f2f212d5f659b085a04b6ce4edb2c26ec5568c787df7d0f47505e06d3a6dfece

Analysis

max time kernel
149s
max time network
151s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
27/03/2025, 17:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f2f212d5f659b085a04b6ce4edb2c26ec5568c787df7d0f47505e06d3a6dfece.apk
Size

110KB
MD5

f8c93b4734da55d4d4dbb029a371fde8
SHA1

0e4816057a44f64032b75898c404f402b8ef2d62
SHA256

f2f212d5f659b085a04b6ce4edb2c26ec5568c787df7d0f47505e06d3a6dfece
SHA512

d63f89076ce4596a78f4e03c69767093b7d3f92e1d6d74185a68a839d400803e573c9a9c7add3aeafb3e03006777fb92c42f25dc87c06ebd5000b299460716ee
SSDEEP

3072:SG/dcQ5qvnEQgEf+2/tf8Lhg9Eu3im0BXxsGC72YX:SqdHeEif+2fVmaExs572YX

Score

8^/10

discovery evasion stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4274	anu_bifuulro.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	anu_bifuulro.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	anu_bifuulro.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	anu_bifuulro.app

anu_bifuulro.app
1⤵
- Removes its main activity from the application launcher
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
PID:4274

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads