General

  • Target

    Мобільний кур’єр.apk

  • Size

    40.2MB

  • Sample

    241014-kejpmaxblm

  • MD5

    2a294d8d3f1fc0330ac293a7557cd2b3

  • SHA1

    4df861a824e160ceb46e69c2587ad4a6ab34de89

  • SHA256

    a12c5c0e20f1eb7960a2ee411301984b6e70987fb01dad2e7b70518d05a4cf25

  • SHA512

    4b220f8d7c8dbd5b8dc7c6ee8b1035bf4882cd5225bd4a13e188323e309ded192baa9be81b1864d9e5ff0aa10f762d8dc5f7f18bcd2e84df83341d35e15d429a

  • SSDEEP

    786432:kV3oVMk5GtoUTO/1hEAm8jddXpzs6/z5eoIp:kV34MkEoUwWom

Malware Config

Targets

    • Target

      Мобільний кур’єр.apk

    • Size

      40.2MB

    • MD5

      2a294d8d3f1fc0330ac293a7557cd2b3

    • SHA1

      4df861a824e160ceb46e69c2587ad4a6ab34de89

    • SHA256

      a12c5c0e20f1eb7960a2ee411301984b6e70987fb01dad2e7b70518d05a4cf25

    • SHA512

      4b220f8d7c8dbd5b8dc7c6ee8b1035bf4882cd5225bd4a13e188323e309ded192baa9be81b1864d9e5ff0aa10f762d8dc5f7f18bcd2e84df83341d35e15d429a

    • SSDEEP

      786432:kV3oVMk5GtoUTO/1hEAm8jddXpzs6/z5eoIp:kV34MkEoUwWom

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Acquires the wake lock

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks