Overview

overview

8

Static

static

6

25253744c3...f7.apk

android-9-x86

8

25253744c3...f7.apk

android-10-x64

8

25253744c3...f7.apk

android-11-x64

8

Resubmissions

09/05/2024, 17:36

240509-v6sfysea7w 8

09/05/2024, 17:35

240509-v6evvsea5s 6

09/05/2024, 13:58

240509-q9shxaga24 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25253744c33ab516d6731f8002e8fe590560b3c4d250acd19bad8eab46adfef7.apk

  • Size

    7.0MB

  • Sample

    240509-q9shxaga24

  • MD5

    015fb1c3b18f860a54e0200180bf3fe0

  • SHA1

    d522525c3978c0b800f076c1f11c3b86fa81a594

  • SHA256

    25253744c33ab516d6731f8002e8fe590560b3c4d250acd19bad8eab46adfef7

  • SHA512

    226f4f80a97b2e13de840f5c4aa9a8f7038d2f9285fbe244cced749ccf0a043b4535963cb474a50e595f8310dbae1e87de5cef86b7b27eef1e6273cef3f3c054

  • SSDEEP

    196608:hOFHYvVJnmf0n8BhsUsa0K4tlsG7wzbk1Zn5zuSN:hOFHYznA0nuFsa0rlsGMzYbR7

Score
8/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      25253744c33ab516d6731f8002e8fe590560b3c4d250acd19bad8eab46adfef7.apk

    • Size

      7.0MB

    • MD5

      015fb1c3b18f860a54e0200180bf3fe0

    • SHA1

      d522525c3978c0b800f076c1f11c3b86fa81a594

    • SHA256

      25253744c33ab516d6731f8002e8fe590560b3c4d250acd19bad8eab46adfef7

    • SHA512

      226f4f80a97b2e13de840f5c4aa9a8f7038d2f9285fbe244cced749ccf0a043b4535963cb474a50e595f8310dbae1e87de5cef86b7b27eef1e6273cef3f3c054

    • SSDEEP

      196608:hOFHYvVJnmf0n8BhsUsa0K4tlsG7wzbk1Zn5zuSN:hOFHYznA0nuFsa0rlsGMzYbR7

    Score
    8/10
    collectioncredential_accessdiscoveryevasionimpactpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks