General
-
Target
Pornhub-v6.17.0-PREMIUM.apk
-
Size
7.7MB
-
Sample
241208-nq3hnaslhx
-
MD5
7b22609ef84479360165e3080b800df8
-
SHA1
5375395036cf32494b5773ef2c63210c98e40bc7
-
SHA256
df4f4e2ee115d679002f9fdd40303a912406d63ca9ff822c613169cb4ccbb75c
-
SHA512
96e25bcc6987f6027b769905250f30c57ac13b96aa74605aa98eda082e5985fcc3cf247181de133ff165bd1757d02b3667ce9d6aba8d4b472ef407341e421fa2
-
SSDEEP
196608:K1+fwx4KTVonxvWmVTLvJAjMqked6vYIou1OecCvFgP6Y66uzm3s+p6f:5whGjs4ed64dC7Wu
Behavioral task
behavioral1
Sample
Pornhub-v6.17.0-PREMIUM.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
qfysz.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
qfysz.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
qfysz.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
Pornhub-v6.17.0-PREMIUM.apk
-
Size
7.7MB
-
MD5
7b22609ef84479360165e3080b800df8
-
SHA1
5375395036cf32494b5773ef2c63210c98e40bc7
-
SHA256
df4f4e2ee115d679002f9fdd40303a912406d63ca9ff822c613169cb4ccbb75c
-
SHA512
96e25bcc6987f6027b769905250f30c57ac13b96aa74605aa98eda082e5985fcc3cf247181de133ff165bd1757d02b3667ce9d6aba8d4b472ef407341e421fa2
-
SSDEEP
196608:K1+fwx4KTVonxvWmVTLvJAjMqked6vYIou1OecCvFgP6Y66uzm3s+p6f:5whGjs4ed64dC7Wu
-
Antidot family
-
Antidot payload
-
Checks if the Android device is rooted.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
Checks the presence of a debugger
-
-
-
Target
qfysz
-
Size
4.5MB
-
MD5
dfc66a31d71ac949c29565893c571fd7
-
SHA1
2df8959930c8291fa6afdd27a2f8819c0b31b46a
-
SHA256
0b67e9e472078eae6b145baf57458a4e2ae5169070fd23c5913e8f6465258045
-
SHA512
8a25d7eddeaebb371062dd206c1d9aeb4d906049d3f88db83e556c72806a85a83e728ee1fd4152d91a0e456bc124ce2720c8d39302c68c7652a269ecea66b613
-
SSDEEP
98304:UKBwVJJELexKob1eOvl2m2m/dHdBNUoTArFT4:UKQJJxko8OvB26u4
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-