General

  • Target

    apkpure_3202057_1109.apk

  • Size

    16.7MB

  • Sample

    241109-pvpyssvbln

  • MD5

    9425bfde049dee5de5d8be7ea3f1f22d

  • SHA1

    f67554111c008577dfd1e72b37c375a852755f91

  • SHA256

    26a96a9f5e5f3b787b89e99cd2c5987ca7d5c6acdf7bc358d41c1c51d3ddfa97

  • SHA512

    030823926c050647156a57641acc486438439f02d32538d71a90ffba156b1df51f2bf2515a80591a891f82037fffc31fb265735fcdb14db0e210f69add86948c

  • SSDEEP

    393216:xskWqsepDuMS5eHNfa0FfNhAykxJT9oBxY:xskWqsCqrY117RZ/Y

Malware Config

Targets

    • Target

      apkpure_3202057_1109.apk

    • Size

      16.7MB

    • MD5

      9425bfde049dee5de5d8be7ea3f1f22d

    • SHA1

      f67554111c008577dfd1e72b37c375a852755f91

    • SHA256

      26a96a9f5e5f3b787b89e99cd2c5987ca7d5c6acdf7bc358d41c1c51d3ddfa97

    • SHA512

      030823926c050647156a57641acc486438439f02d32538d71a90ffba156b1df51f2bf2515a80591a891f82037fffc31fb265735fcdb14db0e210f69add86948c

    • SSDEEP

      393216:xskWqsepDuMS5eHNfa0FfNhAykxJT9oBxY:xskWqsCqrY117RZ/Y

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks