953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b | Triage

Submit
Reports

Overview

overview

8

Static

static

6

953003f273...9b.apk

953003f273...9b.apk

android-10-x64

8

953003f273...9b.apk

android-11-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b
Size

2.7MB
Sample

231220-kbvmqafba3
MD5

aef22255be7749e9638470e7a1a54d62
SHA1

f70a221ed4d27f99935eff00084256c6381dd408
SHA256

953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b
SHA512

2cbdfcc798a78a7363ec99783b3484393aca2e6f14ccfe75e08a6053bc7bdb12d621a95c5bc1edba198a458b1cdc7fbf856284fe95c6f6bde3fb2b6f87ee666b
SSDEEP

49152://UfXySOWuYslgWeLU2N8V91qN/dXQilkoTx2K6leV4Wsbl22y+DPk:/QClWu1vA/xQilkMxd8bl223Dk

Score

8^/10

android evasion stealth trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b.apk

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b.apk

Resource

android-x64-20231215-en

evasion stealth trojan

android-10-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b.apk

Resource

android-x64-arm64-20231215-en

evasion stealth trojan

android-11-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b
- Size
  
  2.7MB
- MD5
  
  aef22255be7749e9638470e7a1a54d62
- SHA1
  
  f70a221ed4d27f99935eff00084256c6381dd408
- SHA256
  
  953003f273f3896aa738e90269366da6d510fe33724712a10471ec9b496fde9b
- SHA512
  
  2cbdfcc798a78a7363ec99783b3484393aca2e6f14ccfe75e08a6053bc7bdb12d621a95c5bc1edba198a458b1cdc7fbf856284fe95c6f6bde3fb2b6f87ee666b
- SSDEEP
  
  49152://UfXySOWuYslgWeLU2N8V91qN/dXQilkoTx2K6leV4Wsbl22y+DPk:/QClWu1vA/xQilkMxd8bl223Dk
Score

8^/10

evasion stealth trojan
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
- Reads information about phone network operator.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

evasionstealthtrojan

behavioral3

evasionstealthtrojan

© 2018-2025

Terms | Privacy