General

  • Target

    jesus.apk

  • Size

    11.2MB

  • Sample

    241110-pmkzwazlfq

  • MD5

    618a982fef3bae88dc0bc2a26c0d08a7

  • SHA1

    f3099044c3d556c0de37e4811c8744cd87e3ece4

  • SHA256

    3487f0c0a5d23c60a49a7a3d3e495fd4bb55d22bb59e4db020988194ae2593c2

  • SHA512

    09ee730e1e2c158342e4b64b2e3deb395a4ab9584d226f7106b2142330662daa04e8332d582950a4a7b2efee6e14386b83537f8fed0337541bf14823866e6c2a

  • SSDEEP

    196608:wMwfDTelxZN7Hw1wRibvaA+kfhjBstJAtGvGdJFwvfOzCLuRtI2FWSNly:of3kxZ5HVif35jBstJJedHzCLItZFnW

Malware Config

Targets

    • Target

      jesus.apk

    • Size

      11.2MB

    • MD5

      618a982fef3bae88dc0bc2a26c0d08a7

    • SHA1

      f3099044c3d556c0de37e4811c8744cd87e3ece4

    • SHA256

      3487f0c0a5d23c60a49a7a3d3e495fd4bb55d22bb59e4db020988194ae2593c2

    • SHA512

      09ee730e1e2c158342e4b64b2e3deb395a4ab9584d226f7106b2142330662daa04e8332d582950a4a7b2efee6e14386b83537f8fed0337541bf14823866e6c2a

    • SSDEEP

      196608:wMwfDTelxZN7Hw1wRibvaA+kfhjBstJAtGvGdJFwvfOzCLuRtI2FWSNly:of3kxZ5HVif35jBstJJedHzCLItZFnW

    • Checks if the Android device is rooted.

    • A potential corporate email address has been identified in the URL: Robotowght@500

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks