General
-
Target
8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67.bin
-
Size
3.5MB
-
Sample
250302-1xqtnawyds
-
MD5
d427e2c5e2802cdbc7cbd4cb65f890b0
-
SHA1
3ce2d6093dbd45d239b68c267b815c9791759a3b
-
SHA256
8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67
-
SHA512
276ac493cc4028050ed2d87cee9d18fa1efa7cace9cf69ee8d4bea6bd968fc554d3c1a24c92c8cf34c89fe24584e4efa85ec59e5ab59221a0ed60e372ca99f22
-
SSDEEP
98304:oQSyZo4DpCHrRdzxJV9uUj8Tr0nkeF22axCHpBUpF5sr8Tgkbn:oQzhIrRdVBuokqRHCnTdbn
Malware Config
Targets
-
-
Target
8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67.bin
-
Size
3.5MB
-
MD5
d427e2c5e2802cdbc7cbd4cb65f890b0
-
SHA1
3ce2d6093dbd45d239b68c267b815c9791759a3b
-
SHA256
8bf438f8b6916c8abeddc380d835eb6849e7f2606fb487085dd0f6ed14db6d67
-
SHA512
276ac493cc4028050ed2d87cee9d18fa1efa7cace9cf69ee8d4bea6bd968fc554d3c1a24c92c8cf34c89fe24584e4efa85ec59e5ab59221a0ed60e372ca99f22
-
SSDEEP
98304:oQSyZo4DpCHrRdzxJV9uUj8Tr0nkeF22axCHpBUpF5sr8Tgkbn:oQzhIrRdVBuokqRHCnTdbn
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-