General
-
Target
SKY Airline.apk
-
Size
12.8MB
-
Sample
240926-zxntma1are
-
MD5
158963d782890ebd106aa0ae739f0be8
-
SHA1
addffd64bcfae1f4cefe5a0c8c06c89b1c9ab7b2
-
SHA256
9d9d7cf8ca99e09b64ef3daa9178c82f2aff63fa6c145b8ede90f9427c3a819a
-
SHA512
4782096a3f9ab0b591dc0b898f98d8cc39f0ce2c3f58e30b4ae6f418758fc0ffa7fd9304ecce14d5a6c9b5abd40b51783cfa1e1d642f910648c018a1e7108e31
-
SSDEEP
393216:QUhtvxX18IAAa0s1ganwj9/ANqLg/+HUn:x4XEawR4N40v
Malware Config
Targets
-
-
Target
SKY Airline.apk
-
Size
12.8MB
-
MD5
158963d782890ebd106aa0ae739f0be8
-
SHA1
addffd64bcfae1f4cefe5a0c8c06c89b1c9ab7b2
-
SHA256
9d9d7cf8ca99e09b64ef3daa9178c82f2aff63fa6c145b8ede90f9427c3a819a
-
SHA512
4782096a3f9ab0b591dc0b898f98d8cc39f0ce2c3f58e30b4ae6f418758fc0ffa7fd9304ecce14d5a6c9b5abd40b51783cfa1e1d642f910648c018a1e7108e31
-
SSDEEP
393216:QUhtvxX18IAAa0s1ganwj9/ANqLg/+HUn:x4XEawR4N40v
Score7/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-