Resubmissions

23-07-2024 15:35

240723-s1kg2szfka 10

29-06-2023 09:07

230629-k3r1xace55 8

General

  • Target

    chinhphu0629.apk

  • Size

    7.7MB

  • Sample

    240723-s1kg2szfka

  • MD5

    7aac62728f4a58575f76141675d9c3d1

  • SHA1

    6c7b71632e495cc74bec7630078e5aae0e6c169a

  • SHA256

    f6aaeed90d51f1d3c270c9b9ca9f0df89f6af484cf657b2edc1d2f4262820a2c

  • SHA512

    a57f5efb452a0f90ef0318dff65b07420d1601e3265895b40438e445c82c10204317d77ea3a2d302961ba879fec0f0a0b8bb16ebbfeab394cae561717bd25959

  • SSDEEP

    196608:r1BG/6TsXbAUTvfOj/gnO28+UUV4HKmqKiPC:R0eS/fOOdUU8oPC

Malware Config

Targets

    • Target

      chinhphu0629.apk

    • Size

      7.7MB

    • MD5

      7aac62728f4a58575f76141675d9c3d1

    • SHA1

      6c7b71632e495cc74bec7630078e5aae0e6c169a

    • SHA256

      f6aaeed90d51f1d3c270c9b9ca9f0df89f6af484cf657b2edc1d2f4262820a2c

    • SHA512

      a57f5efb452a0f90ef0318dff65b07420d1601e3265895b40438e445c82c10204317d77ea3a2d302961ba879fec0f0a0b8bb16ebbfeab394cae561717bd25959

    • SSDEEP

      196608:r1BG/6TsXbAUTvfOj/gnO28+UUV4HKmqKiPC:R0eS/fOOdUU8oPC

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries the mobile country code (MCC)

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks