General
-
Target
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2.bin
-
Size
1.5MB
-
Sample
240807-167hrsyfmc
-
MD5
caf8ce8f4987e423481b28b00587ab73
-
SHA1
97845805f238b05440e6bc96421d01de5925668d
-
SHA256
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2
-
SHA512
bcb265526f51135c2a3d5ad750abb0f0664cd121f3a45fd417793d8544e25655f4e9fe629b337f60c5440a9bf82b874a0022f1761064fd4fac5ac99338a4712c
-
SSDEEP
49152:M5EIKco/5XVCHt0Ckhq2sFxYnSk/CL/n2a:MmIZo/5lCHtGhq2ksr/+2a
Behavioral task
behavioral1
Sample
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
anubis
http://localhost:8080/
Targets
-
-
Target
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2.bin
-
Size
1.5MB
-
MD5
caf8ce8f4987e423481b28b00587ab73
-
SHA1
97845805f238b05440e6bc96421d01de5925668d
-
SHA256
cb27e4531fb2c11b30d7f149a5fdf6b802137b7bc04426dc27e089c6353ed3e2
-
SHA512
bcb265526f51135c2a3d5ad750abb0f0664cd121f3a45fd417793d8544e25655f4e9fe629b337f60c5440a9bf82b874a0022f1761064fd4fac5ac99338a4712c
-
SSDEEP
49152:M5EIKco/5XVCHt0Ckhq2sFxYnSk/CL/n2a:MmIZo/5lCHtGhq2ksr/+2a
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries the phone number (MSISDN for GSM devices)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests enabling of the accessibility settings.
-