General
-
Target
045330ef0d19746db919d9945c680fe51e96f9f63c5250a16cf42762061ebea8.bin
-
Size
120KB
-
Sample
240714-1xxl7svbpj
-
MD5
0376b364986dc712556bd56f8981a082
-
SHA1
a60c35b0b7fda8e655c487ccfa1a426251ec1cd1
-
SHA256
045330ef0d19746db919d9945c680fe51e96f9f63c5250a16cf42762061ebea8
-
SHA512
16918b3a7d8fba4c56dc59e09b0d328684cfc1024aa2623475606b1e633758133fbd598bd2e9a54c48b9422b463fd5dcca24cc76e7738f8af73bbfb7fad53a45
-
SSDEEP
3072:TyrKyaL31NosnaKkrX0BVDANUWI8a0w+iR91UR9wR91DR97:TyOXL31Wsa10BVh8u5r1Urwr1Dr7
Malware Config
Targets
-
-
Target
045330ef0d19746db919d9945c680fe51e96f9f63c5250a16cf42762061ebea8.bin
-
Size
120KB
-
MD5
0376b364986dc712556bd56f8981a082
-
SHA1
a60c35b0b7fda8e655c487ccfa1a426251ec1cd1
-
SHA256
045330ef0d19746db919d9945c680fe51e96f9f63c5250a16cf42762061ebea8
-
SHA512
16918b3a7d8fba4c56dc59e09b0d328684cfc1024aa2623475606b1e633758133fbd598bd2e9a54c48b9422b463fd5dcca24cc76e7738f8af73bbfb7fad53a45
-
SSDEEP
3072:TyrKyaL31NosnaKkrX0BVDANUWI8a0w+iR91UR9wR91DR97:TyOXL31Wsa10BVh8u5r1Urwr1Dr7
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Requests enabling of the accessibility settings.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1