General

  • Target

    ing.apk

  • Size

    15.8MB

  • Sample

    241110-ph7cbawgkr

  • MD5

    02f6b98935cd81a72ef703bbaefe5c24

  • SHA1

    c4bcdbf7264a1c66699129a2957728f20e0032ad

  • SHA256

    e6f49c577a130e98ec146a493b11b6706816dd05742dd10af300ade7e4340de3

  • SHA512

    7b3e7cc7e8a60382d1995ee84b7d7712a55bfcab31203b424dc1f89ac8b3e52055ca83ebcb4015d96af9f5a2668a8a5c1486b816a53cc3dc5fdf850742497d51

  • SSDEEP

    393216:xkYkO4hsKi+HVT/2CAHobrok1k52BSKP32Qhn:Kuui+HECAINTEKPphn

Malware Config

Targets

    • Target

      ing.apk

    • Size

      15.8MB

    • MD5

      02f6b98935cd81a72ef703bbaefe5c24

    • SHA1

      c4bcdbf7264a1c66699129a2957728f20e0032ad

    • SHA256

      e6f49c577a130e98ec146a493b11b6706816dd05742dd10af300ade7e4340de3

    • SHA512

      7b3e7cc7e8a60382d1995ee84b7d7712a55bfcab31203b424dc1f89ac8b3e52055ca83ebcb4015d96af9f5a2668a8a5c1486b816a53cc3dc5fdf850742497d51

    • SSDEEP

      393216:xkYkO4hsKi+HVT/2CAHobrok1k52BSKP32Qhn:Kuui+HECAINTEKPphn

    • Checks if the Android device is rooted.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks