General
-
Target
fe1be052250f53b52017499744451c614e4771a392efa37afeb1b4774d861df0.zip
-
Size
1.4MB
-
Sample
240502-ct8cjaed6t
-
MD5
ea763f5f92a66c49bf09e411ed56aa91
-
SHA1
542e42f9c5bb76a52201f8201c9cb74ef42f6ca9
-
SHA256
fe1be052250f53b52017499744451c614e4771a392efa37afeb1b4774d861df0
-
SHA512
fdc5aa4c570b0e4af513f7f62d64a420ed42d378a1edc4ddb93aeacdb2216be4ed6e0f907170fb22cab2aced2d065792623f34ee0a38a52ccd7e298fd3a7060c
-
SSDEEP
24576:6uEHnPqQ7129BgZCl0e0llmRBfaLuUQFsudmNdhJSOfo5BcCdIuKZgpDAg/4zgdY:buPqxAZCOe0llgwBVSO07XKZgpDFzdgv
Malware Config
Targets
-
-
Target
fe1be052250f53b52017499744451c614e4771a392efa37afeb1b4774d861df0.zip
-
Size
1.4MB
-
MD5
ea763f5f92a66c49bf09e411ed56aa91
-
SHA1
542e42f9c5bb76a52201f8201c9cb74ef42f6ca9
-
SHA256
fe1be052250f53b52017499744451c614e4771a392efa37afeb1b4774d861df0
-
SHA512
fdc5aa4c570b0e4af513f7f62d64a420ed42d378a1edc4ddb93aeacdb2216be4ed6e0f907170fb22cab2aced2d065792623f34ee0a38a52ccd7e298fd3a7060c
-
SSDEEP
24576:6uEHnPqQ7129BgZCl0e0llmRBfaLuUQFsudmNdhJSOfo5BcCdIuKZgpDAg/4zgdY:buPqxAZCOe0llgwBVSO07XKZgpDFzdgv
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests enabling of the accessibility settings.
-
Acquires the wake lock
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1