General
-
Target
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4.bin
-
Size
1.7MB
-
Sample
241005-11kf2sthnm
-
MD5
1a8086535c7b280a500db3159c6afae9
-
SHA1
7580f1ffb02b005c62aa8e4d593008368ae8b816
-
SHA256
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4
-
SHA512
71d329905d388b8ced203a7c387f9ef1d5d8a3cd964238db964814dcfadd0e1ed5187ed4f53d1dc1099793a60f60b0c2547359fde8b987efc06b18bf7fc6e003
-
SSDEEP
24576:AY1odQ9wbamQskLXVXp+ZbuqN9Kw/agT6tYfojb7wURtVXaokcadvf0FLJujE/:AY1ObageZGbuilaPp8+QsFLJh
Behavioral task
behavioral1
Sample
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Extracted
ajina
5.42.75.200:8080
-
target_apps
air.com.ssdsoftwaresolutions.clickuz
am.easypay.easywallet
am.imwallet.android
am.mts.mobidram
am.upay.android
app.ab.banking
arca.am.arca
az.anipay.usermbanking
az.cib.app
az.epul.technopay.android
az.portmanat.app
az.portmanat.newapp
az.pulpal
az.tezpay.app
com.binance.dev
com.eg.android.AlipayGphone
com.fastshift.wallet
com.haypost.haypost_mobile
com.intervale.baitushum
com.ipc_app
com.kp.kompanion
com.kp.megapay.kg
com.m10
com.maanavan.mb_kyrgyzstan
com.mbf.fsclient_android
com.moneybookers.skrillpayments
com.ofss.digx.mobile.android.allied
com.olsoft.mats.prod
com.pyypl
com.safaroff.million_android
com.wefawvevw.app
expressbank.wallet.expresspay
hesab.az
is.siminn.siminnpay
kg.o.nurtelecom
kg.rsk.mb
kz.optimabank.optima
lt.lemonlabs.android.paysera
mpay.emanat
namba.wallet.nambaone
net.humans.fintech_uz
net.kicb.ibankprod
nsp.solutions.kassam
ru.deltapay.puntopago.telcell
ru.mitapp.beeline_wallet
ru.tsk.ftc.bender.qpay
ru.yoo.yoomoney
uz.dida.payme
uz.marokand.upay
uz.paynet.app
uz.paynet.flagship_mobile
uz.soliq.mobile
uz.tune.tenge
Targets
-
-
Target
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4.bin
-
Size
1.7MB
-
MD5
1a8086535c7b280a500db3159c6afae9
-
SHA1
7580f1ffb02b005c62aa8e4d593008368ae8b816
-
SHA256
9ad84e0064d9b478c23ac530fb1d182c02525b99f6c41ca52bddd4bb704661f4
-
SHA512
71d329905d388b8ced203a7c387f9ef1d5d8a3cd964238db964814dcfadd0e1ed5187ed4f53d1dc1099793a60f60b0c2547359fde8b987efc06b18bf7fc6e003
-
SSDEEP
24576:AY1odQ9wbamQskLXVXp+ZbuqN9Kw/agT6tYfojb7wURtVXaokcadvf0FLJujE/:AY1ObageZGbuilaPp8+QsFLJh
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-