General
-
Target
voter-helpline.apk
-
Size
18.8MB
-
Sample
240219-vabhkage3y
-
MD5
a2e8794125d79779686777184b123142
-
SHA1
f3aeef1c9ed1f35136835d004c8e9936e38f0b59
-
SHA256
a0aa41eb5601a530bf895f171bf5a28f70f898bc9b6119b3dfd90830d4708a89
-
SHA512
683faa40423dbff94ba19984d35030dbdbf301fea0ffa8307b45e843b7bbfd652019d04da587e17713ac491bb59cbf8727363d6ccba9e29a677d764dea4e3e1b
-
SSDEEP
393216:eElIRgFXjIRoFpQl3cdUFsKFbDWvJM4ymZ5gjZC+Er:eeIuRjIAel3cSFsKFbDWq4fgjZC
Malware Config
Targets
-
-
Target
voter-helpline.apk
-
Size
18.8MB
-
MD5
a2e8794125d79779686777184b123142
-
SHA1
f3aeef1c9ed1f35136835d004c8e9936e38f0b59
-
SHA256
a0aa41eb5601a530bf895f171bf5a28f70f898bc9b6119b3dfd90830d4708a89
-
SHA512
683faa40423dbff94ba19984d35030dbdbf301fea0ffa8307b45e843b7bbfd652019d04da587e17713ac491bb59cbf8727363d6ccba9e29a677d764dea4e3e1b
-
SSDEEP
393216:eElIRgFXjIRoFpQl3cdUFsKFbDWvJM4ymZ5gjZC+Er:eeIuRjIAel3cSFsKFbDWq4fgjZC
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1