General
-
Target
LEGO_Star_Wars_TCS_APK.apk
-
Size
30.9MB
-
Sample
250418-mv9bbs1vfy
-
MD5
f18677d3c21f36f7253a11e67ea53326
-
SHA1
84696e6685ff472c1c1b87eb318ca502310c80d7
-
SHA256
d43bbb754ced809f9b43db609a0af4567c002097219f9caf36d824181dfd3a9a
-
SHA512
ab088f5abafbca53ce305309c9fb82ab412962e2b0e04934aa27bd4aa8375f373e1964b982ed1ba368473f6d96565cad18be0236701d8e0d1d55c239d3ba806c
-
SSDEEP
393216:RB4nOsVvmrL89QxnigD3aFwMQ99fGJqt8L3VVhcaoCQzCgJA:f4OsV+X8OggOwtOrHDvpgJA
Malware Config
Targets
-
-
Target
LEGO_Star_Wars_TCS_APK.apk
-
Size
30.9MB
-
MD5
f18677d3c21f36f7253a11e67ea53326
-
SHA1
84696e6685ff472c1c1b87eb318ca502310c80d7
-
SHA256
d43bbb754ced809f9b43db609a0af4567c002097219f9caf36d824181dfd3a9a
-
SHA512
ab088f5abafbca53ce305309c9fb82ab412962e2b0e04934aa27bd4aa8375f373e1964b982ed1ba368473f6d96565cad18be0236701d8e0d1d55c239d3ba806c
-
SSDEEP
393216:RB4nOsVvmrL89QxnigD3aFwMQ99fGJqt8L3VVhcaoCQzCgJA:f4OsV+X8OggOwtOrHDvpgJA
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Checks the presence of a debugger
-
MITRE ATT&CK Mobile v16
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2