General

  • Target

    Pm Muft Bijli.apk

  • Size

    6.1MB

  • Sample

    240618-hd7c7a1enf

  • MD5

    e1826f853218817bce658bdfd33bf530

  • SHA1

    361a6b7c9b770c4ab4b7dd3eb39961675fedbbc9

  • SHA256

    92c9360682de82643f4b08ef95e8ed86cdbcb96a5d11e1fd140d402c3707f0c4

  • SHA512

    f307ff09e94969f39e951c46f2a92587add7dd94e8f8852b787445471dddf41eb7555e3d127c4db30cf9ecce7571c5081d94ed384974714cc2aea6f85d9be4a1

  • SSDEEP

    98304:pT4cpu6g+pv4HzRKvlj3inXwiZ5f4ouRRBZrxtHm7+FiRrOSEjiP3:pTl62azYWgikbTltHaIzo3

Malware Config

Targets

    • Target

      Pm Muft Bijli.apk

    • Size

      6.1MB

    • MD5

      e1826f853218817bce658bdfd33bf530

    • SHA1

      361a6b7c9b770c4ab4b7dd3eb39961675fedbbc9

    • SHA256

      92c9360682de82643f4b08ef95e8ed86cdbcb96a5d11e1fd140d402c3707f0c4

    • SHA512

      f307ff09e94969f39e951c46f2a92587add7dd94e8f8852b787445471dddf41eb7555e3d127c4db30cf9ecce7571c5081d94ed384974714cc2aea6f85d9be4a1

    • SSDEEP

      98304:pT4cpu6g+pv4HzRKvlj3inXwiZ5f4ouRRBZrxtHm7+FiRrOSEjiP3:pTl62azYWgikbTltHaIzo3

    • Reads the contacts stored on the device.

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks