Overview

overview

8

Static

static

6

com-soft24...10.apk

android-10-x64

8

com-soft24...10.apk

android-11-x64

8

com-soft24...10.apk

android-13-x64

8

com-soft24...10.apk

android-9-x86

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    com-soft24hours-dictionaries-dictionary24-16001014-50888794-a78f4c3ba940ecbeed3af47188762410.apk

  • Size

    11.4MB

  • Sample

    250510-g9v5cswny9

  • MD5

    a78f4c3ba940ecbeed3af47188762410

  • SHA1

    1a3bac17f4fa23e07884c5af4ce0ee19d81846a3

  • SHA256

    098d02a237a10379b51354c4ddced889c0ee582b8e3bd72d6e1454a7b92be136

  • SHA512

    4f0fcb2a5eeb0aad6c52c1a45ba0151496ac6fce0360c3edde70c68d55c67a64aeb9158a7f83fbe8d826735d1568543f8da0b1f1bbe8daad20016ea4d8004610

  • SSDEEP

    196608:bPleQUJ6derrm0vEhzoLT19URfMxuAmipNXxQBYMOkVOak5gNTlCP0Bw6g2klGEk:JeQ3e3m0choLT7Mf+VmiN/rkUKJlrwqH

Score
8/10
androidbankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      com-soft24hours-dictionaries-dictionary24-16001014-50888794-a78f4c3ba940ecbeed3af47188762410.apk

    • Size

      11.4MB

    • MD5

      a78f4c3ba940ecbeed3af47188762410

    • SHA1

      1a3bac17f4fa23e07884c5af4ce0ee19d81846a3

    • SHA256

      098d02a237a10379b51354c4ddced889c0ee582b8e3bd72d6e1454a7b92be136

    • SHA512

      4f0fcb2a5eeb0aad6c52c1a45ba0151496ac6fce0360c3edde70c68d55c67a64aeb9158a7f83fbe8d826735d1568543f8da0b1f1bbe8daad20016ea4d8004610

    • SSDEEP

      196608:bPleQUJ6derrm0vEhzoLT19URfMxuAmipNXxQBYMOkVOak5gNTlCP0Bw6g2klGEk:JeQ3e3m0choLT7Mf+VmiN/rkUKJlrwqH

    Score
    8/10
    bankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      defense_evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      defense_evasion
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v16

Tasks