General
-
Target
Awis.apk
-
Size
50.6MB
-
Sample
241014-kgpnnaxbnr
-
MD5
551a66eaeca041150d3ad7b97818e1d8
-
SHA1
6a0647685a5ec46577f6a0047a69f1babaec34e4
-
SHA256
efc9046eb845437f48ad0f99b67d2c39c12b5cfb227d50538f74e096bd702d2a
-
SHA512
35d43120524afd1a29c0cda090a7d161c302fc237662d1799b42edba5469347e767276a2c2e1c342a65053d93d3fcf30582f5502c45506d976f6411b0a607196
-
SSDEEP
786432:CAUseE0pJ79dIPtcRQOBjHZyIiAIb30aX:CPE0wcRdHZyIiAIb30aX
Static task
static1
Behavioral task
behavioral1
Sample
Awis.apk
Resource
android-x64-20240624-uk
Behavioral task
behavioral2
Sample
Awis.apk
Resource
android-x64-arm64-20240624-uk
Behavioral task
behavioral3
Sample
Awis.apk
Resource
android-33-x64-arm64-20240910-uk
Malware Config
Targets
-
-
Target
Awis.apk
-
Size
50.6MB
-
MD5
551a66eaeca041150d3ad7b97818e1d8
-
SHA1
6a0647685a5ec46577f6a0047a69f1babaec34e4
-
SHA256
efc9046eb845437f48ad0f99b67d2c39c12b5cfb227d50538f74e096bd702d2a
-
SHA512
35d43120524afd1a29c0cda090a7d161c302fc237662d1799b42edba5469347e767276a2c2e1c342a65053d93d3fcf30582f5502c45506d976f6411b0a607196
-
SSDEEP
786432:CAUseE0pJ79dIPtcRQOBjHZyIiAIb30aX:CPE0wcRdHZyIiAIb30aX
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2