General
-
Target
1.1.1.1.apk
-
Size
4.5MB
-
Sample
240502-1g9ltsff5y
-
MD5
cc24816e6444f0a3d4c2c55a61eea186
-
SHA1
8bf52bf54675db902f34f863ae946424f2924cbc
-
SHA256
ece54563bcfc4aff039715a122dc95dc7660c194eb61ec93a8ddcc0d43c2505c
-
SHA512
b552484263091f5ccf39f40c9743c6c19b8dad89baf47b687e795172ed159de458c877d11b0cefd62de81131b543e363fb064246e045e8a77211a5589844ec38
-
SSDEEP
98304:y8omkJJupz22PtKXiYL9zmhsaDD5UEJHGbjmz5zBxTz0tcPO7o:yekHuR22wJL3yD5Ucbzt8Yb
Behavioral task
behavioral1
Sample
1.1.1.1.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
1.1.1.1.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
1.1.1.1.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Targets
-
-
Target
1.1.1.1.apk
-
Size
4.5MB
-
MD5
cc24816e6444f0a3d4c2c55a61eea186
-
SHA1
8bf52bf54675db902f34f863ae946424f2924cbc
-
SHA256
ece54563bcfc4aff039715a122dc95dc7660c194eb61ec93a8ddcc0d43c2505c
-
SHA512
b552484263091f5ccf39f40c9743c6c19b8dad89baf47b687e795172ed159de458c877d11b0cefd62de81131b543e363fb064246e045e8a77211a5589844ec38
-
SSDEEP
98304:y8omkJJupz22PtKXiYL9zmhsaDD5UEJHGbjmz5zBxTz0tcPO7o:yekHuR22wJL3yD5Ucbzt8Yb
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1