General

  • Target

    PurpleTV_2.4_r2(1).apk

  • Size

    187.8MB

  • Sample

    241016-cqb5xsxflh

  • MD5

    e8619ddc87ce54b19b257f2a7fc3f487

  • SHA1

    9bc6d6ed02c6652571d3b15fa3df850572164b79

  • SHA256

    669c3512125de2b704d0b1063fc779e9cc7fe73eed8e5a618444f161e43f4361

  • SHA512

    954a6eed717af8bf360958af8e683d8f896123eade82c7b86c7f0dce778b54f18ae82755143248f0942c34e6405734b5fd1db89ce56a0318d69f2b7bbc84697f

  • SSDEEP

    3145728:nyr3Me23TzQkzbztlA8ipGaqShVL6vRsxCz/AP+/xDJ+:nyruH3/zDA8ipcW+Jskh/xDJ+

Malware Config

Targets

    • Target

      PurpleTV_2.4_r2(1).apk

    • Size

      187.8MB

    • MD5

      e8619ddc87ce54b19b257f2a7fc3f487

    • SHA1

      9bc6d6ed02c6652571d3b15fa3df850572164b79

    • SHA256

      669c3512125de2b704d0b1063fc779e9cc7fe73eed8e5a618444f161e43f4361

    • SHA512

      954a6eed717af8bf360958af8e683d8f896123eade82c7b86c7f0dce778b54f18ae82755143248f0942c34e6405734b5fd1db89ce56a0318d69f2b7bbc84697f

    • SSDEEP

      3145728:nyr3Me23TzQkzbztlA8ipGaqShVL6vRsxCz/AP+/xDJ+:nyruH3/zDA8ipcW+Jskh/xDJ+

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Queries information about active data network

MITRE ATT&CK Mobile v15

Tasks