General
-
Target
AmnesiaBETA.apk
-
Size
42.7MB
-
Sample
241110-ztv4jayjhk
-
MD5
fc1e6fb410ff9c97de08dee30e22221a
-
SHA1
aba1888fc0966b994c2ffb50ec5e1f4b57230d96
-
SHA256
9f0460662f390a0c5ca40b0ae41a5205a72553c9df68e4afef53d9becf6fae12
-
SHA512
9b4d67b2b3911f260549f7c35706a35adec6e6ac0a4c5013254b46d51620b79c946c6e2044c94829273e903766e2f32fdca9a76d77753c874cd4439b560c7d85
-
SSDEEP
786432:iMWJ5+rTcbIgVncHytCm7gN/umdotjAKOLHek/pHEer6hDC+Yfffye1M:jOQEbRGHyZ7ttjAKO7euEOfff9i
Static task
static1
Behavioral task
behavioral1
Sample
AmnesiaBETA.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
AmnesiaBETA.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
AmnesiaBETA.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
Build.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral5
Sample
Build.apk
Resource
android-x64-20240624-en
Malware Config
Targets
-
-
Target
AmnesiaBETA.apk
-
Size
42.7MB
-
MD5
fc1e6fb410ff9c97de08dee30e22221a
-
SHA1
aba1888fc0966b994c2ffb50ec5e1f4b57230d96
-
SHA256
9f0460662f390a0c5ca40b0ae41a5205a72553c9df68e4afef53d9becf6fae12
-
SHA512
9b4d67b2b3911f260549f7c35706a35adec6e6ac0a4c5013254b46d51620b79c946c6e2044c94829273e903766e2f32fdca9a76d77753c874cd4439b560c7d85
-
SSDEEP
786432:iMWJ5+rTcbIgVncHytCm7gN/umdotjAKOLHek/pHEer6hDC+Yfffye1M:jOQEbRGHyZ7ttjAKO7euEOfff9i
Score6/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Build.apk
-
Size
10.1MB
-
MD5
7476eabbf756bc6eff06f8dac6f26bdf
-
SHA1
3d7b362bf9a9afdb5824900a50d25791efba97ec
-
SHA256
2008b7e4c6d04d11e51dfd75d466365d1aaf66ca4c50e60c53ed9b0a514ef286
-
SHA512
ebfbc329f1a9e5d68e2a5e54e1105eb66f348fa1c1e2669f02e76fa8002c76ceb1bf8601a1f0d3a4cb912b66cc99293a7205b090800c92d793220f7e9982bc2d
-
SSDEEP
196608:fOzo8DogfSlt0XjFfeSZWytSGa+bW8KZs5tvKNKu6W8uqOvbu/uXWdwXks1woZDW:fYXkgfGt2QSZrfKyjKNK4llTcuXiMZDW
-
Reads the content of the call log.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Tries to add a device administrator.
-