General

  • Target

    app-release.apk

  • Size

    10.7MB

  • Sample

    241014-xa4kfszfjf

  • MD5

    efc557ce9531e9aa5213984965565a2e

  • SHA1

    8dd1787ae81bd954ebd15b245bda8369684c8f4b

  • SHA256

    a54bf9c7ea17bedf3ed32fd1f3f8794d76e5f281334820b8e34381e6fdfff1a0

  • SHA512

    716673f745b74616cf531295df2de9d33f4d9e8b1bb6fe1d8530eadb685c604f172088175c2d06da657e04f9b98b6396b7c16c31f4995f90ac6d5dcb6741150a

  • SSDEEP

    196608:id/zxZh1lQRSvHmsPmpFtIsV8EBlRMC3PBdZ/oQ0Akx7qUeGsiQ:idbh4dv+Ve8mPBdRoQ0MUeGi

Malware Config

Targets

    • Target

      app-release.apk

    • Size

      10.7MB

    • MD5

      efc557ce9531e9aa5213984965565a2e

    • SHA1

      8dd1787ae81bd954ebd15b245bda8369684c8f4b

    • SHA256

      a54bf9c7ea17bedf3ed32fd1f3f8794d76e5f281334820b8e34381e6fdfff1a0

    • SHA512

      716673f745b74616cf531295df2de9d33f4d9e8b1bb6fe1d8530eadb685c604f172088175c2d06da657e04f9b98b6396b7c16c31f4995f90ac6d5dcb6741150a

    • SSDEEP

      196608:id/zxZh1lQRSvHmsPmpFtIsV8EBlRMC3PBdZ/oQ0Akx7qUeGsiQ:idbh4dv+Ve8mPBdRoQ0MUeGi

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks