69e2eee9c2eb45651ce6818911f31b6126d168455ee1ac635e601bfa39cf93db

Sharing

Copy URL

Twitter E-mail

General

Target

69e2eee9c2eb45651ce6818911f31b6126d168455ee1ac635e601bfa39cf93db.bin
Size

4.8MB
Sample

231012-r5wkfaed9y
MD5

dabe54762b9c6ce65a89886e1e1cdb29
SHA1

6a249b91cd0d2010c149ef663bca2ae108a3fa5b
SHA256

69e2eee9c2eb45651ce6818911f31b6126d168455ee1ac635e601bfa39cf93db
SHA512

188b3754692d3bed44920a28da92253d92247199c2e1758fee3c42ed6e68ead82af6e64b72d6548d41daf55ffb2ed57cae9170a88509c33223de9bd15dc5ead0
SSDEEP

98304:PcS1Bi2f+pti1eMZ3dghc+hbVhflHsB3Ry8hj0TPe/I/NpFlCzlbf:rsQPee3ShPbV8s823Tqlbf

Score

8^/10

Malware Config

Targets

- Target
  
  69e2eee9c2eb45651ce6818911f31b6126d168455ee1ac635e601bfa39cf93db.bin
- Size
  
  4.8MB
- MD5
  
  dabe54762b9c6ce65a89886e1e1cdb29
- SHA1
  
  6a249b91cd0d2010c149ef663bca2ae108a3fa5b
- SHA256
  
  69e2eee9c2eb45651ce6818911f31b6126d168455ee1ac635e601bfa39cf93db
- SHA512
  
  188b3754692d3bed44920a28da92253d92247199c2e1758fee3c42ed6e68ead82af6e64b72d6548d41daf55ffb2ed57cae9170a88509c33223de9bd15dc5ead0
- SSDEEP
  
  98304:PcS1Bi2f+pti1eMZ3dghc+hbVhflHsB3Ry8hj0TPe/I/NpFlCzlbf:rsQPee3ShPbV8s823Tqlbf
Score

8^/10

evasion stealth trojan
- Makes use of the framework's Accessibility service.
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Removes a system notification.
  evasion
behavioral1 behavioral2
- Target
  
  __xadsdk__remote__final__.jar
- Size
  
  83KB
- MD5
  
  607e65052147713115dd87f0866d504c
- SHA1
  
  5ff2a1c2ebedeb61236c56edfde6406828a05c6c
- SHA256
  
  fe2fe2810faab43ae935927bfde6faafb8c74532f760afbecff9585d4404e741
- SHA512
  
  2bc7144ac0c6dfbcf097f778ee110405d9c58f4fc4901356c2cf2622d7a4f6b12ce30a51f168962a8c81fbab9c46a65c2b219633dd2a80cc345dbf255cebf2a1
- SSDEEP
  
  1536:eKSS1UbomStT19s4G0/GZzgrF2nPOgfbexVK8RV+0XUv5VzUxwh3MPeUivu5iy:DSYsStT1ZT/ugrFsmgsHWzUxq3MPeUi8
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  actionsQueue.js
- Size
  
  14KB
- MD5
  
  82b447366ff35e410389ffafed6798de
- SHA1
  
  16ab455ac17bf809fbf24f95d9c0dbe030b76f96
- SHA256
  
  2e121b9f6ba6f2df32ac9481262d69c38e9b57d8a1bdeec4054247975d26f925
- SHA512
  
  c2e8f3a0296b295a953624944d366c136f4de82a6c9a5b1cc4d509952b3895cc3672bbc6089b9e1d23d9b20e8012300dd2565fa102e08339726331626bcf957d
- SSDEEP
  
  192:ylpi0RiSH+IGqSCz84o3SCFia31NsjIsjYxqi+MC/RSYFIF8zE4Ogtu69xIOHEMw:mNeICibDI94OnXgPKcc
Score

1^/10
behavioral6 behavioral7
- Target
  
  fyb_iframe_endcard_tmpl.html
- Size
  
  520B
- MD5
  
  7844cba73b7b4b439b587dd501e92d82
- SHA1
  
  25a452bc6886d0e05d4a73da785021fd4c477a04
- SHA256
  
  e042e304cecd19bb6816de0150d3895e2717e66dda91f7e189610687c049dae6
- SHA512
  
  f54c2d7c0b265aa7c6feb18b8fb6740e01c9e3aeb19bf420d39832737fa59eed8fb959c8aa8a99c0efc87ca3399a244a918f0b4e90b0ee831a87e8afefdf2711
Score

1^/10
behavioral8 behavioral9
- Target
  
  libwbsafeedit
- Size
  
  17KB
- MD5
  
  aec96f5dd76213dc87c7200e439c2f70
- SHA1
  
  d62a8a53d7cf6829bbc3d52c8d8042dfe31d855d
- SHA256
  
  f663c531d179b50d76383f764621a8ae03d0faf98c116c4d7686b7f290317428
- SHA512
  
  49f88b097cf0c1c4c0b2bb738f5f6aaaf6514e1f90d44287a50860d72cbd2718eb227812d184076b57049fa83e1c384cd7b13b42bb8a71b3e816e3daa1efd4dd
- SSDEEP
  
  192:Jds5+qUXzAVseRKCTEdcZdQciesPRgErQMjGxMTuweLvdOxG1Jc:jsLkCTEKqdPi8eLVOxeG
Score

1^/10
behavioral10
- Target
  
  libwbsafeedit_x86_64
- Size
  
  13KB
- MD5
  
  3e0a410d334494bb4f02d7a51a8681ef
- SHA1
  
  f6bbba3fa2c5f043c2b7ac2a47f6cc727c530237
- SHA256
  
  d2d3e44a485655db8137f9840d57fbc6b0652acfc6d5d5f4a91ddb684ba62f7b
- SHA512
  
  b456446f98e23b1f6ed793165abb9896924c4184feb98830fc77a76c0bb8523d61ec9d0b1ad6e442736dbd641c54ad18f1040fd7f7a5498c1eb25ebc69906b1b
- SSDEEP
  
  192:Rbj8pXgVWAk2LLnHAba/m82UFHZGx1l0k7hm:ZjVHk+LgIvxZGQ
Score

1^/10
behavioral11
- Target
  
  mm.js
- Size
  
  49KB
- MD5
  
  4e12ba668622532bf3790cb63e94ce62
- SHA1
  
  4b0cecaf11ccca888defa3e0a48bbec69e7cd23b
- SHA256
  
  a6b55c912c5f82a23fc78aeb570e2656c37ae3007f029c9985f4d372dfe703e8
- SHA512
  
  1d8b066b2db608af5a746d5404a203f724c7ad9990e5f9ecb1396fabbc54d8ecca43d2abb13dde05b4f50c9848d617a02a2c0050f63e3cf25d9fc6a9b7c44885
- SSDEEP
  
  384:0NeICibDI94OnXgPKT6o9WxnyGmRHVJuvcADogX2GJhUunfcNi684fJ4QVwt2G7t:0IIrbJKQxyGCulbAiD
Score

1^/10
behavioral12 behavioral13
- Target
  
  mraid.js
- Size
  
  44KB
- MD5
  
  103bc103a4080ce6931336831b791364
- SHA1
  
  f759cb23d330937c47c9d8af59d9c6c72b7c2d05
- SHA256
  
  d42d20cc7e8a01cb50be9747bcec585654de282d9e21f340e772095cca5d07e3
- SHA512
  
  f25fa39044a8b36ce695b435f2c8583d236ced2361eb0462748d7f126a8536448ca677ab92b0fdaa17527cce333b3e30ee47f8e84616dda31a4cb940c74ced7d
- SSDEEP
  
  384:QNeICibDI94OnXgPKLeALdCW/yi8Ld8U7mPs:QIIrbJK4
Score

1^/10
behavioral14 behavioral15
- Target
  
  resourcesValidator.js
- Size
  
  5KB
- MD5
  
  dfab0f65944aa4e790bbe5f0ad0ec059
- SHA1
  
  46c5b27d1866176bdf148d77cd0061ba61d1146e
- SHA256
  
  f0303ae2bfbeeb5c201de13c957af987813c7a58727ec56314422e504c2d3591
- SHA512
  
  7b782e322e2783d9c2a7f3522fe599a63dfed7a17ef1f3bac53c350a5dfbb7803ede9c28d73239be4641aae5eeb15fc018555d789b8cbab9730fed207da78f54
- SSDEEP
  
  96:Wf1kqKIS0zmV3r5ivFdnziy23zLXY4MqAO6jm11Gt3MBApMsZ3nWp:+1k3IS0zo3r5itdnziyezLXYHqwmUH36
Score

1^/10
behavioral16 behavioral17
- Target
  
  sdkBridge.js
- Size
  
  1KB
- MD5
  
  6e8200c1940a6dc61cf1e1c634431c08
- SHA1
  
  2e37590b46a4e99057c918550302301e722ebeee
- SHA256
  
  23a6dc61850d2c604a171181bdfc7d4aacd853671eae3379614f1bc3b47ea5a9
- SHA512
  
  538537e1ded076388561caa8bdbe5126f9bc5268a98adfb53a449e410f321a4639002c31eb5e98c6b4a9c8db62c3a316383e54c375ec14209a9216b872bd21c8
Score

1^/10
behavioral18 behavioral19
- Target
  
  sdkEventHandler.js
- Size
  
  488B
- MD5
  
  a6e6614a274de0dc32d5a19b58b17ab3
- SHA1
  
  f5080bffdcd02d678717b85714e7468a4749ed1b
- SHA256
  
  b2ae0c00bdc5cf9ef5cdccd608e514e2ac254fabddce28553ca72265c0856f3d
- SHA512
  
  e2e5cc3a71291f36c13b5bd45c0a3cc6afc46156bf93d2a88a21ab20b0b2e0bb7bc2a30d8de286c071f70277341be552f54e621adb3aad1663c74e8ac50f5bad
Score

1^/10
behavioral20 behavioral21
- Target
  
  videoPostRoll.js
- Size
  
  561B
- MD5
  
  48dbb40a1ca0cf6bc7697a26864a7c6e
- SHA1
  
  7ff81a5ba996e2637519086567067cfc0bdcfa99
- SHA256
  
  a7e3a8c3aa5dfa6c65a8466045b8810b28fc639cb827170c886e3fde6cffc54c
- SHA512
  
  02e75098dc061ec33383b025e0f9045a3f2f06a92699319e53db9034360a383b9089df0fe0b6c5751ece5e02b8900812114fcaaf1a6091a450ab728219ee4b3b
Score

1^/10
behavioral22 behavioral23
- Target
  
  vpaid.js
- Size
  
  73KB
- MD5
  
  d9799d6fa8cfdf3e8106ce53363ac5fe
- SHA1
  
  9ba6120e48f24e985e9b4d273f11db0c3e95e096
- SHA256
  
  5ec997e817e32321244a7edbd852d4dd225ce67df92e54c02603d9a23661d95d
- SHA512
  
  3c12474ca367fe70d751746cdcd9ce2454919ccf9dde374ef3abf36e902deb99d3465a980195909cca4837f60ed2ef1c408be49a04ba79625ecd6737fd32ad06
- SSDEEP
  
  1536:F1jhms/F0ELBA+9omGQz/6kpECb6CDlvVCfQbwCrBQ35xCiTm3/PZ3bl0U3jBEro:Fthms/F0ENZ/6kyddW
Score

1^/10
behavioral24 behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Makes use of the framework's Accessibility service.

Removes its main activity from the application launcher

Loads dropped Dex/Jar

Reads information about phone network operator.

Requests disabling of battery optimizations (often used to enable hiding in the background).

Removes a system notification.

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25