b551587ee971147907be2d9f15bda2c8eb6bccdaf90ff195aaef8bece6ba983c | Triage

Submit
Reports

Overview

overview

8

Static

static

6

Futbolplay.apk

android-9-x86

7

Futbolplay.apk

android-13-x64

8

Sharing

General

Target

Futbolplay.apk
Size

19.4MB
Sample

240630-rlqj3sygpd
MD5

58a29c8a32ef94dc7a57d34f7ba876ef
SHA1

8dfd50b7b4a6cfdf65304b54204d2b2b30d89701
SHA256

b551587ee971147907be2d9f15bda2c8eb6bccdaf90ff195aaef8bece6ba983c
SHA512

ba7e8d4cbed7c276c8dceef5878358bd3a717a6c4ee3213a79ef67cf1a7e3447fec8f178ef6d669085b73a48d47235ee10c21a0797fc9b717add5b1cb654fb98
SSDEEP

393216:kghITr8Du4lCg6pQJu2imVZBALfxccBOdQyYomhbPRISKP32N54Oxo1:Aruu4l6iZiCYPU8r5PR/KPMTxk

Score

8^/10

android collection credential_access discovery evasion impact persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Futbolplay.apk

Resource

android-x86-arm-20240624-en

discovery evasion persistence

android-9-x86

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Futbolplay.apk

Resource

android-33-x64-arm64-20240624-en

collection credential_access discovery evasion impact

android-13-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Futbolplay.apk
- Size
  
  19.4MB
- MD5
  
  58a29c8a32ef94dc7a57d34f7ba876ef
- SHA1
  
  8dfd50b7b4a6cfdf65304b54204d2b2b30d89701
- SHA256
  
  b551587ee971147907be2d9f15bda2c8eb6bccdaf90ff195aaef8bece6ba983c
- SHA512
  
  ba7e8d4cbed7c276c8dceef5878358bd3a717a6c4ee3213a79ef67cf1a7e3447fec8f178ef6d669085b73a48d47235ee10c21a0797fc9b717add5b1cb654fb98
- SSDEEP
  
  393216:kghITr8Du4lCg6pQJu2imVZBALfxccBOdQyYomhbPRISKP32N54Oxo1:Aruu4l6iZiCYPU8r5PR/KPMTxk
Score

8^/10

discovery evasion persistence collection credential_access impact
- Checks if the Android device is rooted.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpact

© 2018-2024

Terms | Privacy