General
-
Target
413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics.zip
-
Size
7.5MB
-
Sample
240629-bf48aaxbpb
-
MD5
cec6f790d1bf4316fc09e8869a56f800
-
SHA1
5a780f8b37ad1945e6579931c41eba65c53bd29a
-
SHA256
413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea
-
SHA512
f29f4a0eaa1673c1b331cb91612c232a155a24a781b680f1228c3d0895551a14203e8016531ef948df667818e99e39ae42d5c234acc40840b52ba991fee8b94c
-
SSDEEP
196608:6xNsqmbjiv7b6YKO8OmajWzRMvz1ZHYsTUOPpUF:6s27bVbD8ROzPDTG
Malware Config
Targets
-
-
Target
413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea_NeikiAnalytics.zip
-
Size
7.5MB
-
MD5
cec6f790d1bf4316fc09e8869a56f800
-
SHA1
5a780f8b37ad1945e6579931c41eba65c53bd29a
-
SHA256
413034898b2a7a690e84184fab8a8ec53efa8b0334ee638ca3663cd2e6378eea
-
SHA512
f29f4a0eaa1673c1b331cb91612c232a155a24a781b680f1228c3d0895551a14203e8016531ef948df667818e99e39ae42d5c234acc40840b52ba991fee8b94c
-
SSDEEP
196608:6xNsqmbjiv7b6YKO8OmajWzRMvz1ZHYsTUOPpUF:6s27bVbD8ROzPDTG
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Queries the mobile country code (MCC)
-
Requests allowing to install additional applications from unknown sources.
-
Checks the presence of a debugger
-
-
-
Target
asd.apk
-
Size
6.2MB
-
MD5
37b85e25b40266253daf25aa979681c7
-
SHA1
f0f64c61507eead367f58b281f5b92c4303d13d7
-
SHA256
bff27c506942569abec684c2aa29be1fb0219e6a0d933c1b94b9ee3760c39dea
-
SHA512
d5e72e5080207038b143ae34362ce0d6ef9ea00d4afdcfde40facd3bcbe2e08ace5dac4d137ab6c3a3cb1235804330f69b38c37afd8ace965653b91702a32c36
-
SSDEEP
98304:pk4c3bQmYBeOCQ9FWpsAJPMdCro9K9BZa9J0Hffq/yD1jMFN/iGv1cZ5mUn:pkh3Ue5Q9opsoPMdg9va9O/fqKMFQjZv
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
-
-
Target
base.apk
-
Size
349KB
-
MD5
3c6a0f1543920c307f25f5aa95593e1c
-
SHA1
736cb11893acd0ed47c2fd5781f8fee3264a47d0
-
SHA256
8b3c4522fc039fa9e39d48744bf38ea9d52a07dd01692eb38c51344530691399
-
SHA512
d5a61f7d0d3de1e2000dab6286e6fec07ab6a96fa5b44cb295465a2bc406a24965f649166a4db3001821260f67121def59be5e1d824188f20078d78ff1726ff9
-
SSDEEP
6144:2kjPmXAdeff0myAZ9D4s9hwV1qZPAEkZJOPb5elHvtABOuMIiq7AvREpKeemh0xT:2kiXAdefcmyA7D4jrqZ/mlVBzJIDCF
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-