General
-
Target
boomersbrothel-vip.apk
-
Size
5.4MB
-
Sample
231215-wdak4sgdep
-
MD5
e6f246802ff7822b8fc6573784f94271
-
SHA1
ddcd61cdbbdeca21da83c7fc8a8197e0dba5388f
-
SHA256
7614c139af4efeb16fba0590131dfcb1c506e6f0294d8f194c31b0f0e4946146
-
SHA512
b3268f0fd81e7df9947d2e823302497cc573c5a471b6a2427419b8a1747b1d34d2d3f9978716ee4eceb4b16cc3b5e09ce5fa9439af143af29d05cbb01eb39973
-
SSDEEP
98304:RbIQIFnxIKGxFSzNUTsNCSeb8M7BTccEN1cNC3L5baR6KyQIK80X+yt/dCcPLJ33:R36ntGsNUYMtBtTnXNqVaReA8MYcLJ33
Malware Config
Targets
-
-
Target
boomersbrothel-vip.apk
-
Size
5.4MB
-
MD5
e6f246802ff7822b8fc6573784f94271
-
SHA1
ddcd61cdbbdeca21da83c7fc8a8197e0dba5388f
-
SHA256
7614c139af4efeb16fba0590131dfcb1c506e6f0294d8f194c31b0f0e4946146
-
SHA512
b3268f0fd81e7df9947d2e823302497cc573c5a471b6a2427419b8a1747b1d34d2d3f9978716ee4eceb4b16cc3b5e09ce5fa9439af143af29d05cbb01eb39973
-
SSDEEP
98304:RbIQIFnxIKGxFSzNUTsNCSeb8M7BTccEN1cNC3L5baR6KyQIK80X+yt/dCcPLJ33:R36ntGsNUYMtBtTnXNqVaReA8MYcLJ33
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
childapp.apk
-
Size
9.3MB
-
MD5
03f90a93ebc7efc3d659316ddaf5ad7f
-
SHA1
16f390153e7e20527986d94b59921de1667741a7
-
SHA256
12789207f5b450b2a1c0bcf37bc38d05abf8bcad214e6e5cdcc9ca334213a475
-
SHA512
13ed65e387b779315dc5bc7682a2de9cd4b5dbd0894ad90fb499af30f99f51a508479a0f106a3c3ab28860cc5d48fdda433ea64d2f0145fb16c5ffd13612715a
-
SSDEEP
98304:bnLIST4EuX895UU+Ap6XZjXKnXqyNpFKmzHzBqT90tgxL6:DLI84ZYrVpADCrN3lzEyp
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-