General

  • Target

    Telegram.apk

  • Size

    4.5MB

  • Sample

    240809-vv8c2ataqm

  • MD5

    71167d18c59ea85812652962be8e23b5

  • SHA1

    d53ed67ab4ccaf5bf3a0c3c27cc6b09f3758434b

  • SHA256

    ed7c636ac7023173d2278b73cc79153f1273f3c6cf8068b04344599085f73c63

  • SHA512

    718117edb35715eb7be60f0863a3802b460f08996accee1282344b3354d4c418bce9cc8c2d284ec1dac4a7695aeb87ac6ae7776cc69c42598e360925de2ce7c8

  • SSDEEP

    98304:lIMB3ivpmFGwKXPQ+PixIzCq/52mz5zB0TL0tglNwYeors:9kRsGwi6ITDzc0srO

Malware Config

Targets

    • Target

      Telegram.apk

    • Size

      4.5MB

    • MD5

      71167d18c59ea85812652962be8e23b5

    • SHA1

      d53ed67ab4ccaf5bf3a0c3c27cc6b09f3758434b

    • SHA256

      ed7c636ac7023173d2278b73cc79153f1273f3c6cf8068b04344599085f73c63

    • SHA512

      718117edb35715eb7be60f0863a3802b460f08996accee1282344b3354d4c418bce9cc8c2d284ec1dac4a7695aeb87ac6ae7776cc69c42598e360925de2ce7c8

    • SSDEEP

      98304:lIMB3ivpmFGwKXPQ+PixIzCq/52mz5zB0TL0tglNwYeors:9kRsGwi6ITDzc0srO

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks