681746480927bb0ea963274be95e56ffc5f56aa447003394b40bd9f2f094599c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

681746480927bb0ea963274be95e56ffc5f56aa447003394b40bd9f2f094599c.bin
Size

3.2MB
Sample

240614-apd7sa1dnn
MD5

5980eb10e48de34b102deff85d574be0
SHA1

611f659aaf6cc2ae139ca857b8a80e4a118aa0cc
SHA256

681746480927bb0ea963274be95e56ffc5f56aa447003394b40bd9f2f094599c
SHA512

c1ae0a18f674fc2d3c802d3224ccfaaba65b40596107e4b1b098a47be99ba8ecb070ecf03d1202880a5d2eaf9b00b88836e2b33b6e5043b8257d7e1318c3a7c2
SSDEEP

98304:yWJECs296ETOp2VgUk3XH2ZQvUzfrivHlA:yW6Cs2IwUkkHH08W

Score

7^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  681746480927bb0ea963274be95e56ffc5f56aa447003394b40bd9f2f094599c.bin
- Size
  
  3.2MB
- MD5
  
  5980eb10e48de34b102deff85d574be0
- SHA1
  
  611f659aaf6cc2ae139ca857b8a80e4a118aa0cc
- SHA256
  
  681746480927bb0ea963274be95e56ffc5f56aa447003394b40bd9f2f094599c
- SHA512
  
  c1ae0a18f674fc2d3c802d3224ccfaaba65b40596107e4b1b098a47be99ba8ecb070ecf03d1202880a5d2eaf9b00b88836e2b33b6e5043b8257d7e1318c3a7c2
- SSDEEP
  
  98304:yWJECs296ETOp2VgUk3XH2ZQvUzfrivHlA:yW6Cs2IwUkkHH08W
Score

7^/10

discovery evasion persistence collection credential_access impact
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion credential_access
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Input Injection

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Input Capture

GUI Input Capture

Keylogging

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Input Capture

GUI Input Capture

Keylogging

Screen Capture

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Input Injection

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessevasionimpact