Overview

overview

8

Static

static

6

05B5E5C3F1...F3.apk

android-9-x86

8

05B5E5C3F1...F3.apk

android-10-x64

8

05B5E5C3F1...F3.apk

android-11-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    05B5E5C3F137413DA8E304B141F464BDAE154B91B08F97BFBC4A840785517BF3.apk

  • Size

    2.6MB

  • Sample

    240318-xzvc3sgb74

  • MD5

    6b9d7d6258ab2c06167a43cbff62c6f8

  • SHA1

    f16ff8419308676ac32baeecfe9143acc9f2ee61

  • SHA256

    05b5e5c3f137413da8e304b141f464bdae154b91b08f97bfbc4a840785517bf3

  • SHA512

    f383c5cd1162afc331b3babb1328d1574a19708660ffe5860994ccd9a718cce8c1a750a3cdc26d0f86b61b21c78e1fffdd7f7bbafff9b0f4801bc64fce0996a1

  • SSDEEP

    49152:GL41pQ71qEfLow2UZD93yJQJ5GYFGpSUE0EOiLfeJfdJRrv2tfW:GLXpqEfLow2WwQuY8pLMOjJVJZvSW

Score
8/10
androidcollectionevasionstealthtrojan

Malware Config

Targets

    • Target

      05B5E5C3F137413DA8E304B141F464BDAE154B91B08F97BFBC4A840785517BF3.apk

    • Size

      2.6MB

    • MD5

      6b9d7d6258ab2c06167a43cbff62c6f8

    • SHA1

      f16ff8419308676ac32baeecfe9143acc9f2ee61

    • SHA256

      05b5e5c3f137413da8e304b141f464bdae154b91b08f97bfbc4a840785517bf3

    • SHA512

      f383c5cd1162afc331b3babb1328d1574a19708660ffe5860994ccd9a718cce8c1a750a3cdc26d0f86b61b21c78e1fffdd7f7bbafff9b0f4801bc64fce0996a1

    • SSDEEP

      49152:GL41pQ71qEfLow2UZD93yJQJ5GYFGpSUE0EOiLfeJfdJRrv2tfW:GLXpqEfLow2WwQuY8pLMOjJVJZvSW

    Score
    8/10
    collectionevasionstealthtrojan

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks