Resubmissions

07/11/2024, 07:07

241107-hxxyvszraq 7

02/11/2024, 16:42

241102-t7nzgszeml 7

General

  • Target

    fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

  • Size

    24.0MB

  • Sample

    241102-t7nzgszeml

  • MD5

    d6f6290c38d02d54b744b611f9f552ea

  • SHA1

    a1c4f0da62946896a5ea8a3bb207586bf37b8452

  • SHA256

    fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

  • SHA512

    72836061d6c68390eddb7a94e36338bc8af88cd4f6dea28fd156ab86bd9aa265d4cfc2341701e745afc085c6c99997756796a543315eefb720dc9c3d42bf7550

  • SSDEEP

    393216:KKVIq36TYlbmOVf6VSmkNS1S9gu4ehUyA0uVnFk3q36TZvzzGCsuNpJbFk5fuE:MtsIOMVST4St0vVnFk3tR/tDdbFkBuE

Malware Config

Targets

    • Target

      fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

    • Size

      24.0MB

    • MD5

      d6f6290c38d02d54b744b611f9f552ea

    • SHA1

      a1c4f0da62946896a5ea8a3bb207586bf37b8452

    • SHA256

      fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400

    • SHA512

      72836061d6c68390eddb7a94e36338bc8af88cd4f6dea28fd156ab86bd9aa265d4cfc2341701e745afc085c6c99997756796a543315eefb720dc9c3d42bf7550

    • SSDEEP

      393216:KKVIq36TYlbmOVf6VSmkNS1S9gu4ehUyA0uVnFk3q36TZvzzGCsuNpJbFk5fuE:MtsIOMVST4St0vVnFk3tR/tDdbFkBuE

    Score
    1/10
    • Target

      wavvzucu22.png

    • Size

      5.1MB

    • MD5

      0adfa947acd3880f6d6e05c85350b388

    • SHA1

      a2077a02ea901af075f42ba327ad350f07f8dca5

    • SHA256

      fb61250d64af13947366d86122dfa4fa9600cb5b7f4bb900a081cccfbfb487ec

    • SHA512

      c650bb9021042412f6811476edf022a8c92705c2a9f336b366901960c6273c3718e7d68f78fc1c38c68cfd1f2ef45ae64fcf5f19e75ccd44f4ed18a9304c09db

    • SSDEEP

      98304:F/sQQpYSly9aNaHV9EdJ+cpITRo6tJ4Ob34L5HEs4altMvN422A:F/hc09y+cVSr34L5khalWS22A

    Score
    7/10
    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Target

      wavvzucu29.png

    • Size

      5.5MB

    • MD5

      5d51b02f5270a1e1dbb1c96ec1e7940f

    • SHA1

      c6230451d7e487ede0253d33fa7e546ba4d1250e

    • SHA256

      099fce4dd0f15f591f59d9e39d68c669c7ec4e421c113d86605626318e4751b5

    • SHA512

      fe66a795e128b4c5a95e2bde6dceb7e9f644c449480e4f335dd2165b2bf3dfc815f0519400dff2b421049df5b63bb426629d54255fce73c643970e3a2851589e

    • SSDEEP

      98304:WNARYe2HY6cwRWPChfhzJ+cpITSnoQ8yoRNauYQjzClzy1QUWaj4hBR+HWbFkek9:Wq5p6TRWPUfhF+crnx8xWGCs1QNp+2b8

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks