tgtoxic | e40dc70d94e13e7fc1a58c9b940591bc01c1c37641f2ee61737c7625aa467c02 | Triage

Sharing

General

Target

67a7491b154ac_Agoda.apk
Size

4.9MB
Sample

250210-wd3a5azqbn
MD5

c1c87ded7d894017c31165387894d0d5
SHA1

916a6be7269dd465ad4e017dd9eb10d8170cbba3
SHA256

e40dc70d94e13e7fc1a58c9b940591bc01c1c37641f2ee61737c7625aa467c02
SHA512

7be66c39ee61a3aca933866fbd03c9e3a84bc502c3e1a8bb323bb6bc97589e2a4c26f56abacdb66d4df3b6ed586408cc7bce010061443cda68c814146c53ca43
SSDEEP

98304:13mUMdkaoLKauoKPCGKyiruNyQENzOOPsAjbO8RDvfKM:13mUEpauoKx5RKrUAj6EfKM

Score

10^/10

tgtoxic android defense_evasion discovery

Malware Config

Targets

- Target
  
  67a7491b154ac_Agoda.apk
- Size
  
  4.9MB
- MD5
  
  c1c87ded7d894017c31165387894d0d5
- SHA1
  
  916a6be7269dd465ad4e017dd9eb10d8170cbba3
- SHA256
  
  e40dc70d94e13e7fc1a58c9b940591bc01c1c37641f2ee61737c7625aa467c02
- SHA512
  
  7be66c39ee61a3aca933866fbd03c9e3a84bc502c3e1a8bb323bb6bc97589e2a4c26f56abacdb66d4df3b6ed586408cc7bce010061443cda68c814146c53ca43
- SSDEEP
  
  98304:13mUMdkaoLKauoKPCGKyiruNyQENzOOPsAjbO8RDvfKM:13mUEpauoKx5RKrUAj6EfKM
Score

1^/10
behavioral1 behavioral2 behavioral3
- Target
  
  base.apk
- Size
  
  3.7MB
- MD5
  
  7531efaf77378e6969b2793ff5a81913
- SHA1
  
  9ffddafba7932be8925a120104fac84ceb71a071
- SHA256
  
  d40e45359546cb801887a38d4adb397327ce4bf0a166192f5f72165471fff10d
- SHA512
  
  acea2e24c2a19ccda810053e22fd46fb33490128f7d0a2560f353c70705608054f11afb1caf8aee2fd0d94746441081ad3503b636df4fe7925b11cfd1a364429
- SSDEEP
  
  98304:M1y8VDJ8nOjywaeY+La5UYHhQewQ7fLDcjzY:4y8Vl8OjIgOqYHmyzDcnY
Score

7^/10

defense_evasion discovery
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  defense_evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
behavioral4

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

defense_evasiondiscovery