General
-
Target
21310653d1745a48221fe9047bef6a9337230178fe42f10621d0f7a2cb1d5f41.bin
-
Size
3.5MB
-
Sample
250409-1737qstpx7
-
MD5
2e475aa3f666a9d8db5d3115c7854353
-
SHA1
fa00c9230aa5f589a12927ed3a63fac99516a84b
-
SHA256
21310653d1745a48221fe9047bef6a9337230178fe42f10621d0f7a2cb1d5f41
-
SHA512
a8a685706f294b94dbb4a12f6a3ab49224b50960f8791c04fd9cd5455ba5be4fdd2d861779c74f869c6ffbafa4443bc233369df458095831e5b491fc4c7e6ea0
-
SSDEEP
98304:W9+oFv8T/N/GODie+PlbwevYHpBUpF5sr8Tgkbn:YFUrN9IjwHCnTdbn
Malware Config
Targets
-
-
Target
21310653d1745a48221fe9047bef6a9337230178fe42f10621d0f7a2cb1d5f41.bin
-
Size
3.5MB
-
MD5
2e475aa3f666a9d8db5d3115c7854353
-
SHA1
fa00c9230aa5f589a12927ed3a63fac99516a84b
-
SHA256
21310653d1745a48221fe9047bef6a9337230178fe42f10621d0f7a2cb1d5f41
-
SHA512
a8a685706f294b94dbb4a12f6a3ab49224b50960f8791c04fd9cd5455ba5be4fdd2d861779c74f869c6ffbafa4443bc233369df458095831e5b491fc4c7e6ea0
-
SSDEEP
98304:W9+oFv8T/N/GODie+PlbwevYHpBUpF5sr8Tgkbn:YFUrN9IjwHCnTdbn
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-