Overview

overview

10

Static

static

10

136efade44...8c.apk

android-9-x86

8

136efade44...8c.apk

android-10-x64

8

136efade44...8c.apk

android-11-x64

8

Resubmissions

05-04-2024 10:47

240405-mvz3naad47 10

05-04-2024 10:47

240405-mvsctaad43 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16407610208.zip

  • Size

    4.4MB

  • Sample

    240405-mvz3naad47

  • MD5

    e49dcbe52ef6e08bebc9bd1a21f690bd

  • SHA1

    e2f5307fb28ba809934b87e19623e3013855e3bb

  • SHA256

    eceba679afd1c5d60c4861a2d82ac521d343d5e3adb8cce85effe0802b85d394

  • SHA512

    e1918cd5ecba3b5535de8c49fccd19137e97f2805c3cb49df0b97ffab0cd68d6347db8bd79887867b82f911dce498f3a13fcc6fc4aaf5f1a015a3b96e871e647

  • SSDEEP

    98304:bLtyuSnyS4E2YtSGPPx6F3sfa52gG9uD2irG:bLtzx7EPNwF3Qa5f24G

Score
10/10
irataandroidcollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      136efade44da726858480a9b56aab5a9509e7c04b71fec08e9b779c069632d8c

    • Size

      4.5MB

    • MD5

      f1ae4692dfd5977fdec487bf55119008

    • SHA1

      5469926232601e434617b7f0dce3fc22c9069a3b

    • SHA256

      136efade44da726858480a9b56aab5a9509e7c04b71fec08e9b779c069632d8c

    • SHA512

      1746e032d88afa9a49a4598820fd1c57ba427da43b6f186434a64b1928aef83af32912eedf18f397627ad02ef3d4bb7df7fc5ccde0478ce0e0f04d87527c3033

    • SSDEEP

      98304:4hinthin6thinyhinxdhinihinkhin8hin+MNN90XpBzhc8Hj0CZsjhxwjT1X+1W:OCrC6rCECx7CUC6CiC+MNNIpPc8HYeOo

    Score
    8/10
    collectiondiscoveryevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks