General

  • Target

    rectv16.4.apk

  • Size

    54.6MB

  • Sample

    241110-ncnscawcng

  • MD5

    d5fd170a8d9eee15d0b67097527215fe

  • SHA1

    80b860ed2fd14780d0f0ed06510d3b8eed48d61a

  • SHA256

    f245537c2cdbbf0221df21d4e5ad42d5673335038a0552100a14b6a0feb22637

  • SHA512

    899bd25845767087c0e66f1c9d3bf44263892c7a031b1a7c882c0f8f46a66ff7f8c7622c7d27b63dce5989d2be559132b8bbc51f7d0aacbd306b88134bd16950

  • SSDEEP

    786432:3m4fhy+Xh9Pn4KxJQL71ySqRtWzaNxPlfAUzRmTuKWTIwMCLxAhLocjfk/6+ugLJ:fPn4gJTSJqlfA4YFChKd3j8/7LdYqvmk

Malware Config

Targets

    • Target

      rectv16.4.apk

    • Size

      54.6MB

    • MD5

      d5fd170a8d9eee15d0b67097527215fe

    • SHA1

      80b860ed2fd14780d0f0ed06510d3b8eed48d61a

    • SHA256

      f245537c2cdbbf0221df21d4e5ad42d5673335038a0552100a14b6a0feb22637

    • SHA512

      899bd25845767087c0e66f1c9d3bf44263892c7a031b1a7c882c0f8f46a66ff7f8c7622c7d27b63dce5989d2be559132b8bbc51f7d0aacbd306b88134bd16950

    • SSDEEP

      786432:3m4fhy+Xh9Pn4KxJQL71ySqRtWzaNxPlfAUzRmTuKWTIwMCLxAhLocjfk/6+ugLJ:fPn4gJTSJqlfA4YFChKd3j8/7LdYqvmk

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks