Analysis
-
max time kernel
157s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
30-06-2024 22:03
Static task
static1
Behavioral task
behavioral1
Sample
4da3dad20d1e877c77885935039f7cf634e6368cdd511759e1d04ce0300bad87.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
4da3dad20d1e877c77885935039f7cf634e6368cdd511759e1d04ce0300bad87.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
4da3dad20d1e877c77885935039f7cf634e6368cdd511759e1d04ce0300bad87.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
4da3dad20d1e877c77885935039f7cf634e6368cdd511759e1d04ce0300bad87.apk
-
Size
4.0MB
-
MD5
90507f7715bc0139e2e9584654fc1b73
-
SHA1
b8c8e9baff187d2cf93ba41c4a91d4e77784a33f
-
SHA256
4da3dad20d1e877c77885935039f7cf634e6368cdd511759e1d04ce0300bad87
-
SHA512
0eb2373256f58ddc1b5a699c4e602b2478625ae287524c882e4b4a8d8f6b6facdf6435bf37e600cdfcf6eaf91f352f36e987171836d60b26ce383dd5ec12041b
-
SSDEEP
98304:e0LmPMYeft07aSH4C6wn2Q/kGuYnoCfc+Y:eHX7aSHDP1NnK
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.shirley.pingtu.fengjindescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.shirley.pingtu.fengjin -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.shirley.pingtu.fengjindescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.shirley.pingtu.fengjin -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.shirley.pingtu.fengjindescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.shirley.pingtu.fengjin -
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/Android/Package.datFilesize
24B
MD5dc24279ca20fc5fb12ca895ae76eb829
SHA1c30055ffca5b9ad66f07260047c9be260db39515
SHA2561bd1626eacff33eb12278f510123bbbd9a29f7284927a79f40c4bedbb80fc5ff
SHA512d57cdda689cf48c03d4ea9bccefc347fa65df8a8e8f76e7cac833e6058d05e962255ac27c258ce0805c652b18c958a31b5f58326918630409842cee5eafacf70