General

  • Target

    d8086f67d5e8a6b7746a4426ee1575532a848a6c40496b38014800b9c707b694.bin

  • Size

    637KB

  • Sample

    240521-1yr34sbh24

  • MD5

    979662aee27daa88aab13fab18c6b33a

  • SHA1

    f0347b51b69cb833b58e1b16b134ad4fb2b431ca

  • SHA256

    d8086f67d5e8a6b7746a4426ee1575532a848a6c40496b38014800b9c707b694

  • SHA512

    091059696f075e5ae0a6f02972b090cf250299378adcfd7588119ab70fb12d6ca3a382092de9964146a0df594f3da3842eee7190cc959c6b4b7325378569fca4

  • SSDEEP

    12288:W97/BpkcQM1xXa8bBbeQ+uiX0gzCb9N6j2mjm8jEjdUn:W9lpN1xKeBbeQri5z92mjmSEjM

Malware Config

Targets

    • Target

      d8086f67d5e8a6b7746a4426ee1575532a848a6c40496b38014800b9c707b694.bin

    • Size

      637KB

    • MD5

      979662aee27daa88aab13fab18c6b33a

    • SHA1

      f0347b51b69cb833b58e1b16b134ad4fb2b431ca

    • SHA256

      d8086f67d5e8a6b7746a4426ee1575532a848a6c40496b38014800b9c707b694

    • SHA512

      091059696f075e5ae0a6f02972b090cf250299378adcfd7588119ab70fb12d6ca3a382092de9964146a0df594f3da3842eee7190cc959c6b4b7325378569fca4

    • SSDEEP

      12288:W97/BpkcQM1xXa8bBbeQ+uiX0gzCb9N6j2mjm8jEjdUn:W9lpN1xKeBbeQri5z92mjmSEjM

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Prevents application removal

      Application may abuse the framework's APIs to prevent removal.

    • Removes its main activity from the application launcher

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Matrix

Tasks