Resubmissions
14-01-2025 05:44
250114-gfjt8szrbn 1014-01-2025 05:43
250114-ge4g9aykgt 1014-01-2025 05:39
250114-gctj9szqep 1014-01-2025 05:35
250114-f993vazqak 1014-01-2025 05:34
250114-f9l11szpgq 1014-01-2025 05:31
250114-f76yeayjcw 1014-01-2025 05:30
250114-f68evayjas 1014-01-2025 05:29
250114-f6m4xazpcq 1014-01-2025 05:27
250114-f5p7wazpbm 10Analysis
-
max time kernel
33s -
max time network
43s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
-
submitted
14-01-2025 05:17
General
-
Target
FE_Invisible_Troll_Script.apk
-
Size
3.2MB
-
MD5
3ff43582aa468b8a8d0e063dcfea73bf
-
SHA1
5d1d34fcec8f715ce045a5bda04741d40f29001b
-
SHA256
a6f56581bb7ae7b242fcaab3d97d04ec2c5ac8aa5870e4e64ffbcf0d78899993
-
SHA512
6af7639bc336015161f3087519e1a365ece0d1e0f5f7f20fe1af3243d1e6c3a0f65e38b50dc70f15cd13a232989b22884ca36bf0151630223d37bdba4f250149
-
SSDEEP
49152:hrOpp2RqaP3KdsFeHcEKYC4KiJK5ncPjPuE/UpXSkdkIDk5sSEj6QiVterxzrK:hYgv6dsFt0FQnGD/UsrLEjS81PK
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.herocraft.game.freemium.catchthecandy1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
469B
MD59c0f1b2212642276c5fd1a21d8215c5a
SHA14dae819759488ffdf44b9779e45093b7817e7742
SHA2567f941a3007a2578a5a65c41a0021dd8c742f96ac8cfb3976ef48f4e15982bb9e
SHA512cbc29b2b6e9315655ab3532095ec3b652bee5469e25859a214fa007a27e1c9cbb4ceff11059622848ff1d010fac247f849f2d37089133c016470ad17714a535a
-
Filesize
2.3MB
MD5d951efa7f0ca59781f3af35949338902
SHA1ac853df2b6835dbac7c94eb008ab4657e68eda70
SHA2565b0a0d3671f6ff3ea0001624a0c157d057965e60891c5335391880fe9b00e183
SHA5128fbbc1c347ec03478b01ff321d159656abfcad1d9ac3b426382348567c57bbaf1cdb3cac77c38fbcf62e0e17063f170fc9f9bf200a982b940dcad47e30b05617
-
Filesize
229B
MD5ef279c2a2a6771499940cc44fa5c4f23
SHA172a659b0794894606d46d85c1bc3be549ae5badf
SHA2569183855e52bc9fa1ef29b246baae3e5dcde1c409d3bbc875fa0bd355bbe80566
SHA512173cc0307ee3d15c16e9e579f812af167f1c5a90a535e6e0e28e107a1145b48d3231c5179500338e3ac6e3ec290a36643c8abda496957dbb5f4f9b8123b48122
-
Filesize
229B
MD5e9092c43f05819313120d9aa4a8c5962
SHA1b7957ec80ed925f630be5a579980f5ce29b42865
SHA2566d92cf6dc25b9aab9554164415c75d63509e950cf3c774cb4bdefcec7da28c86
SHA512d1d3c35c357e6acb44ef6af0b5068b73f7ba2b7d64c7ff64fe13b3a585dfde756df3dfb17c3bc3e039a3b6ca93dea29e88d1e1c4032d341438f117652f77fdeb
-
Filesize
6.4MB
MD5767a8ce605249b314939882f824f989a
SHA17cb1e61d4fa739b92b25d13bcf33bbb00cff9baa
SHA25626d8b34344e6e61c8a1380e9773109569accb467b36f954a1e5c729a4d701fa5
SHA512baec83cf6d66fc0dbf13411043c8168acf38b0b66a9c20f9b1ec54d6f5ef21527d22b4c47dd54734dcd5bd85410dc3bb8fe786fb1702443beee9a42e869c4475