General

  • Target

    launcher.apk

  • Size

    4.6MB

  • Sample

    240808-pyqdqsxcnh

  • MD5

    f633c4fc970d709f2eef6f5272d279fe

  • SHA1

    b0c115e78b79839b26b292b440edb4db7a68c2e8

  • SHA256

    54bdf768561bdc704997ac07d23024d98b8c610fbda31e75e59771158c4ce4a7

  • SHA512

    3161673a39a8989ff939459c5d35e4989d3aa990903f20c359fdc1ea6b7cc008da4896bdab9cd4845ec3d9ec91d04917139448da753545acd3136dcbddf0c17b

  • SSDEEP

    98304:dqZas6mBLUO4DRdanj0ORGhqcmz7zBb3TM0tEK+G8b:4R6rD6n3RGMzZfyt

Malware Config

Targets

    • Target

      launcher.apk

    • Size

      4.6MB

    • MD5

      f633c4fc970d709f2eef6f5272d279fe

    • SHA1

      b0c115e78b79839b26b292b440edb4db7a68c2e8

    • SHA256

      54bdf768561bdc704997ac07d23024d98b8c610fbda31e75e59771158c4ce4a7

    • SHA512

      3161673a39a8989ff939459c5d35e4989d3aa990903f20c359fdc1ea6b7cc008da4896bdab9cd4845ec3d9ec91d04917139448da753545acd3136dcbddf0c17b

    • SSDEEP

      98304:dqZas6mBLUO4DRdanj0ORGhqcmz7zBb3TM0tEK+G8b:4R6rD6n3RGMzZfyt

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks