General

  • Target

    Live Tiktok.apk

  • Size

    3.3MB

  • Sample

    240913-xe42sasclr

  • MD5

    4106bc5d5551761b8dfeacc47217563b

  • SHA1

    03f9de2ddd7dd96d20d1f06ac3db900b890c73c9

  • SHA256

    c7e0f6bec293dc451cfd65030dcf6b847c83ec252cf62c2722ad96cb7aaeb069

  • SHA512

    89e267ab76e38625955e10c8fc629fa02701ea6ed95c46c07ea8adea579e5d3a6be186862f320c632aa54a00cb526a307d40257bd75d630b5d62125e9baa3821

  • SSDEEP

    49152:P3BzBInlSy8vOFOJ+B2dvBSWDmH/tyEY+jWL9xuKU2L7wuzP/M+4IJj8YarJig9M:p1IlSy86OJ+BKBf0/9CRvUWDM+vJoltC

Malware Config

Targets

    • Target

      Live Tiktok.apk

    • Size

      3.3MB

    • MD5

      4106bc5d5551761b8dfeacc47217563b

    • SHA1

      03f9de2ddd7dd96d20d1f06ac3db900b890c73c9

    • SHA256

      c7e0f6bec293dc451cfd65030dcf6b847c83ec252cf62c2722ad96cb7aaeb069

    • SHA512

      89e267ab76e38625955e10c8fc629fa02701ea6ed95c46c07ea8adea579e5d3a6be186862f320c632aa54a00cb526a307d40257bd75d630b5d62125e9baa3821

    • SSDEEP

      49152:P3BzBInlSy8vOFOJ+B2dvBSWDmH/tyEY+jWL9xuKU2L7wuzP/M+4IJj8YarJig9M:p1IlSy86OJ+BKBf0/9CRvUWDM+vJoltC

    • 888RAT

      888RAT is an Android remote administration tool.

    • Acquires the wake lock

    • Declares services with permission to bind to the system

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests dangerous framework permissions

MITRE ATT&CK Mobile v15

Tasks