Resubmissions

01/05/2025, 08:49

250501-kq693a1zbw 10

General

  • Target

    WALITEX_1.90.1_UNIVERSE_ROCKMODS.NET.apk

  • Size

    79.0MB

  • Sample

    250501-lk12jaaj8s

  • MD5

    b761aaeb52ea9d8a9ba58e114b60aded

  • SHA1

    8e0e7ff557284b930a1bfca21d311fce71de8064

  • SHA256

    30509b8fec8f3a2ddeee402d92c9fa991173844cfd21635b3a5d2faf85eb50c1

  • SHA512

    bfc88f78a532fdc4ae91f6b9f0193b30266e2bd3f2be698c6d40c9a7207a773745ae4a5dfb911facd91ed17aabd3026d9f4261985c605ef699a1f3469566d24c

  • SSDEEP

    1572864:V0xgZe2o72464BKr0aDozNYueEX8jmuKy55X96cH:Og0d2z4JlzqutsjmuKyL96Q

Malware Config

Targets

    • Target

      WALITEX_1.90.1_UNIVERSE_ROCKMODS.NET.apk

    • Size

      79.0MB

    • MD5

      b761aaeb52ea9d8a9ba58e114b60aded

    • SHA1

      8e0e7ff557284b930a1bfca21d311fce71de8064

    • SHA256

      30509b8fec8f3a2ddeee402d92c9fa991173844cfd21635b3a5d2faf85eb50c1

    • SHA512

      bfc88f78a532fdc4ae91f6b9f0193b30266e2bd3f2be698c6d40c9a7207a773745ae4a5dfb911facd91ed17aabd3026d9f4261985c605ef699a1f3469566d24c

    • SSDEEP

      1572864:V0xgZe2o72464BKr0aDozNYueEX8jmuKy55X96cH:Og0d2z4JlzqutsjmuKyL96Q

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v16

Tasks