General
-
Target
56d02524b2ee7df8e4bb5070ab2b480385518d16b8acbbdb0265ee3f1d8e1024.bin
-
Size
3.5MB
-
Sample
250411-12n6ma1tbw
-
MD5
678b025a29837ea87e3921d8b846c531
-
SHA1
3c559ad7f1884c6436043215f9c3498324fa4fa8
-
SHA256
56d02524b2ee7df8e4bb5070ab2b480385518d16b8acbbdb0265ee3f1d8e1024
-
SHA512
7e912619068c322d749fa7024bea4c463a679793201e042b1e02d247abbc0e606289e80e626cc098603120ed33243805e1de7fffa1380267172a9a9981b923c1
-
SSDEEP
98304:CEHjl+YWTgeoc81GWXYQ7eqguHpBUpF5sr8Tgkbx:7HRMglJ1BHCnTdbx
Malware Config
Targets
-
-
Target
56d02524b2ee7df8e4bb5070ab2b480385518d16b8acbbdb0265ee3f1d8e1024.bin
-
Size
3.5MB
-
MD5
678b025a29837ea87e3921d8b846c531
-
SHA1
3c559ad7f1884c6436043215f9c3498324fa4fa8
-
SHA256
56d02524b2ee7df8e4bb5070ab2b480385518d16b8acbbdb0265ee3f1d8e1024
-
SHA512
7e912619068c322d749fa7024bea4c463a679793201e042b1e02d247abbc0e606289e80e626cc098603120ed33243805e1de7fffa1380267172a9a9981b923c1
-
SSDEEP
98304:CEHjl+YWTgeoc81GWXYQ7eqguHpBUpF5sr8Tgkbx:7HRMglJ1BHCnTdbx
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Legitimate hosting services abused for malware hosting/C2
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-