General
-
Target
xiaoji_1.8.15.apk
-
Size
153.0MB
-
Sample
241015-wwkh2ayhla
-
MD5
e2fa3c03fa93ad23b919045b52c849f3
-
SHA1
5b1c97bc5d3e5d3b766b34a14dfc02067e455281
-
SHA256
05c0d01cc79838578f1ebdf32702c6615f26695261040203b7bea21879e8727b
-
SHA512
61a3435e7be6449e8b5ef59968adbe1b2aa0fd1c645cc19a238ffe05658b2de1a9a0590c4fae18dc9e68d94d96cea21a22e94c6be36791eef5fe8b24d22e96c7
-
SSDEEP
3145728:tbOCTIOT/y5+vbA8FsVonPxy1b1WH2XBsZGpzzxllEb0VvzDb:/J65CbA8bJyPLX8G1SAVv7
Behavioral task
behavioral1
Sample
xiaoji_1.8.15.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
xiaoji_1.8.15.apk
Resource
android-x64-20240624-en
Malware Config
Targets
-
-
Target
xiaoji_1.8.15.apk
-
Size
153.0MB
-
MD5
e2fa3c03fa93ad23b919045b52c849f3
-
SHA1
5b1c97bc5d3e5d3b766b34a14dfc02067e455281
-
SHA256
05c0d01cc79838578f1ebdf32702c6615f26695261040203b7bea21879e8727b
-
SHA512
61a3435e7be6449e8b5ef59968adbe1b2aa0fd1c645cc19a238ffe05658b2de1a9a0590c4fae18dc9e68d94d96cea21a22e94c6be36791eef5fe8b24d22e96c7
-
SSDEEP
3145728:tbOCTIOT/y5+vbA8FsVonPxy1b1WH2XBsZGpzzxllEb0VvzDb:/J65CbA8bJyPLX8G1SAVv7
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Checks the presence of a debugger
-
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2