General
-
Target
94a5076bce7386929eb5a59f2e2c9a8ed6954a81a127b238d06f6bfbe62660f4.bin
-
Size
4.2MB
-
Sample
241018-1zcd2ssfqp
-
MD5
04b3bd3141066913ad86adff56d78bff
-
SHA1
57ab9db092806e770b42d3a32b04538763ba858f
-
SHA256
94a5076bce7386929eb5a59f2e2c9a8ed6954a81a127b238d06f6bfbe62660f4
-
SHA512
f117e98d85b8c706479979140bd85a38863a3c13458019a33b5aed3cc2a09d1891b3165a1eb097a5d3d8cf76e0e47032692867092ec46514523f70d371c98606
-
SSDEEP
98304:JZSn/oTRPREuAZ4gCECoW5ovw8MpdbYdq+UjKgkbrMf:unS5SGEZWqNIk9U2dbrA
Malware Config
Targets
-
-
Target
94a5076bce7386929eb5a59f2e2c9a8ed6954a81a127b238d06f6bfbe62660f4.bin
-
Size
4.2MB
-
MD5
04b3bd3141066913ad86adff56d78bff
-
SHA1
57ab9db092806e770b42d3a32b04538763ba858f
-
SHA256
94a5076bce7386929eb5a59f2e2c9a8ed6954a81a127b238d06f6bfbe62660f4
-
SHA512
f117e98d85b8c706479979140bd85a38863a3c13458019a33b5aed3cc2a09d1891b3165a1eb097a5d3d8cf76e0e47032692867092ec46514523f70d371c98606
-
SSDEEP
98304:JZSn/oTRPREuAZ4gCECoW5ovw8MpdbYdq+UjKgkbrMf:unS5SGEZWqNIk9U2dbrA
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-