8bbb936a3205a07d2426b1064c832fa6b88cff00ececb5f1a41a488682b43270 | Triage

Sharing

General

Target

minecraft-1-21-60-25-music.apk
Size

500.9MB
Sample

250117-agdlaavrcw
MD5

bb72c03326d0f880bfc634970ffe3727
SHA1

daf06b4be10b1d8fe3c99b60430405fc150346ff
SHA256

8bbb936a3205a07d2426b1064c832fa6b88cff00ececb5f1a41a488682b43270
SHA512

e5ea08b36bb701ed8fd5011654b3ef17069005d4d4a73143e68da972b20d2e8f9bdbcf86550aeb9b0f3cc8df22a47f654ac4e3cbca98d5ec728be7bed8c96d15
SSDEEP

12582912:OfFLk/x3dlJKJQB8aOSv+U7C5ZV8tWgOCvxk7h1nUgWleFVb9MVXB+:KA/x3dl+Qyqv+UuZV8tWhCZkIg+eFV4Y

Score

8^/10

android collection discovery evasion execution persistence

Malware Config

Targets

- Target
  
  minecraft-1-21-60-25-music.apk
- Size
  
  500.9MB
- MD5
  
  bb72c03326d0f880bfc634970ffe3727
- SHA1
  
  daf06b4be10b1d8fe3c99b60430405fc150346ff
- SHA256
  
  8bbb936a3205a07d2426b1064c832fa6b88cff00ececb5f1a41a488682b43270
- SHA512
  
  e5ea08b36bb701ed8fd5011654b3ef17069005d4d4a73143e68da972b20d2e8f9bdbcf86550aeb9b0f3cc8df22a47f654ac4e3cbca98d5ec728be7bed8c96d15
- SSDEEP
  
  12582912:OfFLk/x3dlJKJQB8aOSv+U7C5ZV8tWgOCvxk7h1nUgWleFVb9MVXB+:KA/x3dl+Qyqv+UuZV8tWhCZkIg+eFV4Y
Score

8^/10

collection discovery evasion execution persistence
- Checks if the Android device is rooted.
  evasion
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Acquires the wake lock
- Queries information about active data network
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Stored Application Data

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryevasionexecutionpersistence