General
-
Target
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a
-
Size
10.9MB
-
Sample
241014-ky77bsxdqn
-
MD5
d12c948cd2451ad863baeff25dda3e80
-
SHA1
d649c64ec69c6aff1f53cea52d17e7bc60345e33
-
SHA256
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a
-
SHA512
6b122d12840cf39d5d920ddaa9955f0795ebadea43d85968a48478aa7a4bdcccf542d0cb9af40661ccf5c64259cffbc336036860994c4bae778ce23656474c2b
-
SSDEEP
196608:Pq/DWXKXsxxWXNtRPpzsT05T09y4HteJ6reTag7XHAqk6L+tf2Znr6mXVUvaU0Vs:yKXKXMxW74T05T0jHKaoXetf20mXfU06
Static task
static1
Behavioral task
behavioral1
Sample
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral4
Sample
fuhao.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral5
Sample
fuhao.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral6
Sample
fuhao.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a
-
Size
10.9MB
-
MD5
d12c948cd2451ad863baeff25dda3e80
-
SHA1
d649c64ec69c6aff1f53cea52d17e7bc60345e33
-
SHA256
b59c810d72c17eba8799da50ddab2c1cb8328397525b647f427b312ec789316a
-
SHA512
6b122d12840cf39d5d920ddaa9955f0795ebadea43d85968a48478aa7a4bdcccf542d0cb9af40661ccf5c64259cffbc336036860994c4bae778ce23656474c2b
-
SSDEEP
196608:Pq/DWXKXsxxWXNtRPpzsT05T09y4HteJ6reTag7XHAqk6L+tf2Znr6mXVUvaU0Vs:yKXKXMxW74T05T0jHKaoXetf20mXfU06
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
-
-
Target
fuhao.apk
-
Size
5.6MB
-
MD5
648bb5a0470e1b6de2c18841c26ff0ad
-
SHA1
615d5e28e2076f352d448120916f4e5bbcf84590
-
SHA256
c93cc53666392d60b6d3b5635e8fa8eaf56601ba10b6086d21535e5447389803
-
SHA512
d3b38f5a1efd19f3796776b8bdcd9a016d71e3fa523e423b259b0c4e33a5fcba3958fcf9b949b3776abe457724f79759f133ac529fd59d23c30c472b4a57f33a
-
SSDEEP
98304:MCx1IOrJd9bKViefjr1yNnc33v0eWBEENEzI+CC2Kobh/SaA:jxWG93+nunc38LBPNEzIvCbi/SaA
Score7/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2