General
-
Target
Telegram (1).apk
-
Size
4.5MB
-
Sample
240809-v5yxcaxcjg
-
MD5
73d2e3ff807f0f39cc1eb74fd47f2c0e
-
SHA1
286945d2c5bd1291ae59fd99deac814f35f7a3dc
-
SHA256
ef4ce3743318a35f9bb801e4fb11653d654b2fdfb4c2b4bb0c66ff7687375798
-
SHA512
27461584d69b2a34048c40483af3b6f6ce0498c9b099605c376692ecb984dbac79142fb4b96e6c63608b3bc32249445ab03b9149074e4fdfd436ae99a77af0ef
-
SSDEEP
98304:5wGN/N/q6kw1oDpNEE7TAuaM48Tmz/zBkT80tQpNwk2GKMpt:5wGNIfh7U17zSP4r6Mpt
Behavioral task
behavioral1
Sample
Telegram (1).apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
Telegram (1).apk
-
Size
4.5MB
-
MD5
73d2e3ff807f0f39cc1eb74fd47f2c0e
-
SHA1
286945d2c5bd1291ae59fd99deac814f35f7a3dc
-
SHA256
ef4ce3743318a35f9bb801e4fb11653d654b2fdfb4c2b4bb0c66ff7687375798
-
SHA512
27461584d69b2a34048c40483af3b6f6ce0498c9b099605c376692ecb984dbac79142fb4b96e6c63608b3bc32249445ab03b9149074e4fdfd436ae99a77af0ef
-
SSDEEP
98304:5wGN/N/q6kw1oDpNEE7TAuaM48Tmz/zBkT80tQpNwk2GKMpt:5wGNIfh7U17zSP4r6Mpt
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-