General
-
Target
BLACK RUSSIA [ONESHOT].apk
-
Size
4.8MB
-
Sample
240810-q7j4rasclm
-
MD5
ee0d85288097c9a5ee390610ee6d2713
-
SHA1
97263f1108d7baadcfc9cae12330f4d1f51cebbc
-
SHA256
7dadfa7cf63f9416d06dcc29978a11e4c7ebc8e9405d906451fc21de366432a4
-
SHA512
5c82c2300011dbee04c3b175abc562975a2863a8ede28ef8bcae099e4b629474a24d795efed4efda14dd77ee65d33c68dc818afd3e6967410f9d23646732efcb
-
SSDEEP
98304:YQMVWUKbKLyqK15iegikmzfzB/Tl0tQywPb:3M7KDqf1iDzh6rA
Behavioral task
behavioral1
Sample
BLACK RUSSIA [ONESHOT].apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
BLACK RUSSIA [ONESHOT].apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
BLACK RUSSIA [ONESHOT].apk
-
Size
4.8MB
-
MD5
ee0d85288097c9a5ee390610ee6d2713
-
SHA1
97263f1108d7baadcfc9cae12330f4d1f51cebbc
-
SHA256
7dadfa7cf63f9416d06dcc29978a11e4c7ebc8e9405d906451fc21de366432a4
-
SHA512
5c82c2300011dbee04c3b175abc562975a2863a8ede28ef8bcae099e4b629474a24d795efed4efda14dd77ee65d33c68dc818afd3e6967410f9d23646732efcb
-
SSDEEP
98304:YQMVWUKbKLyqK15iegikmzfzB/Tl0tQywPb:3M7KDqf1iDzh6rA
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Impair Defenses
1Prevent Application Removal
1Indicator Removal on Host
1Uninstall Malicious Application
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1Discovery
Software Discovery
1Security Software Discovery
1System Information Discovery
2System Network Configuration Discovery
1