General
-
Target
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.bin
-
Size
3.6MB
-
Sample
241104-1zgc1aybkh
-
MD5
0257d1c1936ad80ec52accac27d4b737
-
SHA1
79c6bdc7b910c59d4bab00c42c79fce03f4f948a
-
SHA256
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c
-
SHA512
2ec076000a59112d15c3f9cd7c965437f90b9f886ad1fdba9d3849783d72509fc7369c4452592c3e91f4d096567cb1ce66d6c0c985d11f6a0b6ada0213015196
-
SSDEEP
98304:KO8Qj844FynsR8prR83RMGujqXsQTyZ9JhRz/cb:H44qynZprR8mGqskBK
Static task
static1
Behavioral task
behavioral1
Sample
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.bin
-
Size
3.6MB
-
MD5
0257d1c1936ad80ec52accac27d4b737
-
SHA1
79c6bdc7b910c59d4bab00c42c79fce03f4f948a
-
SHA256
f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c
-
SHA512
2ec076000a59112d15c3f9cd7c965437f90b9f886ad1fdba9d3849783d72509fc7369c4452592c3e91f4d096567cb1ce66d6c0c985d11f6a0b6ada0213015196
-
SSDEEP
98304:KO8Qj844FynsR8prR83RMGujqXsQTyZ9JhRz/cb:H44qynZprR8mGqskBK
Score7/10-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the SMS messages.
-
Reads the content of the call log.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-