General

  • Target

    aac85152575a598cc55ade1d182f10bb

  • Size

    366KB

  • Sample

    240228-c2g6bahc2y

  • MD5

    aac85152575a598cc55ade1d182f10bb

  • SHA1

    543285bb57e705944858c80d3639440110e03a56

  • SHA256

    e0d3ee34e12845ad99e8e23fd0cfbed54c7640eabea957337dec0176d152f837

  • SHA512

    8fc0e218488c7c3e8f1b01d4f0b68ea7ae971b0fc8cc4882c224fa3c1e441487aa8604ad2598e1ea85572748382e2d4803ec56aeec9cd7fbe0af3f7302f3dcb6

  • SSDEEP

    6144:pDX3PgFSTNvKVcEvVpUowVrK/gU8eqX4BXMHZF+4K6bezMyWUbobjbsbabwEzLOT:pz3PgyNmLLKNMw4C5g4K6b6Qnkawdt

Malware Config

Targets

    • Target

      aac85152575a598cc55ade1d182f10bb

    • Size

      366KB

    • MD5

      aac85152575a598cc55ade1d182f10bb

    • SHA1

      543285bb57e705944858c80d3639440110e03a56

    • SHA256

      e0d3ee34e12845ad99e8e23fd0cfbed54c7640eabea957337dec0176d152f837

    • SHA512

      8fc0e218488c7c3e8f1b01d4f0b68ea7ae971b0fc8cc4882c224fa3c1e441487aa8604ad2598e1ea85572748382e2d4803ec56aeec9cd7fbe0af3f7302f3dcb6

    • SSDEEP

      6144:pDX3PgFSTNvKVcEvVpUowVrK/gU8eqX4BXMHZF+4K6bezMyWUbobjbsbabwEzLOT:pz3PgyNmLLKNMw4C5g4K6b6Qnkawdt

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks