General
-
Target
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092.bin
-
Size
3.3MB
-
Sample
240322-1wyg4sca6z
-
MD5
f350c08e3c688e6d140a374c34c0640a
-
SHA1
fcead8bc0c122135b2f4aa07b8f58916418c3c0d
-
SHA256
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092
-
SHA512
aad30d82800ec75332327405c71c563356c180c819862921e7b0f87bfa4b952a5bccb04fa1f6d5e3b78a9f0ed0ff652860e2464f14a02c31222300c50ec646d3
-
SSDEEP
49152:XNNro/+KQdPm9pdGjC76XeSZgRztdHxS5K3m/e0dpfTZS2v4mUqzZ1fNjYs+ly:XNNM3Q09yj1Xe/ztdA5Wf4TZS2p99+0
Static task
static1
Behavioral task
behavioral1
Sample
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Targets
-
-
Target
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092.bin
-
Size
3.3MB
-
MD5
f350c08e3c688e6d140a374c34c0640a
-
SHA1
fcead8bc0c122135b2f4aa07b8f58916418c3c0d
-
SHA256
b68799e9202204e52c39aa134150caf16d4a28a73ef08cbe4bb373e8b8b80092
-
SHA512
aad30d82800ec75332327405c71c563356c180c819862921e7b0f87bfa4b952a5bccb04fa1f6d5e3b78a9f0ed0ff652860e2464f14a02c31222300c50ec646d3
-
SSDEEP
49152:XNNro/+KQdPm9pdGjC76XeSZgRztdHxS5K3m/e0dpfTZS2v4mUqzZ1fNjYs+ly:XNNM3Q09yj1Xe/ztdA5Wf4TZS2p99+0
-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Requests enabling of the accessibility settings.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-