Overview

overview

10

Static

static

10

NIVYLC.apk

android-13-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NIVYLC.apk

  • Size

    2.0MB

  • Sample

    240928-md1mvsshje

  • MD5

    efb8b49c23f6554d9fd3def1c25c9618

  • SHA1

    38fa5bb17a6e3ec8c50ab5d436836d940b1b6705

  • SHA256

    659cf2b4d32c29779af3e36b1fdc335acf9290e5b427250aabbec3119f762e18

  • SHA512

    dd1eabe0936b73c603787481d64842281e9cc1d82ba6e9aeb3ddff04b35e1d0d0cbf60bda525b8f2c7390bbc34a3ed3b9b8478e8b68e12bc2e8dd645552bac0e

  • SSDEEP

    49152:Wb/iutLmCd1162ZXNJ/K4ln8aFbE25Tply:0/iut11fXXK4lRFbE2y

Score
10/10
888ratandroiddiscoveryevasionimpactpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      NIVYLC.apk

    • Size

      2.0MB

    • MD5

      efb8b49c23f6554d9fd3def1c25c9618

    • SHA1

      38fa5bb17a6e3ec8c50ab5d436836d940b1b6705

    • SHA256

      659cf2b4d32c29779af3e36b1fdc335acf9290e5b427250aabbec3119f762e18

    • SHA512

      dd1eabe0936b73c603787481d64842281e9cc1d82ba6e9aeb3ddff04b35e1d0d0cbf60bda525b8f2c7390bbc34a3ed3b9b8478e8b68e12bc2e8dd645552bac0e

    • SSDEEP

      49152:Wb/iutLmCd1162ZXNJ/K4ln8aFbE25Tply:0/iut11fXXK4lRFbE2y

    Score
    6/10
    discoveryevasionimpactpersistenceprivilege_escalation

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about active data network

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalationimpact
    behavioral1

MITRE ATT&CK Mobile v15

Tasks