General
-
Target
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05.bin
-
Size
4.5MB
-
Sample
240708-1yah3atdkf
-
MD5
7a4e9e5692e0031e130dbc41f3d74b82
-
SHA1
87f852299fcbc26dcbd2b13863a8a6b95a7eb887
-
SHA256
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05
-
SHA512
297a725164845d8979ae56d44dfd97ed8ac375dc4d006acdc006d7f454a46eab36e2ee1195b34888d7cd327b2ab94424a5f6654d114269c8a4b65aecb2a620dd
-
SSDEEP
98304:xvfDsApBsi94NI1XiTMJwKgMQSrxD0edD0ND0YD0EvD0nALD0LD0sD0/0G:5g+V4NI4TMJwKrQUD3D0DdD5DCODKD1a
Behavioral task
behavioral1
Sample
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05.bin
-
Size
4.5MB
-
MD5
7a4e9e5692e0031e130dbc41f3d74b82
-
SHA1
87f852299fcbc26dcbd2b13863a8a6b95a7eb887
-
SHA256
790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05
-
SHA512
297a725164845d8979ae56d44dfd97ed8ac375dc4d006acdc006d7f454a46eab36e2ee1195b34888d7cd327b2ab94424a5f6654d114269c8a4b65aecb2a620dd
-
SSDEEP
98304:xvfDsApBsi94NI1XiTMJwKgMQSrxD0edD0ND0YD0EvD0nALD0LD0sD0/0G:5g+V4NI4TMJwKrQUD3D0DdD5DCODKD1a
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1