General

  • Target

    apk.apk

  • Size

    4.5MB

  • Sample

    240801-savv4azhrd

  • MD5

    aa1d16f03642f5a036aed99249a4714e

  • SHA1

    268ada1e9b8d223f388ec75eed861050f2ca90e4

  • SHA256

    833a73187650018b167a43e7953f9492dd4a4a4f75fdeb1561b206996c11d7ed

  • SHA512

    70ba9c4f2153f67db5e517f7820ecd97a9f2f34949204f3e234893d52726a15bf581afea9c03b48e304f135e7355c7fe4cde38d537135cd2ab0047eaded5a50f

  • SSDEEP

    98304:tw83u93axuoJiFG/93+BZegYyfbbmrkC1qAshQh4bJAiSFgGO3:tw81v6ehce4sqAHUmiSE

Malware Config

Targets

    • Target

      apk.apk

    • Size

      4.5MB

    • MD5

      aa1d16f03642f5a036aed99249a4714e

    • SHA1

      268ada1e9b8d223f388ec75eed861050f2ca90e4

    • SHA256

      833a73187650018b167a43e7953f9492dd4a4a4f75fdeb1561b206996c11d7ed

    • SHA512

      70ba9c4f2153f67db5e517f7820ecd97a9f2f34949204f3e234893d52726a15bf581afea9c03b48e304f135e7355c7fe4cde38d537135cd2ab0047eaded5a50f

    • SSDEEP

      98304:tw83u93axuoJiFG/93+BZegYyfbbmrkC1qAshQh4bJAiSFgGO3:tw81v6ehce4sqAHUmiSE

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks