tgtoxic | 42dbab5c073b5a9f6989c7ef67349a361a1d40e9dea93833362dbc50900ddbc6 | Triage

Sharing

General

Target

e40dc70d94e13e7fc1a58c9b940591bc01c1c37641f2ee61737c7625aa467c02.zip
Size

4.1MB
Sample

250317-qeb8fatnw5
MD5

0e51b9cfa9eb60e18a8cc627fccc9d3b
SHA1

289de303863cce38ed2baa63405eba5f169a8bbc
SHA256

42dbab5c073b5a9f6989c7ef67349a361a1d40e9dea93833362dbc50900ddbc6
SHA512

69dda0c8c886437c4c7c84fdd7bc7f611b039897a6e9d6cd98d70f31d5cfd134be134e35254e0463203965bad72dcc1c4f822502627a9ebcfb300ed0748d7019
SSDEEP

98304:9rU6BpXaJp6dBrQjOo0067b5PxBAmYKQRFjrT8l2VnNiUSSaU2g+:9bPXauCzzob5PAmYKgVS2VNiCZp+

Score

10^/10

tgtoxic android defense_evasion discovery

Malware Config

Targets

- Target
  
  e40dc70d94e13e7fc1a58c9b940591bc01c1c37641f2ee61737c7625aa467c02.apk
- Size
  
  4.9MB
- MD5
  
  c1c87ded7d894017c31165387894d0d5
- SHA1
  
  916a6be7269dd465ad4e017dd9eb10d8170cbba3
- SHA256
  
  e40dc70d94e13e7fc1a58c9b940591bc01c1c37641f2ee61737c7625aa467c02
- SHA512
  
  7be66c39ee61a3aca933866fbd03c9e3a84bc502c3e1a8bb323bb6bc97589e2a4c26f56abacdb66d4df3b6ed586408cc7bce010061443cda68c814146c53ca43
- SSDEEP
  
  98304:13mUMdkaoLKauoKPCGKyiruNyQENzOOPsAjbO8RDvfKM:13mUEpauoKx5RKrUAj6EfKM
Score

1^/10
behavioral1 behavioral2 behavioral3
- Target
  
  base.apk
- Size
  
  3.7MB
- MD5
  
  7531efaf77378e6969b2793ff5a81913
- SHA1
  
  9ffddafba7932be8925a120104fac84ceb71a071
- SHA256
  
  d40e45359546cb801887a38d4adb397327ce4bf0a166192f5f72165471fff10d
- SHA512
  
  acea2e24c2a19ccda810053e22fd46fb33490128f7d0a2560f353c70705608054f11afb1caf8aee2fd0d94746441081ad3503b636df4fe7925b11cfd1a364429
- SSDEEP
  
  98304:M1y8VDJ8nOjywaeY+La5UYHhQewQ7fLDcjzY:4y8Vl8OjIgOqYHmyzDcnY
Score

7^/10

defense_evasion discovery
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  defense_evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Reads information about phone network operator.
  discovery
behavioral4

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

defense_evasiondiscovery