General
-
Target
f01e810de599c765983c775bbbba1b18c14abab61fac8459321fd215a52672ae.bin
-
Size
3.5MB
-
Sample
250309-1xcxsssyey
-
MD5
5575425d89794f40c72e1f388853df09
-
SHA1
7d9c4f38514f2cff9ba23a653e292ea2645dd81b
-
SHA256
f01e810de599c765983c775bbbba1b18c14abab61fac8459321fd215a52672ae
-
SHA512
ad0c8ae07cb21672b094729b6dd02a9eb7e1faca896ea75f3c750fe3a6a945b2f71161ce30a808943a0ef1a49e670e1383049da295543feec863f5c127848b6d
-
SSDEEP
98304:Q0xGhvwDqQ9rFY2mhXKHpBUpF5sr8Tgkbd:bxG6DqYfHCnTdbd
Malware Config
Targets
-
-
Target
f01e810de599c765983c775bbbba1b18c14abab61fac8459321fd215a52672ae.bin
-
Size
3.5MB
-
MD5
5575425d89794f40c72e1f388853df09
-
SHA1
7d9c4f38514f2cff9ba23a653e292ea2645dd81b
-
SHA256
f01e810de599c765983c775bbbba1b18c14abab61fac8459321fd215a52672ae
-
SHA512
ad0c8ae07cb21672b094729b6dd02a9eb7e1faca896ea75f3c750fe3a6a945b2f71161ce30a808943a0ef1a49e670e1383049da295543feec863f5c127848b6d
-
SSDEEP
98304:Q0xGhvwDqQ9rFY2mhXKHpBUpF5sr8Tgkbd:bxG6DqYfHCnTdbd
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Declares services with permission to bind to the system
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
Requests dangerous framework permissions
-