General

  • Target

    4139bc61833f61365f49dc165aab0ae5

  • Size

    6.7MB

  • Sample

    240517-wzxb1ace85

  • MD5

    4139bc61833f61365f49dc165aab0ae5

  • SHA1

    b5ee6910f2b22d108805099c9b805929ae6b4360

  • SHA256

    2481f133dd3594cbf18859b72faa391a4b34fd5b4261b26383242c756489bf07

  • SHA512

    ae418d555fce03630080ab7b481090cc10599be362c693a50d14d795813fed08a095b93ee877ec70596a926e3a2a9ccf804be5661f9ce5c045cbbabb91ded389

  • SSDEEP

    196608:FrhwQ/pFLOEiXG4orNIoD71Itptr/LM7P:BTpkforSoDJItptr/Q7P

Malware Config

Targets

    • Target

      4139bc61833f61365f49dc165aab0ae5

    • Size

      6.7MB

    • MD5

      4139bc61833f61365f49dc165aab0ae5

    • SHA1

      b5ee6910f2b22d108805099c9b805929ae6b4360

    • SHA256

      2481f133dd3594cbf18859b72faa391a4b34fd5b4261b26383242c756489bf07

    • SHA512

      ae418d555fce03630080ab7b481090cc10599be362c693a50d14d795813fed08a095b93ee877ec70596a926e3a2a9ccf804be5661f9ce5c045cbbabb91ded389

    • SSDEEP

      196608:FrhwQ/pFLOEiXG4orNIoD71Itptr/LM7P:BTpkforSoDJItptr/Q7P

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Acquires the wake lock

    • Checks if the internet connection is available

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks