General
-
Target
FilmPLus.apk
-
Size
4.2MB
-
Sample
240812-bxhevayfpp
-
MD5
eed6c87fa4f201145c9ad7852174ec99
-
SHA1
b4a07f0dccb45b0a0614049541d8dcc3a52fdb16
-
SHA256
0c0a65d6e01f1f6da465b0282d1bbb304038bb5c870a53b10ee552182a20ed39
-
SHA512
89fb0bebeff640f0d6bce1771025e887b5d79b71ba208304b078234d8b800fe25f7e92152cfd2ced41d59eb2563b88d849b71339477e3612435ec25a38c273d3
-
SSDEEP
98304:qjpNHJtmt7UrasGk0FhCDTgbyee86JTSg7LAqM5Mv/7XUWta:qFNH+aGTFYTg56wT58pa
Malware Config
Targets
-
-
Target
FilmPLus.apk
-
Size
4.2MB
-
MD5
eed6c87fa4f201145c9ad7852174ec99
-
SHA1
b4a07f0dccb45b0a0614049541d8dcc3a52fdb16
-
SHA256
0c0a65d6e01f1f6da465b0282d1bbb304038bb5c870a53b10ee552182a20ed39
-
SHA512
89fb0bebeff640f0d6bce1771025e887b5d79b71ba208304b078234d8b800fe25f7e92152cfd2ced41d59eb2563b88d849b71339477e3612435ec25a38c273d3
-
SSDEEP
98304:qjpNHJtmt7UrasGk0FhCDTgbyee86JTSg7LAqM5Mv/7XUWta:qFNH+aGTFYTg56wT58pa
Score7/10-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2