General
-
Target
KamaaiKendra_148628320.apk
-
Size
31.3MB
-
Sample
241007-njkz2asgkm
-
MD5
a1f2686c1f84c59389095e1220b4fdbf
-
SHA1
4c00dd7854c0eea150992e8f25d5f4f78a17d738
-
SHA256
41387d78110630216add720b823a1510b8d5784f4a16fd9a9376723d8c7f2e48
-
SHA512
554d8b22cf6b6ed9910ae4618843d5d8d91475fb1f692355089b81e3da04d23cae33b80b4eeef851c89bc9906060f2681b8918fb7f5acb42a1f0921e901db771
-
SSDEEP
786432:NjdmigMXDuCaIL+Bo/LIZVKXeF9TN6Joy:NR3PKPIOo/kZLF98p
Malware Config
Targets
-
-
Target
KamaaiKendra_148628320.apk
-
Size
31.3MB
-
MD5
a1f2686c1f84c59389095e1220b4fdbf
-
SHA1
4c00dd7854c0eea150992e8f25d5f4f78a17d738
-
SHA256
41387d78110630216add720b823a1510b8d5784f4a16fd9a9376723d8c7f2e48
-
SHA512
554d8b22cf6b6ed9910ae4618843d5d8d91475fb1f692355089b81e3da04d23cae33b80b4eeef851c89bc9906060f2681b8918fb7f5acb42a1f0921e901db771
-
SSDEEP
786432:NjdmigMXDuCaIL+Bo/LIZVKXeF9TN6Joy:NR3PKPIOo/kZLF98p
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2