General
-
Target
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96
-
Size
43.3MB
-
Sample
240810-qct1gavdma
-
MD5
593817f929b0c9b90989053e89a1cfb2
-
SHA1
ffef2aae0a827e1bb411119ad85e2492020ef493
-
SHA256
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96
-
SHA512
6a28b181cd001247a3ff39e0cc67cb883f71944daaf3a6d34e1ddc16313944345158cceb76e84d62c8727e3347e55bad12443be2fcd0589dcbab0bb73a988cfb
-
SSDEEP
786432:Q5iO1ZpFL5UYMylMBeTeLwPx//YTgjbrbP4Ep5TdGEaWs05FOvF0APm6KEO:s1tiYMylMBMx5YTgnP4Ep5hG0Ie6G
Behavioral task
behavioral1
Sample
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96
-
Size
43.3MB
-
MD5
593817f929b0c9b90989053e89a1cfb2
-
SHA1
ffef2aae0a827e1bb411119ad85e2492020ef493
-
SHA256
65c50cc24e0fb8b38c7805fb3ce6a5c748a24400453b14875cf6cfab14884d96
-
SHA512
6a28b181cd001247a3ff39e0cc67cb883f71944daaf3a6d34e1ddc16313944345158cceb76e84d62c8727e3347e55bad12443be2fcd0589dcbab0bb73a988cfb
-
SSDEEP
786432:Q5iO1ZpFL5UYMylMBeTeLwPx//YTgjbrbP4Ep5TdGEaWs05FOvF0APm6KEO:s1tiYMylMBMx5YTgnP4Ep5hG0Ie6G
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Tries to add a device administrator.
-
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Privilege Escalation
Abuse Elevation Control Mechanism
1Device Administrator Permissions
1Defense Evasion
Foreground Persistence
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1Discovery
System Information Discovery
2System Network Configuration Discovery
1System Network Connections Discovery
1