3CroTfopT7petj2T7Lyqmpxj2/oz

    Score
    8/10
    collectioncredential_accessdiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks Android system properties for emulator presence.

      evasion

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the contacts stored on the device.

      collection

    • Reads the content of photos stored on the user's device.

      collection

    • Reads the content of the call log.

      collection

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks