1f43db7e5c26f753fee5e4528edd80f52b62cd00de8e8d7062d8cc05bd8634d3 | Triage

Sharing

General

Target

Platinum.ibispaintx.app_12.2.4_modded.apk
Size

77.2MB
Sample

241003-mpwhaazgrc
MD5

a05cc33f303a024d093f6e4aa6ee65d9
SHA1

1bf7786aac308fcdb7fbdf46761e4d3019f282c0
SHA256

1f43db7e5c26f753fee5e4528edd80f52b62cd00de8e8d7062d8cc05bd8634d3
SHA512

c1d021e0af9297435d6c2f20b0ddf18265853be5637253a35ddc491d06b57d2827771ab81d886022ea08315cbe60f78c254f484f3a05c429b5ee1f62504c9252
SSDEEP

1572864:PuX7gLuiLsXKahYi05R0VYB2uwfbIsejwQ91A/LLsxuYbXgz:mLJiLs6bFROYB2uwfbIvU0evsxTbq

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  Platinum.ibispaintx.app_12.2.4_modded.apk
- Size
  
  77.2MB
- MD5
  
  a05cc33f303a024d093f6e4aa6ee65d9
- SHA1
  
  1bf7786aac308fcdb7fbdf46761e4d3019f282c0
- SHA256
  
  1f43db7e5c26f753fee5e4528edd80f52b62cd00de8e8d7062d8cc05bd8634d3
- SHA512
  
  c1d021e0af9297435d6c2f20b0ddf18265853be5637253a35ddc491d06b57d2827771ab81d886022ea08315cbe60f78c254f484f3a05c429b5ee1f62504c9252
- SSDEEP
  
  1572864:PuX7gLuiLsXKahYi05R0VYB2uwfbIsejwQ91A/LLsxuYbXgz:mLJiLs6bFROYB2uwfbIvU0evsxTbq
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence