General
-
Target
com-fastemulator-gbafree-1400051.apk
-
Size
4.3MB
-
Sample
250120-gpftyavkd1
-
MD5
d0d2be57be1fe3682bab1460376f7633
-
SHA1
b1d1b8812c49cfe75559f0a3efcd43506a4a5c1f
-
SHA256
fdb31f0e679d6a14cf430e5340eec5c3a165cde34baaf4ddab64600ea76463e0
-
SHA512
bb1712ebcd1381139bfd9730b5f276f4d1f9fee7026628ae7bb8f803ba02a49e866e24c663fe6ed67b538e69d7429797352b1fb5fffc81839d69f5540b926016
-
SSDEEP
98304:dDO+PvIZmlXKWZurPucpFqkElQAq60BNy6DPUS/ALNN:dDOXZmFKWe1qkgQAq60P8S/c
Malware Config
Targets
-
-
Target
com-fastemulator-gbafree-1400051.apk
-
Size
4.3MB
-
MD5
d0d2be57be1fe3682bab1460376f7633
-
SHA1
b1d1b8812c49cfe75559f0a3efcd43506a4a5c1f
-
SHA256
fdb31f0e679d6a14cf430e5340eec5c3a165cde34baaf4ddab64600ea76463e0
-
SHA512
bb1712ebcd1381139bfd9730b5f276f4d1f9fee7026628ae7bb8f803ba02a49e866e24c663fe6ed67b538e69d7429797352b1fb5fffc81839d69f5540b926016
-
SSDEEP
98304:dDO+PvIZmlXKWZurPucpFqkElQAq60BNy6DPUS/ALNN:dDOXZmFKWe1qkgQAq60P8S/c
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3