General
-
Target
3d52b5728af55c37d5bd74c3f9b7e9ea6b007a9ec202a648ce3dc7e37ff49b29.apk
-
Size
4.8MB
-
Sample
241214-dqtweatjhv
-
MD5
d677c29a469041913c10e52193fd0d5e
-
SHA1
e8cf1650a6bbd93a93030d641ababe2677ab5bad
-
SHA256
3d52b5728af55c37d5bd74c3f9b7e9ea6b007a9ec202a648ce3dc7e37ff49b29
-
SHA512
bd4e3e006c5e14ac05cd3312202440d708d4f1c4550853dc370a7605fbc5d6a5ae07a5fcc56a66b77e398297130a1100eb592b8a092494def5a66ac4c3da8403
-
SSDEEP
98304:u3mUMdkaoLKauoXy/1CHceA8PehYttGrcKvvJO+g:u3mUEpauoXaw7A8PCYt6c4v/g
Malware Config
Targets
-
-
Target
3d52b5728af55c37d5bd74c3f9b7e9ea6b007a9ec202a648ce3dc7e37ff49b29.apk
-
Size
4.8MB
-
MD5
d677c29a469041913c10e52193fd0d5e
-
SHA1
e8cf1650a6bbd93a93030d641ababe2677ab5bad
-
SHA256
3d52b5728af55c37d5bd74c3f9b7e9ea6b007a9ec202a648ce3dc7e37ff49b29
-
SHA512
bd4e3e006c5e14ac05cd3312202440d708d4f1c4550853dc370a7605fbc5d6a5ae07a5fcc56a66b77e398297130a1100eb592b8a092494def5a66ac4c3da8403
-
SSDEEP
98304:u3mUMdkaoLKauoXy/1CHceA8PehYttGrcKvvJO+g:u3mUEpauoXaw7A8PCYt6c4v/g
Score1/10 -
-
-
Target
base.apk
-
Size
3.6MB
-
MD5
aca88829c5a7c2f7ab8ae928f3df9fda
-
SHA1
2ef0057ce7fa7d3c27d894b5ee0532a4b9f62f10
-
SHA256
9d00052eb9a97a53a49c8e1a26138de835e2d354adef44a51ce8fb599d769fc1
-
SHA512
44982081663f363769d16f667a229a36d2069678cb3177ce4e45e299f424566f9eeb71779afed2e93f67ae3cbcf04cd8b3c8b736f4981f5a937ce08392770fbc
-
SSDEEP
49152:+bgW8wiy8Vp7mZtgAWDGo2ZO5eAgBNx6yyhfYPdIxAH0fRnJfzvvR93Ueg6b/4o:+W1y8Vpug3t0AUyhQ2fbLP3hg6R
Score7/10-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Foreground Persistence
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
Process Discovery
1System Information Discovery
1System Network Configuration Discovery
1