23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070 | Triage

Sharing

General

Target

23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070.bin
Size

4.3MB
Sample

240306-1w1x8sbf5x
MD5

c09e5ec180e2ba9ef8229136b7edfd06
SHA1

548747e87edf2d49c1182ce46735517b2a92a613
SHA256

23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070
SHA512

f086bd8304043858cf826beae74280e6e9697051f0405e982e0b60f9f31cc4d02adb02bb418a482ebdc60d25f0319c232b86df2927757976c4fe9cfb8ba687d0
SSDEEP

98304:DQrETnOllY4f8GB0BOydEl1LKTXVquJ+WEFjmYVcysKz2DhTiE:swTOl2s8zdqK5qt1cyxch+E

Score

8^/10

android collection evasion

Malware Config

Targets

- Target
  
  23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070.bin
- Size
  
  4.3MB
- MD5
  
  c09e5ec180e2ba9ef8229136b7edfd06
- SHA1
  
  548747e87edf2d49c1182ce46735517b2a92a613
- SHA256
  
  23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070
- SHA512
  
  f086bd8304043858cf826beae74280e6e9697051f0405e982e0b60f9f31cc4d02adb02bb418a482ebdc60d25f0319c232b86df2927757976c4fe9cfb8ba687d0
- SSDEEP
  
  98304:DQrETnOllY4f8GB0BOydEl1LKTXVquJ+WEFjmYVcysKz2DhTiE:swTOl2s8zdqK5qt1cyxch+E
Score

8^/10

collection evasion
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Requests enabling of the accessibility settings.
- Acquires the wake lock
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Input Injection

Credential Access

Discovery

Lateral Movement

Collection

Screen Capture

Command and Control

Exfiltration

Impact

Input Injection

Tasks

static1

behavioral1

collectionevasion

behavioral2

collectionevasion