General
-
Target
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87.apk
-
Size
4.6MB
-
Sample
240920-bk6lxa1cpg
-
MD5
93d05bac003f669b8d0cb9d0ac23a705
-
SHA1
1aa89ec5de22d8698bb299b5c44ad6255efa7dde
-
SHA256
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87
-
SHA512
6e9a1c8da820cf30382cb5a8fadfd6812faf19dc6314ee2956d64b69399d53fabe470049b965c8f8d203811c85f90f238af446d5482bdcf10fb42adbfcf6872f
-
SSDEEP
98304:2FFspr24BaPyjUQCvxvNlvD0eGD0OD0DD0E8D0nAYD0wD0DD0NY1:IF+rEPaCv1NlvDoDnD+D2DCtD5DSDqY1
Behavioral task
behavioral1
Sample
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87.apk
-
Size
4.6MB
-
MD5
93d05bac003f669b8d0cb9d0ac23a705
-
SHA1
1aa89ec5de22d8698bb299b5c44ad6255efa7dde
-
SHA256
29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87
-
SHA512
6e9a1c8da820cf30382cb5a8fadfd6812faf19dc6314ee2956d64b69399d53fabe470049b965c8f8d203811c85f90f238af446d5482bdcf10fb42adbfcf6872f
-
SSDEEP
98304:2FFspr24BaPyjUQCvxvNlvD0eGD0OD0DD0E8D0nAYD0wD0DD0NY1:IF+rEPaCv1NlvDoDnD+D2DCtD5DSDqY1
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
Requests accessing notifications (often used to intercept notifications before users become aware).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Access Notifications
1Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1