General

  • Target

    AJGIZU.apk

  • Size

    2.8MB

  • Sample

    240912-zhy12stgle

  • MD5

    44be87a9d995de4dd012b0cd03f47bb0

  • SHA1

    d037dd795cbadc318a9eb6c0a243d72025712a61

  • SHA256

    1e9229bd17bb55be2efe1934f99298beb198f65f76dc957ab3a751cb69d50671

  • SHA512

    982fa879d7a0c784b2077505771da9e1645080de34ba788224789878443e8083f117768b06427e98afddc5a814dc8b61247e9aebc4b9337ba890f5f941697e40

  • SSDEEP

    49152:ebmGscmts7UKs4FGJXJpEsx+iQQG4LT52xB5VPI/+rbfVVUrbiPEVVETplA:eyGsco+FMXJhxTGgTwnPa+tWCP+6A

Malware Config

Targets

    • Target

      AJGIZU.apk

    • Size

      2.8MB

    • MD5

      44be87a9d995de4dd012b0cd03f47bb0

    • SHA1

      d037dd795cbadc318a9eb6c0a243d72025712a61

    • SHA256

      1e9229bd17bb55be2efe1934f99298beb198f65f76dc957ab3a751cb69d50671

    • SHA512

      982fa879d7a0c784b2077505771da9e1645080de34ba788224789878443e8083f117768b06427e98afddc5a814dc8b61247e9aebc4b9337ba890f5f941697e40

    • SSDEEP

      49152:ebmGscmts7UKs4FGJXJpEsx+iQQG4LT52xB5VPI/+rbfVVUrbiPEVVETplA:eyGsco+FMXJhxTGgTwnPa+tWCP+6A

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks