General

  • Target

    Telegram (1).apk

  • Size

    4.5MB

  • Sample

    240809-v5yxcaxcjg

  • MD5

    73d2e3ff807f0f39cc1eb74fd47f2c0e

  • SHA1

    286945d2c5bd1291ae59fd99deac814f35f7a3dc

  • SHA256

    ef4ce3743318a35f9bb801e4fb11653d654b2fdfb4c2b4bb0c66ff7687375798

  • SHA512

    27461584d69b2a34048c40483af3b6f6ce0498c9b099605c376692ecb984dbac79142fb4b96e6c63608b3bc32249445ab03b9149074e4fdfd436ae99a77af0ef

  • SSDEEP

    98304:5wGN/N/q6kw1oDpNEE7TAuaM48Tmz/zBkT80tQpNwk2GKMpt:5wGNIfh7U17zSP4r6Mpt

Malware Config

Targets

    • Target

      Telegram (1).apk

    • Size

      4.5MB

    • MD5

      73d2e3ff807f0f39cc1eb74fd47f2c0e

    • SHA1

      286945d2c5bd1291ae59fd99deac814f35f7a3dc

    • SHA256

      ef4ce3743318a35f9bb801e4fb11653d654b2fdfb4c2b4bb0c66ff7687375798

    • SHA512

      27461584d69b2a34048c40483af3b6f6ce0498c9b099605c376692ecb984dbac79142fb4b96e6c63608b3bc32249445ab03b9149074e4fdfd436ae99a77af0ef

    • SSDEEP

      98304:5wGN/N/q6kw1oDpNEE7TAuaM48Tmz/zBkT80tQpNwk2GKMpt:5wGNIfh7U17zSP4r6Mpt

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks