General

  • Target

    51a9cd06be4b8f4217b0e64d3ac6b1d6

  • Size

    2.4MB

  • Sample

    240517-w1g9gacd9z

  • MD5

    51a9cd06be4b8f4217b0e64d3ac6b1d6

  • SHA1

    1b5a70003fcee4f645808e39c77b6dd413f8f095

  • SHA256

    08459eaa71168800b247e15f0c8618f26a920758aafac8eed3d32053fdafc121

  • SHA512

    30c4ac4a93a187ccd49ac56e2b8e702d6852ccf51b8fa078d42d518872c24294809bd1a37ce3e7984077c9e59b94aba1c66585cfb2d28f02b5ffee6eb7f0dcaf

  • SSDEEP

    49152:IrH9opd8WrPq/O/hd/4uEO3LEH0BWH8lg:IrYK+qehd/REuLE0IHGg

Malware Config

Targets

    • Target

      51a9cd06be4b8f4217b0e64d3ac6b1d6

    • Size

      2.4MB

    • MD5

      51a9cd06be4b8f4217b0e64d3ac6b1d6

    • SHA1

      1b5a70003fcee4f645808e39c77b6dd413f8f095

    • SHA256

      08459eaa71168800b247e15f0c8618f26a920758aafac8eed3d32053fdafc121

    • SHA512

      30c4ac4a93a187ccd49ac56e2b8e702d6852ccf51b8fa078d42d518872c24294809bd1a37ce3e7984077c9e59b94aba1c66585cfb2d28f02b5ffee6eb7f0dcaf

    • SSDEEP

      49152:IrH9opd8WrPq/O/hd/4uEO3LEH0BWH8lg:IrYK+qehd/REuLE0IHGg

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Prevents application removal

      Application may abuse the framework's APIs to prevent removal.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Mobile v15

Tasks