General

  • Target

    VirusShare_1c7281343ebeba4487305044fafee2bb

  • Size

    37KB

  • Sample

    240608-wy3sdsfb44

  • MD5

    1c7281343ebeba4487305044fafee2bb

  • SHA1

    1020aaf3c82d6b4470394cdfed85806f732d1203

  • SHA256

    ee02d277152183f6b4df1b846945c2c4d8ce6f15d5eadedbd6bd89542e48ed58

  • SHA512

    c97deda56f7939b5796abfedc473ff1c74bab10ba676c4138f59097b406e802d46096cb97ba17f37c34c130c0958500e05eb742276d743cff3eb17c271246c75

  • SSDEEP

    768:iJ2GYulSKRhF/XOsyhMtEzzHHiNmZGwSdFkM82E6DqYPKFF/z2R:iJ26SKRjXO6ijHKmZKkM8X/Ys/a

Malware Config

Targets

    • Target

      VirusShare_1c7281343ebeba4487305044fafee2bb

    • Size

      37KB

    • MD5

      1c7281343ebeba4487305044fafee2bb

    • SHA1

      1020aaf3c82d6b4470394cdfed85806f732d1203

    • SHA256

      ee02d277152183f6b4df1b846945c2c4d8ce6f15d5eadedbd6bd89542e48ed58

    • SHA512

      c97deda56f7939b5796abfedc473ff1c74bab10ba676c4138f59097b406e802d46096cb97ba17f37c34c130c0958500e05eb742276d743cff3eb17c271246c75

    • SSDEEP

      768:iJ2GYulSKRhF/XOsyhMtEzzHHiNmZGwSdFkM82E6DqYPKFF/z2R:iJ26SKRjXO6ijHKmZKkM8X/Ys/a

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Reads the content of the call log.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Tries to add a device administrator.

MITRE ATT&CK Matrix

Tasks