Overview

overview

10

Static

static

10

698ce6345e...b1.apk

android-9-x86

8

698ce6345e...b1.apk

android-10-x64

8

698ce6345e...b1.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    698ce6345e26bbba3e3bb6a9e78bc26f80ad85479b20c737ad6709bc36656bb1.apk

  • Size

    7.5MB

  • Sample

    241029-cxcd9stbkq

  • MD5

    57047c3d8de77976adb24bf6cfca5dc0

  • SHA1

    ff23265eff57bc59aede866829a66e29f5908dc2

  • SHA256

    698ce6345e26bbba3e3bb6a9e78bc26f80ad85479b20c737ad6709bc36656bb1

  • SHA512

    d684c5c45d83d477da4c2756d45cfec4d5d3d9eb37e1451e41c61d0a9d1ad3fce723366a9d3117abbeca59e7527a472428e6586a075f1d165d2600d179a9c720

  • SSDEEP

    196608:C2/DoY0tS8r0WTUP9X14OGz7xMTDxI8uTp6yA:C2Ll0o8IWTan4jxsDxTuTp6F

Score
10/10
antidotandroiddiscoveryevasionexecutionpersistence

Malware Config

Targets

    • Target

      698ce6345e26bbba3e3bb6a9e78bc26f80ad85479b20c737ad6709bc36656bb1.apk

    • Size

      7.5MB

    • MD5

      57047c3d8de77976adb24bf6cfca5dc0

    • SHA1

      ff23265eff57bc59aede866829a66e29f5908dc2

    • SHA256

      698ce6345e26bbba3e3bb6a9e78bc26f80ad85479b20c737ad6709bc36656bb1

    • SHA512

      d684c5c45d83d477da4c2756d45cfec4d5d3d9eb37e1451e41c61d0a9d1ad3fce723366a9d3117abbeca59e7527a472428e6586a075f1d165d2600d179a9c720

    • SSDEEP

      196608:C2/DoY0tS8r0WTUP9X14OGz7xMTDxI8uTp6yA:C2Ll0o8IWTan4jxsDxTuTp6F

    Score
    8/10
    discoveryevasionexecutionpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      evasion

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Acquires the wake lock

    • Checks the application is allowed to request package installs through the package installer

      Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).

      evasion

    • Queries information about active data network

      discovery

    • Checks the presence of a debugger

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks