Resubmissions

13/06/2025, 13:37

250613-qw645sam9t 10

09/06/2025, 08:27

250609-kclq7sbp4t 7

01/11/2024, 07:56

241101-js2xpaxjbw 7

30/10/2024, 09:11

241030-k5n22aypbs 7

General

  • Target

    certificado.apk

  • Size

    17.9MB

  • Sample

    241101-js2xpaxjbw

  • MD5

    3701535f51fe33673fef155d43247df5

  • SHA1

    e0eb39589a97a4d576b8f9be9d41cdbfbd177c67

  • SHA256

    e9f2f6e47e071ed2a0df5c75e787b2512ba8a601e55c91ab49ea837fd7a0fc85

  • SHA512

    53e4ef2f7ebf41d3367bf556ba03e32512d4fbeb1aee3c5daa462daf9671fff948b1bcb1a3c531932f79c1cf088eb5bbaaf1d43ed2dee55388d53e30c394eb34

  • SSDEEP

    196608:DS69BN8O5zZcRGGBEbcjxrlzilUasQyOdtkXGXXwcKJmUMGlOrINAHKdMabDu9I:DL0OGBEbc1RasZOdtcugchNXrINnd1

Malware Config

Targets

    • Target

      certificado.apk

    • Size

      17.9MB

    • MD5

      3701535f51fe33673fef155d43247df5

    • SHA1

      e0eb39589a97a4d576b8f9be9d41cdbfbd177c67

    • SHA256

      e9f2f6e47e071ed2a0df5c75e787b2512ba8a601e55c91ab49ea837fd7a0fc85

    • SHA512

      53e4ef2f7ebf41d3367bf556ba03e32512d4fbeb1aee3c5daa462daf9671fff948b1bcb1a3c531932f79c1cf088eb5bbaaf1d43ed2dee55388d53e30c394eb34

    • SSDEEP

      196608:DS69BN8O5zZcRGGBEbcjxrlzilUasQyOdtkXGXXwcKJmUMGlOrINAHKdMabDu9I:DL0OGBEbc1RasZOdtcugchNXrINnd1

    Score
    6/10
    • Checks the application is allowed to request package installs through the package installer

      Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).

    • Declares broadcast receivers with permission to handle system events

    • Declares services with permission to bind to the system

    • Requests dangerous framework permissions

    • Target

      update.apk

    • Size

      8.1MB

    • MD5

      6841b9fe23cde512d040a8eb2a76078e

    • SHA1

      80dd5ed2d4996b409c957ce363831041783f5506

    • SHA256

      73e647287408b2d40f53791b8a387a2f7eb6b1bba1926276e032bf2833354cc4

    • SHA512

      5874ac297770861e4ebe673c68ff1da0fd6c4331b2e6365b90e5c0a8920abd97469bc9b59ad87b5afe65305451d7b42e208b351fbd5a5499de7d625191ec013e

    • SSDEEP

      196608:k5DSkcg1MKk+TwUREMVpy9oQl2FsJe9UacZZoV4:kUg1MlAvEOyyQlxJtZZh

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks