Resubmissions

12-08-2024 10:01

240812-l2qxwszfrf 10

12-08-2024 09:53

240812-lw2gfazemb 10

General

  • Target

    launcher.apk

  • Size

    4.6MB

  • Sample

    240812-l2qxwszfrf

  • MD5

    7fbde4b67f91e314a33bcdedc11d77db

  • SHA1

    4313e04400fa4c956ca87aa9c826174f76e50669

  • SHA256

    cdac4cba146d3db7ba03423f2eafaf0f4eefa317a296bc7c9468ef2a6bf21822

  • SHA512

    fcb45d84854255b61c8518d3c408fe32e8d398eb952286730cd24ed5b49b366ffdb67be3046ca66d07778f619fc718247086d68314da83b842a9a4e4a40c5b51

  • SSDEEP

    98304:JCXiQ5mbHlY0akBDBVYEQOL8jSX3mzJzBOFB4TH0tMmFBQkn3O:vRlDayDPNL8jJzcBcYnBQh

Malware Config

Targets

    • Target

      launcher.apk

    • Size

      4.6MB

    • MD5

      7fbde4b67f91e314a33bcdedc11d77db

    • SHA1

      4313e04400fa4c956ca87aa9c826174f76e50669

    • SHA256

      cdac4cba146d3db7ba03423f2eafaf0f4eefa317a296bc7c9468ef2a6bf21822

    • SHA512

      fcb45d84854255b61c8518d3c408fe32e8d398eb952286730cd24ed5b49b366ffdb67be3046ca66d07778f619fc718247086d68314da83b842a9a4e4a40c5b51

    • SSDEEP

      98304:JCXiQ5mbHlY0akBDBVYEQOL8jSX3mzJzBOFB4TH0tMmFBQkn3O:vRlDayDPNL8jJzcBcYnBQh

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Launchs application uninstaller.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks