Overview

overview

10

Static

static

10

394534c9ad...aa.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    394534c9ad058e4e99ab6d8c48dbaf12b18c823a374c58f799e01322fc414faa.apk.zip

  • Size

    64.7MB

  • Sample

    250114-ljyvsavjat

  • MD5

    dc95f61e756b89606f72e412445195b1

  • SHA1

    528742bf97454af22fa040a61546e7c64a8ab322

  • SHA256

    bad1cfd200f08fa76278dd11e6e7b28004402f58312f1771fbc124c257819285

  • SHA512

    1f0df254e2d0bb73dc32c2a6d121de6db77dc22819af50507ed19be4500818e703d2463eb65bc2c706827304cfe02db08ae225449e98849220a276ea30fe99ae

  • SSDEEP

    1572864:H2HYJ1BxqxbpKScUn/bJZWzlzJExjwr4X+6wT1nYIkDQ:H6+axb0J4LWzlzWSIwRVk8

Score
10/10
slockerandroidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      394534c9ad058e4e99ab6d8c48dbaf12b18c823a374c58f799e01322fc414faa.apk

    • Size

      65.1MB

    • MD5

      3a5c78dddb02bb3e9963e608aeec461c

    • SHA1

      22d821aacefffad8934e3f07fb9fb43805493c2f

    • SHA256

      5fb1886775252b05f43b7245efe35ab155503a525ed4c59e06b3d757692e4a82

    • SHA512

      964d6040082ed962656bfd5218c64c65d6916aa114304d2006225100e0e6052005518acad18fbca747a7c6d36b4faba21d244a58cf4086fd24f7cbbfd4b75cc9

    • SSDEEP

      1572864:bm1DBaMz9HrI6dVbmzlhnlqIWaOaVA3fIPXtJY:WBaiI6dVbmz3Q8DXXY

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the content of photos stored on the user's device.

      collection

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

MITRE ATT&CK Mobile v15

Tasks