General

  • Target

    Anka1.1.7.apk

  • Size

    4.1MB

  • Sample

    241110-nwb8nawcrq

  • MD5

    d7c7e356916f02c02152ab543de3bf6c

  • SHA1

    765c6612444222863b1ca003671dcfdb7a1cfa4c

  • SHA256

    6b79c6f5e81b991ccc7ed2ca8c5077bc5f1f95ad8ad79f941bb2a06f79e568f2

  • SHA512

    dcee0700952ef5704c2417348d2a4d22449510d23ba7d5b19f6d7cb45c1e529865366abf916ec4b6a206857e2c168ad39758c1fd38ef491b62941060568ef5d0

  • SSDEEP

    98304:nmRQNYLYBCWwipoptvhWoSidHMi4frxmqXodeB:4KUYBnwSSvhEidHMMqYQB

Malware Config

Targets

    • Target

      Anka1.1.7.apk

    • Size

      4.1MB

    • MD5

      d7c7e356916f02c02152ab543de3bf6c

    • SHA1

      765c6612444222863b1ca003671dcfdb7a1cfa4c

    • SHA256

      6b79c6f5e81b991ccc7ed2ca8c5077bc5f1f95ad8ad79f941bb2a06f79e568f2

    • SHA512

      dcee0700952ef5704c2417348d2a4d22449510d23ba7d5b19f6d7cb45c1e529865366abf916ec4b6a206857e2c168ad39758c1fd38ef491b62941060568ef5d0

    • SSDEEP

      98304:nmRQNYLYBCWwipoptvhWoSidHMi4frxmqXodeB:4KUYBnwSSvhEidHMMqYQB

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Legitimate hosting services abused for malware hosting/C2

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks