Overview

overview

8

Static

static

6

8.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8.apk

  • Size

    4.4MB

  • Sample

    240524-pxfsxacg6x

  • MD5

    03621b63564fa891a5f20f946323d3c6

  • SHA1

    789172c78da45921035932147ae55a61cd74dbf9

  • SHA256

    01a70df936b8d827be6f689ffe9c0b798c45bab8e543106113aa88ddd9c76ec2

  • SHA512

    55965fca9488cf0edbec75418fa2c42b434c205a1d89a48e068024a2d1e7547a909608cc26657aba4891ba5659f8948f11cbeaccf09aa1e241a57b96e246fd55

  • SSDEEP

    98304:HmP2dEvZCQGO17qWa+db9XVHz4co7ePw6b+fRf:GedEvcQGIdbllto7ePfbURf

Score
8/10
androidcollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      8.apk

    • Size

      4.4MB

    • MD5

      03621b63564fa891a5f20f946323d3c6

    • SHA1

      789172c78da45921035932147ae55a61cd74dbf9

    • SHA256

      01a70df936b8d827be6f689ffe9c0b798c45bab8e543106113aa88ddd9c76ec2

    • SHA512

      55965fca9488cf0edbec75418fa2c42b434c205a1d89a48e068024a2d1e7547a909608cc26657aba4891ba5659f8948f11cbeaccf09aa1e241a57b96e246fd55

    • SSDEEP

      98304:HmP2dEvZCQGO17qWa+db9XVHz4co7ePw6b+fRf:GedEvcQGIdbllto7ePfbURf

    Score
    8/10
    collectioncredential_accessdiscoveryevasionexecutionimpactpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence
    behavioral1

MITRE ATT&CK Mobile v15

Tasks