General

  • Target

    d576f944e1ad344f29902fe75bf25eaf

  • Size

    1.9MB

  • Sample

    220603-gzpjtsfbek

  • MD5

    d576f944e1ad344f29902fe75bf25eaf

  • SHA1

    e8d55c4e83b4a7511fb709e78f9f01402a578b9a

  • SHA256

    7d34aaf84754fb247507681bcd821f9533f24c6d78aa6779a11f4d789d4822ee

  • SHA512

    8c569c426af7d90f723a6717b679e2d5f1686fcbddb19c5167cd0fa2c5e6b23e2ac727c74cc9997c098a5eb127a3cc4a4b00082e8cc58a5e62eafa4a1168b9a7

Malware Config

Targets

    • Target

      d576f944e1ad344f29902fe75bf25eaf

    • Size

      1.9MB

    • MD5

      d576f944e1ad344f29902fe75bf25eaf

    • SHA1

      e8d55c4e83b4a7511fb709e78f9f01402a578b9a

    • SHA256

      7d34aaf84754fb247507681bcd821f9533f24c6d78aa6779a11f4d789d4822ee

    • SHA512

      8c569c426af7d90f723a6717b679e2d5f1686fcbddb19c5167cd0fa2c5e6b23e2ac727c74cc9997c098a5eb127a3cc4a4b00082e8cc58a5e62eafa4a1168b9a7

    • BlackRock

      BlackRock is an android banker based on Xerxes banking Trojan.

    • BlackRock Payload

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks