General

  • Target

    orion.apk

  • Size

    76.6MB

  • Sample

    241112-v5n25s1jdq

  • MD5

    7c57072e0922e1ceb4a439178fb76493

  • SHA1

    4ceddade6167df9776dadffd43cd2257074a22a7

  • SHA256

    5302bf1d9679c812289b82156a4e1df9ffe0a919777c4323836ed409c88adee6

  • SHA512

    b03446bf04dc3865c9f1ca4ff302bd5ff88d8e5fc1fe1ec593a5e534037e09b6cb779874db97623b5b6030856af18a7b62cdaa7a7682c9cc4f3a8ab391411ae5

  • SSDEEP

    1572864:R687Jw7fDswNei3jk5tJtCjS794jZ/8AF9jt4dzPOGCCNtI2uf:4eyjNrw9t/94d/8e9j2t/V+

Malware Config

Targets

    • Target

      orion.apk

    • Size

      76.6MB

    • MD5

      7c57072e0922e1ceb4a439178fb76493

    • SHA1

      4ceddade6167df9776dadffd43cd2257074a22a7

    • SHA256

      5302bf1d9679c812289b82156a4e1df9ffe0a919777c4323836ed409c88adee6

    • SHA512

      b03446bf04dc3865c9f1ca4ff302bd5ff88d8e5fc1fe1ec593a5e534037e09b6cb779874db97623b5b6030856af18a7b62cdaa7a7682c9cc4f3a8ab391411ae5

    • SSDEEP

      1572864:R687Jw7fDswNei3jk5tJtCjS794jZ/8AF9jt4dzPOGCCNtI2uf:4eyjNrw9t/94d/8e9j2t/V+

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Legitimate hosting services abused for malware hosting/C2

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks