General
-
Target
root-checker-6-5-3.apk
-
Size
9.9MB
-
Sample
241107-174hhazbpb
-
MD5
f8fe23cdab84a446affadc835288d3f9
-
SHA1
b9ea89fd001085aa164a370200f29b013731d53f
-
SHA256
5c41574e0e3ddeb38e1f2f28cc67f6d46f44848a0f4059f5a3bb72742b76dcd5
-
SHA512
924b6cb43a141661bd967257342a3839ea57e6e582f427c3c007dcddf38f33710ad2e0d4642250ccaf92f0da7d8f7e2231fdb6f35f7718d547240ab6d1f1433f
-
SSDEEP
196608:ZNsqS8DgkOQDt6zk3zBBerT/iBsIvn2dcS4y26fnFUs+/YrM51RdBpBrK/VnKuJI:VS8DIY8wBBE8Pvn2Ky26fF6/4M/RDpBp
Static task
static1
Behavioral task
behavioral1
Sample
root-checker-6-5-3.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
root-checker-6-5-3.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
root-checker-6-5-3.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
root-checker-6-5-3.apk
-
Size
9.9MB
-
MD5
f8fe23cdab84a446affadc835288d3f9
-
SHA1
b9ea89fd001085aa164a370200f29b013731d53f
-
SHA256
5c41574e0e3ddeb38e1f2f28cc67f6d46f44848a0f4059f5a3bb72742b76dcd5
-
SHA512
924b6cb43a141661bd967257342a3839ea57e6e582f427c3c007dcddf38f33710ad2e0d4642250ccaf92f0da7d8f7e2231fdb6f35f7718d547240ab6d1f1433f
-
SSDEEP
196608:ZNsqS8DgkOQDt6zk3zBBerT/iBsIvn2dcS4y26fnFUs+/YrM51RdBpBrK/VnKuJI:VS8DIY8wBBE8Pvn2Ky26fF6/4M/RDpBp
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2