General

  • Target

    38d93b7e7d43f0e7670a045299b8673da0e081e1894aec443ce0ab9335d7f3a2.bin

  • Size

    686KB

  • Sample

    240713-1zb4aa1fkf

  • MD5

    6edfeb079a7fa8d3b15ea068d8ef585e

  • SHA1

    c7e12167e8d1377c9d1019fbfe1a39f338bc33fe

  • SHA256

    38d93b7e7d43f0e7670a045299b8673da0e081e1894aec443ce0ab9335d7f3a2

  • SHA512

    aee6cb52810ddc4cd0a82d648d12edf07e9b78edeadb8c4a69b3528e1a019ff6a9848aff37a55d364d2397be5ac20b7a164389fd94f66fcb1e1215849daa1571

  • SSDEEP

    12288:8i8sMQ5qRyDCtmkOmjz/n9pwbEkwI19GjbIEVsqxg/yPBkhUyF48kZtVa:0sM5RyDURj7YbvXcbqUi4h2

Malware Config

Targets

    • Target

      38d93b7e7d43f0e7670a045299b8673da0e081e1894aec443ce0ab9335d7f3a2.bin

    • Size

      686KB

    • MD5

      6edfeb079a7fa8d3b15ea068d8ef585e

    • SHA1

      c7e12167e8d1377c9d1019fbfe1a39f338bc33fe

    • SHA256

      38d93b7e7d43f0e7670a045299b8673da0e081e1894aec443ce0ab9335d7f3a2

    • SHA512

      aee6cb52810ddc4cd0a82d648d12edf07e9b78edeadb8c4a69b3528e1a019ff6a9848aff37a55d364d2397be5ac20b7a164389fd94f66fcb1e1215849daa1571

    • SSDEEP

      12288:8i8sMQ5qRyDCtmkOmjz/n9pwbEkwI19GjbIEVsqxg/yPBkhUyF48kZtVa:0sM5RyDURj7YbvXcbqUi4h2

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the phone number (MSISDN for GSM devices)

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Reads information about phone network operator.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks