antidot | e921622a745d25e24a9e84363a5c1f3f7878d7897bb391688996116711e6d6eb | Triage

Sharing

General

Target

NetMirror_APK.apk
Size

15.5MB
Sample

250401-zyjajawxax
MD5

99c49604074e7fd413cfb360021e66fa
SHA1

b72bb967967fa4ceca0f5a47699e24946382b0af
SHA256

e921622a745d25e24a9e84363a5c1f3f7878d7897bb391688996116711e6d6eb
SHA512

16ba534d793476f3727bee3f596717b211d4132cf08d409b6fe98dd49bcd16b88c0044c65a42d318a0343479141580f4f9f774705d9b35790c2031ee38f8170c
SSDEEP

196608:hDHiOsWkDXS8dzPiTKkOdhkOzc3IlMYLIzDT/MNSIOssB+B/7Ks4xfIlr1:S8GPiT+vw3IlmzDLojrs2LZR

Score

10^/10

antidot android discovery evasion execution impact persistence

Malware Config

Targets

- Target
  
  NetMirror_APK.apk
- Size
  
  15.5MB
- MD5
  
  99c49604074e7fd413cfb360021e66fa
- SHA1
  
  b72bb967967fa4ceca0f5a47699e24946382b0af
- SHA256
  
  e921622a745d25e24a9e84363a5c1f3f7878d7897bb391688996116711e6d6eb
- SHA512
  
  16ba534d793476f3727bee3f596717b211d4132cf08d409b6fe98dd49bcd16b88c0044c65a42d318a0343479141580f4f9f774705d9b35790c2031ee38f8170c
- SSDEEP
  
  196608:hDHiOsWkDXS8dzPiTKkOdhkOzc3IlMYLIzDT/MNSIOssB+B/7Ks4xfIlr1:S8GPiT+vw3IlmzDLojrs2LZR
Score

7^/10

discovery evasion execution impact persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Process Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionexecutionimpactpersistence