General
-
Target
d59a4848b584fdd93eb3d0b554a8df58
-
Size
1.4MB
-
Sample
240501-yd923sha98
-
MD5
d59a4848b584fdd93eb3d0b554a8df58
-
SHA1
c60756e85bc596c61fdd4caf3fec9a0d995c4274
-
SHA256
32e4dee58ea17addc5df4ffb862ab3a8df1697598cb6437f92de4075665812c2
-
SHA512
2c34e5cac3ef7063f5ce145975b6fdd025753005b6352d1f2b83aac9c7cfd15f3e065dffb4aab9c1815626277d8c28ade94e5d7ae8803d7349a9f573fe6a0ee8
-
SSDEEP
24576:UsMX7QNP9BBPhW70qVZybbQe7mPbDYxNR18jregpfOV/4zgdfw:UjodEIqqXQe7ag/8regpfWzd4
Malware Config
Targets
-
-
Target
d59a4848b584fdd93eb3d0b554a8df58
-
Size
1.4MB
-
MD5
d59a4848b584fdd93eb3d0b554a8df58
-
SHA1
c60756e85bc596c61fdd4caf3fec9a0d995c4274
-
SHA256
32e4dee58ea17addc5df4ffb862ab3a8df1697598cb6437f92de4075665812c2
-
SHA512
2c34e5cac3ef7063f5ce145975b6fdd025753005b6352d1f2b83aac9c7cfd15f3e065dffb4aab9c1815626277d8c28ade94e5d7ae8803d7349a9f573fe6a0ee8
-
SSDEEP
24576:UsMX7QNP9BBPhW70qVZybbQe7mPbDYxNR18jregpfOV/4zgdfw:UjodEIqqXQe7ag/8regpfWzd4
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests enabling of the accessibility settings.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1