General

  • Target

    8f0bd17f682bdeb169ea0e1012c86a749a6bb466de3bed2feb2ee0e9ead1bcf9

  • Size

    4.1MB

  • Sample

    240618-zkd4nawekd

  • MD5

    468de34b866e9542f1fe58d51d7c9d8a

  • SHA1

    b9f6126e52ce0b61389b9595dc115b5ae77e502e

  • SHA256

    8f0bd17f682bdeb169ea0e1012c86a749a6bb466de3bed2feb2ee0e9ead1bcf9

  • SHA512

    189799386a3930eb5187e2845ec9cf0eb79c6ed4c1959ce596cd6f32340d2160a2501a4bddaa101b1fc87f036cd32f222ff6908df4ec3189876e28d1d7f42027

  • SSDEEP

    49152:TIWTikG9V8r0cguYq5QTOUzdGGrmzmlU0yCS+9Pc3UTLY33tzcmoI+Bg98crw/QD:cX8r0tfTbzBrmzvQTLYtN+BgXtG3o7h

Malware Config

Targets

    • Target

      8f0bd17f682bdeb169ea0e1012c86a749a6bb466de3bed2feb2ee0e9ead1bcf9

    • Size

      4.1MB

    • MD5

      468de34b866e9542f1fe58d51d7c9d8a

    • SHA1

      b9f6126e52ce0b61389b9595dc115b5ae77e502e

    • SHA256

      8f0bd17f682bdeb169ea0e1012c86a749a6bb466de3bed2feb2ee0e9ead1bcf9

    • SHA512

      189799386a3930eb5187e2845ec9cf0eb79c6ed4c1959ce596cd6f32340d2160a2501a4bddaa101b1fc87f036cd32f222ff6908df4ec3189876e28d1d7f42027

    • SSDEEP

      49152:TIWTikG9V8r0cguYq5QTOUzdGGrmzmlU0yCS+9Pc3UTLY33tzcmoI+Bg98crw/QD:cX8r0tfTbzBrmzvQTLYtN+BgXtG3o7h

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

    • Queries information about active data network

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks