General
-
Target
chinhphu0703apk.apk
-
Size
9.4MB
-
Sample
240723-s1cr7szfjb
-
MD5
a98e49daeef03cbc3cc791137204df63
-
SHA1
84814338a199bfd3707a5daf8333c06b0e17a0bc
-
SHA256
3ca565f5fd0b136aed50c9830895f614abf9a4eef3fd5556243bba1111114595
-
SHA512
595e05385f3d72c6a39eab65c99be106eb28c9b554c064abac4f4fcba4996c98cecc9e43bc1bf2de3574708451d0f5f1021fa819bf527875f2c0e66e17c88738
-
SSDEEP
196608:VjVgpi6wrIAJ89JHCKzq/gnnilhKRZ11+X3DCX4tlh67F7vgigz4VCCenYXylgu:osVrRudzyiJATCoN0F7YigkgCekA
Behavioral task
behavioral1
Sample
chinhphu0703apk.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
chinhphu0703apk.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
chinhphu0703apk.apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
chinhphu0703apk.apk
Resource
android-x86-arm-20240624-en
Malware Config
Targets
-
-
Target
chinhphu0703apk.apk
-
Size
9.4MB
-
MD5
a98e49daeef03cbc3cc791137204df63
-
SHA1
84814338a199bfd3707a5daf8333c06b0e17a0bc
-
SHA256
3ca565f5fd0b136aed50c9830895f614abf9a4eef3fd5556243bba1111114595
-
SHA512
595e05385f3d72c6a39eab65c99be106eb28c9b554c064abac4f4fcba4996c98cecc9e43bc1bf2de3574708451d0f5f1021fa819bf527875f2c0e66e17c88738
-
SSDEEP
196608:VjVgpi6wrIAJ89JHCKzq/gnnilhKRZ11+X3DCX4tlh67F7vgigz4VCCenYXylgu:osVrRudzyiJATCoN0F7YigkgCekA
-
GoldDigger
GoldDigger is an Android malware that targets various Vietnam banking applications first seen in June 2023.
-
GoldDigger payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the mobile country code (MCC)
-
Requests enabling of the accessibility settings.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1Discovery
Software Discovery
1Security Software Discovery
1System Information Discovery
2System Network Configuration Discovery
1