Resubmissions

07-11-2024 03:08

241107-dmyeestjdx 10

04-11-2024 05:28

241104-f6gbcstphz 10

General

  • Target

    Cinema-HD-Ad-Free-2.3.6.1.apk

  • Size

    27.9MB

  • Sample

    241104-f6gbcstphz

  • MD5

    d4c4f0ec5d14f2fc217de8c42cc45919

  • SHA1

    dcd11fff538d59d4ce6d794f172857ffbba9241a

  • SHA256

    927737acfc0676ac0790078727d3a042e1d0854d47da1c625193b0f59a725895

  • SHA512

    0ba28d95ec108dfe6a09bffe25e8a20a8aaa8b506b6b4a9967b4115f50d1ce04fb884fcc0123a35d251ec71d673baa599964dae637d231e992e9e4039adb8628

  • SSDEEP

    393216:R+J70UY5kAD8jYUg9Bi7CocKp8uekZbxZC/GrT9wXVdqXeirE6mwOAQ/d+Q5Wz/3:R+J702bJbDrxC/GFwXVIOkOAQ/pC/3

Malware Config

Targets

    • Target

      Cinema-HD-Ad-Free-2.3.6.1.apk

    • Size

      27.9MB

    • MD5

      d4c4f0ec5d14f2fc217de8c42cc45919

    • SHA1

      dcd11fff538d59d4ce6d794f172857ffbba9241a

    • SHA256

      927737acfc0676ac0790078727d3a042e1d0854d47da1c625193b0f59a725895

    • SHA512

      0ba28d95ec108dfe6a09bffe25e8a20a8aaa8b506b6b4a9967b4115f50d1ce04fb884fcc0123a35d251ec71d673baa599964dae637d231e992e9e4039adb8628

    • SSDEEP

      393216:R+J70UY5kAD8jYUg9Bi7CocKp8uekZbxZC/GrT9wXVdqXeirE6mwOAQ/d+Q5Wz/3:R+J702bJbDrxC/GFwXVIOkOAQ/pC/3

    • Renames multiple (362) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Checks if the Android device is rooted.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    • Queries information about active data network

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks