General

  • Target

    4ae3654b7ed172b0273e7c7448b0c23c.apk

  • Size

    11.0MB

  • Sample

    240517-wz8d9sce98

  • MD5

    4ae3654b7ed172b0273e7c7448b0c23c

  • SHA1

    f3a4feedd4f62702c65b037a91bd8332d9518c08

  • SHA256

    24e5b2967437dbc1866df3ac1bf776a4960a5a56676b48bb9a143e62849a43d2

  • SHA512

    b44fb63a691d45e2c7feca3cf5b12a065fe4915609b20395658439917c65978a91dc1a23761917facaed0083acf541fa5674b9de54f2d700f578e0e85054e4df

  • SSDEEP

    196608:V7sUd1RWW/lZ6B4K0/2tNdBVHuqdeodZd+5w+mpWAvBoP2aDq0mxpU:V7X+jptNhuqdimHoPHaU

Malware Config

Targets

    • Target

      4ae3654b7ed172b0273e7c7448b0c23c.apk

    • Size

      11.0MB

    • MD5

      4ae3654b7ed172b0273e7c7448b0c23c

    • SHA1

      f3a4feedd4f62702c65b037a91bd8332d9518c08

    • SHA256

      24e5b2967437dbc1866df3ac1bf776a4960a5a56676b48bb9a143e62849a43d2

    • SHA512

      b44fb63a691d45e2c7feca3cf5b12a065fe4915609b20395658439917c65978a91dc1a23761917facaed0083acf541fa5674b9de54f2d700f578e0e85054e4df

    • SSDEEP

      196608:V7sUd1RWW/lZ6B4K0/2tNdBVHuqdeodZd+5w+mpWAvBoP2aDq0mxpU:V7X+jptNhuqdimHoPHaU

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Reads the contacts stored on the device.

    • Reads the content of SMS inbox messages.

    • Reads the content of outgoing SMS messages.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Mobile v15

Tasks