Overview

overview

10

Static

static

10

19e74d9f56...5a.apk

android-9-x86

8

19e74d9f56...5a.apk

android-10-x64

8

19e74d9f56...5a.apk

android-11-x64

8

2242164a5d...22.apk

android-9-x86

7

2242164a5d...22.apk

android-10-x64

7

2242164a5d...22.apk

android-11-x64

7

51e4cb5f7a...be.apk

android-9-x86

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16241147540.zip

  • Size

    19.8MB

  • Sample

    240327-lflq2scd4v

  • MD5

    1cd57ae62aff4377054d05678b7aeb4e

  • SHA1

    cfd188f234cc5299432ddf016cf0fea89a58ae5c

  • SHA256

    545e1638a22602271762ce27fac8d4493b2b80b5b5de5abe256cb2934864c782

  • SHA512

    034eba06acf15a58520cf57da06f7174b106dfc36cfa0a25b279c3db0ea9bfc96199e95c932239ff77835b340560dae21f37d4844a594c11f9b23f89c6d9f789

  • SSDEEP

    393216:8N7NET4QlvVjyrOF0Hm6Sh2f1iH1QBSZwGnfpO0YBSCb6Jo6goy2ndpFELow9:8ZNcxvVjyyF0Ta2f1fCwGnhO08SO8RZK

Score
10/10
irataandroidcollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      19e74d9f5649e9180b2b32b95c654e7fe448d989a44c15c9b3c245fa3150df5a

    • Size

      4.5MB

    • MD5

      f0fffd3459637546cf65cff79da1bde7

    • SHA1

      49aae3372d8d63be7b2adf057739429cbebf861b

    • SHA256

      19e74d9f5649e9180b2b32b95c654e7fe448d989a44c15c9b3c245fa3150df5a

    • SHA512

      8a182ca9c9e780a9e0df6c80ca1ab36f89d84312196e7985ae7ac2fc624ba80163514042e610e50548d8c861239633efe20ebe0bf60daffc45430f9e8b855425

    • SSDEEP

      98304:u9hinlhin6Vhinahinx1hin6hinshinUhinxIeZ9o2mH9krEXw:ubCzC6DC8CxjCcCyCKCxN9pmH9kIXw

    Score
    8/10
    collectionevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Acquires the wake lock

    behavioral1behavioral2behavioral3

    • Target

      2242164a5dacbf84465af4b36743c4874eac7688a6ebcc44cdc93940ce1d4622

    • Size

      12.9MB

    • MD5

      ecfb0e004eaa80c80e0361785ce2d2f4

    • SHA1

      e078e9d6d27a2c5077e5c9d151df1bcb6a1b0320

    • SHA256

      2242164a5dacbf84465af4b36743c4874eac7688a6ebcc44cdc93940ce1d4622

    • SHA512

      0f5b2a2ae8a510930607a536ab5a57fd76d05c647ffbe43396f3d95fe68408a0ef6ccc4838ef4b5f9b4d2ad6545e6bd9b82fcf476d429b86d9dea5ca1766c1a6

    • SSDEEP

      393216:uLDcQFEEfSc5avdRapbX5/E4VxSxGYoga:uUQGFep1/EAxJga

    Score
    7/10
    evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Acquires the wake lock

    • Reads information about phone network operator.

      discovery
    behavioral4behavioral5behavioral6

    • Target

      51e4cb5f7ae8defcb429de7a3476de7f4aa60deccd76a17f8aa03d3fddf1a0be

    • Size

      3.8MB

    • MD5

      d340ac0147b45dbdc5b9788637c45cd3

    • SHA1

      46ec355e8e732b54f47524551134a6533a862b86

    • SHA256

      51e4cb5f7ae8defcb429de7a3476de7f4aa60deccd76a17f8aa03d3fddf1a0be

    • SHA512

      6492687b803392669c9e2f480dbc5d5eeeb5f80cfb26d9aded170b6ed9c9538f588732780247b97db1dbe34895d7b26b539e030c5fd6d3cb03544e4ed231af5c

    • SSDEEP

      98304:zxtG2orAN5w/nWsdtfKqYRvtL0KwZ2bmYaDUUmiXY2aBX:zxtG2o0N5aWsdBbY9tYf2ifvXYZBX

    Score
    7/10
    evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion
    behavioral7

MITRE ATT&CK Mobile v15

Tasks