Analysis
-
max time kernel
149s -
max time network
150s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system -
submitted
27/03/2025, 07:41
Static task
static1
Behavioral task
behavioral1
Sample
ca0989544a1511c773cf4f9da165e77a3be6d3b86a7b5484558b274ddc79a4b1.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
ca0989544a1511c773cf4f9da165e77a3be6d3b86a7b5484558b274ddc79a4b1.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
ca0989544a1511c773cf4f9da165e77a3be6d3b86a7b5484558b274ddc79a4b1.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
ca0989544a1511c773cf4f9da165e77a3be6d3b86a7b5484558b274ddc79a4b1.apk
-
Size
1.1MB
-
MD5
26f529d46558a35cd93b3f6dc85a213f
-
SHA1
f3c68a5859d92d3048169dd28da19bb105aa0da5
-
SHA256
ca0989544a1511c773cf4f9da165e77a3be6d3b86a7b5484558b274ddc79a4b1
-
SHA512
56173d3d3ff48ef7a43428ae66a1187a83a2064d0cf3fdb6def5f917e9bc050998a347c131ee88b18750e8ce12689a46adad482e5f0735bba91bec93d024c5ed
-
SSDEEP
24576:wqJONrJCTE3x0yCcmMvJO4kc1NWEz1T7hwRq4OaNF:wqJOlt3GyCivJoUII1HhQvOGF
Malware Config
Signatures
-
pid Process 5139 com.qzhaswptmd.abtjut -
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.qzhaswptmd.abtjut/app_yobqpj/veujwlbpb.jar 5139 com.qzhaswptmd.abtjut -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://sms/inbox com.qzhaswptmd.abtjut -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.qzhaswptmd.abtjut -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.qzhaswptmd.abtjut -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
377B
MD5f31ec1ba0b0d2538e900086f9ee3870d
SHA1d32bf70221e81fe2226857957e0d2f5a944611dd
SHA2569f30da1d4a3cac9b986b47e3f73fa70178a4b1dd091f256999dcefb9165d3722
SHA512f12ea39003d1aa0e13cb5928945aa368210339138304d6e33a54b49a7dffb2ff4d2c0ff1146e70ce488d5e9611d2e3af60c6c2e37100782bf52ab8b3f5ff6e95
-
Filesize
505KB
MD5f77218ce087763a9a0f915d5066f7518
SHA113b8b5605769af72050d2966fe81fa6cd7eebdb8
SHA256cd66b669be1a99c16d32d8c488a702c3dab660ccd45164ca0f8a27aabe1f30e6
SHA512f3cfc241807143fd74f7d618fb0dc0bca9c898f36d2184140e6bebe8af1382d92360fc3fbf7568b80737994bd926fa087f0da065012b933f303d7d12742d0b63
-
Filesize
1.2MB
MD51f90763017fe68888d0e983cda56002b
SHA192e039e1d7e880b42a559fa4fcf5da19e1b264b2
SHA25637a018553f0fd9b1304cc400f5d566a7ff6606943fc2f1f98c8465054bdfee2a
SHA5129d1e4c757b0edd4dfc03db55aeeedf17cfe84f9026b6c18391b87b3422745ae53e1440f571bb722ddf61dddce0cfbdde155783d9944c9935709494f4923eebfc