f75e26936a8f3b55065cdad25ee3e37bdf94054bc5e242dc72ebb073e4f73c3d | Triage

Resubmissions

31/08/2023, 19:47

230831-yhsnlaaa37 8

31/08/2023, 19:43

230831-yfqffshg3s 8

31/08/2023, 19:36

230831-ybq67ahh83 8

Sharing

Copy URL Twitter E-mail

General

Target

f75e26936a8f3b55065cdad25ee3e37bdf94054bc5e242dc72ebb073e4f73c3d
Size

7.3MB
Sample

230831-yhsnlaaa37
MD5

0b7f5acaf4aa7dc5b5c4afa5c3c16f2d
SHA1

b5d780dc90fcc2534d331f1b369646fdafe523dd
SHA256

f75e26936a8f3b55065cdad25ee3e37bdf94054bc5e242dc72ebb073e4f73c3d
SHA512

ced766814016f4a4ba38c87a895009c87ef63cf68fedab51e0c8f50858ee30e11577b7ad3b21c6071db30721461da46a9011a67447ea38d087ff88d9daf61d39
SSDEEP

196608:hS8UtDZrJpYYbnq86lXKV5Xv9/ZLJnLxn271L4CC7FgBSwM:kDrnhTjZrn

Score

8^/10

android evasion

Malware Config

Targets

- Target
  
  f75e26936a8f3b55065cdad25ee3e37bdf94054bc5e242dc72ebb073e4f73c3d
- Size
  
  7.3MB
- MD5
  
  0b7f5acaf4aa7dc5b5c4afa5c3c16f2d
- SHA1
  
  b5d780dc90fcc2534d331f1b369646fdafe523dd
- SHA256
  
  f75e26936a8f3b55065cdad25ee3e37bdf94054bc5e242dc72ebb073e4f73c3d
- SHA512
  
  ced766814016f4a4ba38c87a895009c87ef63cf68fedab51e0c8f50858ee30e11577b7ad3b21c6071db30721461da46a9011a67447ea38d087ff88d9daf61d39
- SSDEEP
  
  196608:hS8UtDZrJpYYbnq86lXKV5Xv9/ZLJnLxn271L4CC7FgBSwM:kDrnhTjZrn
Score

8^/10

evasion
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1