General

  • Target

    51f9c37c3eec0b6f8325aa1c8fe64a0615ab920584042df557426473b1270b40.bin.sample

  • Size

    1.8MB

  • Sample

    230118-q9c38aac64

  • MD5

    36cd2ea94bcf9f9a9959dc4c1c489933

  • SHA1

    828c76b5d980c893147bdee72eb3832227aff7f2

  • SHA256

    51f9c37c3eec0b6f8325aa1c8fe64a0615ab920584042df557426473b1270b40

  • SHA512

    d829d6969f53a3b1b929cf6b964af454f4087bb9075afccf0303007409188bac21df06a1cab5bd2615360fae40202fd3dbb1a861ce397a8d09e8ce86bbc102c4

  • SSDEEP

    49152:+/X7k/o4x1XuIEMYnpn2SL40UFi+xYxpEWWKRFd:+/rMr7XuamB264bFiAopJVR

Malware Config

Targets

    • Target

      51f9c37c3eec0b6f8325aa1c8fe64a0615ab920584042df557426473b1270b40.bin.sample

    • Size

      1.8MB

    • MD5

      36cd2ea94bcf9f9a9959dc4c1c489933

    • SHA1

      828c76b5d980c893147bdee72eb3832227aff7f2

    • SHA256

      51f9c37c3eec0b6f8325aa1c8fe64a0615ab920584042df557426473b1270b40

    • SHA512

      d829d6969f53a3b1b929cf6b964af454f4087bb9075afccf0303007409188bac21df06a1cab5bd2615360fae40202fd3dbb1a861ce397a8d09e8ce86bbc102c4

    • SSDEEP

      49152:+/X7k/o4x1XuIEMYnpn2SL40UFi+xYxpEWWKRFd:+/rMr7XuamB264bFiAopJVR

    • BlackRock

      BlackRock is an android banker based on Xerxes banking Trojan.

    • BlackRock payload

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks