a291334953ea02b92f947d76679cf15d07b88ae312bae8f2ed2719ab359b9369 | Triage

Sharing

General

Target

adguard.apk
Size

52.0MB
Sample

241120-ebn72s1crk
MD5

e0d4e9419909802d3d7f6b0b70ea0b0d
SHA1

c11fb59371694fc4bf40af498e3546e391e572ab
SHA256

a291334953ea02b92f947d76679cf15d07b88ae312bae8f2ed2719ab359b9369
SHA512

3645377739f584c1ca3dc0b3161bcf2d4144bce1d4acb201f9c5fa5d60ff5b8e9f42e51fdd791b75e9cd49fe95b0788f1dbf1d9f454e1dab8bf9a684542cc39e
SSDEEP

1572864:4hvt7LZzpms5WwkzfT6i50EfUk/bZ+92p/JZ:4hvtpcs5r4MgIo/JZ

Score

7^/10

android banker discovery evasion execution persistence

Malware Config

Targets

- Target
  
  adguard.apk
- Size
  
  52.0MB
- MD5
  
  e0d4e9419909802d3d7f6b0b70ea0b0d
- SHA1
  
  c11fb59371694fc4bf40af498e3546e391e572ab
- SHA256
  
  a291334953ea02b92f947d76679cf15d07b88ae312bae8f2ed2719ab359b9369
- SHA512
  
  3645377739f584c1ca3dc0b3161bcf2d4144bce1d4acb201f9c5fa5d60ff5b8e9f42e51fdd791b75e9cd49fe95b0788f1dbf1d9f454e1dab8bf9a684542cc39e
- SSDEEP
  
  1572864:4hvt7LZzpms5WwkzfT6i50EfUk/bZ+92p/JZ:4hvtpcs5r4MgIo/JZ
Score

7^/10

banker discovery execution persistence evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoveryexecutionpersistence

behavioral2

bankerdiscoveryevasionexecutionpersistence