General

  • Target

    11100195c06f9661288f1cd7551bcdfc88c542bfa194e789e43d7ce0cce626b0.bin

  • Size

    4.5MB

  • Sample

    240828-1wslvszglk

  • MD5

    ebb9792d9af848de975a425ca13236bf

  • SHA1

    ad140aaa14fd1fe7779b26718f2c7522bfdadf7b

  • SHA256

    11100195c06f9661288f1cd7551bcdfc88c542bfa194e789e43d7ce0cce626b0

  • SHA512

    00884c303f499c729127154d3bd664f274dab9d231117d89b61f3a0a05474f3bedc66ae94760c6dfafdecb4684ecdbeee34b7b0f4b73002beeee22768eba6a07

  • SSDEEP

    98304:uQaM8EoiJ1zM7jQmG3fAD0eQD0QD0BD0EqD0nACD0yD0JD0ShM:u4OQmG3fADyDNDADkDC7DnD8DLhM

Malware Config

Targets

    • Target

      11100195c06f9661288f1cd7551bcdfc88c542bfa194e789e43d7ce0cce626b0.bin

    • Size

      4.5MB

    • MD5

      ebb9792d9af848de975a425ca13236bf

    • SHA1

      ad140aaa14fd1fe7779b26718f2c7522bfdadf7b

    • SHA256

      11100195c06f9661288f1cd7551bcdfc88c542bfa194e789e43d7ce0cce626b0

    • SHA512

      00884c303f499c729127154d3bd664f274dab9d231117d89b61f3a0a05474f3bedc66ae94760c6dfafdecb4684ecdbeee34b7b0f4b73002beeee22768eba6a07

    • SSDEEP

      98304:uQaM8EoiJ1zM7jQmG3fAD0eQD0QD0BD0EqD0nACD0yD0JD0ShM:u4OQmG3fADyDNDADkDC7DnD8DLhM

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Requests accessing notifications (often used to intercept notifications before users become aware).

MITRE ATT&CK Mobile v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.