Overview

overview

10

Static

static

10

com.medoc.... 2.apk

android-11-x64

8

Resubmissions

31-01-2025 14:25

250131-rred1aznem 10

31-01-2025 14:24

250131-rqsv1azndk 10

31-01-2025 14:23

250131-rqdfbaxqht 10

31-01-2025 14:22

250131-rprljsznbk 10

Analysis

  • max time kernel
    13s
  • max time network
    21s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    31-01-2025 14:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    com.medoc.cashalot.ingenico_19.675.SIGNED 2.apk

  • Size

    37.7MB

  • MD5

    96d5b192bad79478833ef7f5bd6c52e6

  • SHA1

    074b683cd584e64d9c24d05989838aa4dbc0d93b

  • SHA256

    a25b1787179d2b114aece87cf5f0e87103fe14286ad3ac48c37f90b720cc8166

  • SHA512

    b598411a5e21ea50cc874ec89b536a8cfcac08d0ba9f11538edccdde2a5030b3957c0b1c398aea073bbe648fa5f927cd22667763659f4a2ee7bba9c8fd77de6d

  • SSDEEP

    393216:EGPdKz3dP1lKb0by7UpMIo0r0Rb/u8t19wuCzS1znXbabgQWnHNytebOtJCLtR93:Ejlxp3YRbljMSNXbaiHNqK7OUGO

Score
8/10
defense_evasion

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 8 IoCs
    defense_evasion
  • Checks known Qemu files. 1 TTPs 3 IoCs

    Checks for known Qemu files that exist on Android virtual device images.

    defense_evasion
  • Checks known Qemu pipes. 1 TTPs 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

    defense_evasion
  • Checks the presence of a debugger
    defense_evasion
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.medoc.cashalot.ingenico
    1⤵
    • Checks if the Android device is rooted.
    • Checks known Qemu files.
    • Checks known Qemu pipes.
    • Checks CPU information
    PID:4497

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads