Analysis
-
max time kernel
3s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
30-06-2024 23:09
Static task
static1
Behavioral task
behavioral1
Sample
magis-celular.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
magis-celular.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
magis-celular.apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
magis-celular.apk
Resource
android-x86-arm-20240624-en
General
-
Target
magis-celular.apk
-
Size
28.2MB
-
MD5
5db598cce404e50efe1f56cc4c178cfe
-
SHA1
11def3c597919b9dc013c7729a007c7e8a5b4a0c
-
SHA256
04c06f6aa11948987713ef1f69532203bfab5c953ba72e3247fddaefcbb8f0db
-
SHA512
c45b64b62f463dcd2ced14a171ca607abaa549e30e5de5e476cfd0c0e31c385b24386e9e61c8f2433c03705731a9e36869b6b902f7b7ffa626d3a17a72f5d598
-
SSDEEP
786432:sJZSPOVLQR/mRL581uD/V9CMOy9l5bhILYgImByh8e:sJfVL1581E/LCKDhJmByT
Malware Config
Signatures
-
Checks Android system properties for emulator presence. 1 TTPs 5 IoCs
Processes:
com.msandroid.mobiledescription ioc process Accessed system property key: ro.bootloader com.msandroid.mobile Accessed system property key: ro.bootmode com.msandroid.mobile Accessed system property key: ro.hardware com.msandroid.mobile Accessed system property key: ro.product.device com.msandroid.mobile Accessed system property key: ro.product.model com.msandroid.mobile -
Checks Qemu related system properties. 1 TTPs 7 IoCs
Checks for Android system properties related to Qemu for Emulator detection.
Processes:
com.msandroid.mobiledescription ioc process Accessed system property key: init.svc.qemud com.msandroid.mobile Accessed system property key: init.svc.qemu-props com.msandroid.mobile Accessed system property key: qemu.hw.mainkeys com.msandroid.mobile Accessed system property key: qemu.sf.fake_camera com.msandroid.mobile Accessed system property key: ro.kernel.android.qemud com.msandroid.mobile Accessed system property key: ro.kernel.qemu.gles com.msandroid.mobile Accessed system property key: ro.kernel.qemu com.msandroid.mobile -
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
Processes:
com.msandroid.mobileioc process /dev/socket/qemud com.msandroid.mobile /dev/qemu_pipe com.msandroid.mobile -
Checks the presence of a debugger