908e211ca738bb22eab7ccc03dda70bf6b9c3e163efcde35243e11b26bb5af44 | Triage

Sharing

General

Target

Futv.apk
Size

29.0MB
Sample

250328-srmwtaxycv
MD5

cda3d5066b51df1af4c02f768e20ebe7
SHA1

1a55361e65bf968683cfbc3f530e9674e2e03850
SHA256

908e211ca738bb22eab7ccc03dda70bf6b9c3e163efcde35243e11b26bb5af44
SHA512

c48ec0f49e2bbf086c37aa0a785c1ecf986fcae3db87c753a186c7983a8b48603bd39fc3a53ad8b4f17c38ed967d4fd05249ca1099dc0846e2cccfac24bf803d
SSDEEP

786432:mszZwtOpV7NKKWErgqYJ5xW6nsp2o8Nihr5svKQbkEZ:mstwCTf0pJTJnsp2b05s5bnZ

Score

8^/10

android collection credential_access defense_evasion discovery evasion impact persistence

Malware Config

Targets

- Target
  
  Futv.apk
- Size
  
  29.0MB
- MD5
  
  cda3d5066b51df1af4c02f768e20ebe7
- SHA1
  
  1a55361e65bf968683cfbc3f530e9674e2e03850
- SHA256
  
  908e211ca738bb22eab7ccc03dda70bf6b9c3e163efcde35243e11b26bb5af44
- SHA512
  
  c48ec0f49e2bbf086c37aa0a785c1ecf986fcae3db87c753a186c7983a8b48603bd39fc3a53ad8b4f17c38ed967d4fd05249ca1099dc0846e2cccfac24bf803d
- SSDEEP
  
  786432:mszZwtOpV7NKKWErgqYJ5xW6nsp2o8Nihr5svKQbkEZ:mstwCTf0pJTJnsp2b05s5bnZ
Score

8^/10

discovery evasion impact persistence collection credential_access defense_evasion
- Checks if the Android device is rooted.
  defense_evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

collectioncredential_accessdefense_evasiondiscoveryevasionimpact