Analysis
-
max time kernel
132s -
max time network
150s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
-
submitted
25/03/2025, 04:22
General
-
Target
based.apk
-
Size
2.2MB
-
MD5
45ef961c0d925aa3ca1e7f943ca673cb
-
SHA1
ce377d305a967ef4d4c474e0723826109d8a6bd4
-
SHA256
b64a46693b6cd3d73deb4015243ca3b9c4ad4b1d222e64815ac598a2611604fb
-
SHA512
2b5df5e6f957c218e37dac575d3451c80e887e209aa6e4f7dd8517c214da41cacfb717ad7c1157ccb0873c9792286ac4d90c69959ee2cb7eaff9151213cf63a5
-
SSDEEP
49152:WQgtYfKUctQ8v2FUFAkHJHCwz2G4ckvbXdvsAS5G5gvY4Rl:pgtbbQ8v2FtwTB4tXRsA9Ol
Score
7/10
Malware Config
Signatures
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
com.example.reverseshell21⤵
- Reads the content of SMS inbox messages.
- Queries information about active data network
- Schedules tasks to execute at a specified time