General

  • Target

    viber-lst.apk

  • Size

    109.1MB

  • Sample

    241117-r5gfhs1nh1

  • MD5

    7a28eccb8d7dbdbe462cb467db17dd3e

  • SHA1

    1917d3d014f546432f5fb277912376ea0fb2784b

  • SHA256

    00144c9f37b75d918c9782da04a83a6ac0613b45e7c535fec33641514fce0dbd

  • SHA512

    b7ac677702ece3bfbfcaf9df4e5e213824dab68865dd9f45239aab04884cf973eb0f5e256d8a101bdd9182efc8cb24935ec4f31ba0f7a91907bdb500fcbdbb68

  • SSDEEP

    1572864:1Y9G4eNjo1XxxvSX1uILmXCTxha2nAmGTlmnPcplsg9Lh/graV0oZejDHZdg:29GlovSFRxnLGIPa9V/4I0oZCDHZe

Malware Config

Targets

    • Target

      viber-lst.apk

    • Size

      109.1MB

    • MD5

      7a28eccb8d7dbdbe462cb467db17dd3e

    • SHA1

      1917d3d014f546432f5fb277912376ea0fb2784b

    • SHA256

      00144c9f37b75d918c9782da04a83a6ac0613b45e7c535fec33641514fce0dbd

    • SHA512

      b7ac677702ece3bfbfcaf9df4e5e213824dab68865dd9f45239aab04884cf973eb0f5e256d8a101bdd9182efc8cb24935ec4f31ba0f7a91907bdb500fcbdbb68

    • SSDEEP

      1572864:1Y9G4eNjo1XxxvSX1uILmXCTxha2nAmGTlmnPcplsg9Lh/graV0oZejDHZdg:29GlovSFRxnLGIPa9V/4I0oZCDHZe

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Reads the contacts stored on the device.

    • Reads the content of photos stored on the user's device.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks