General
-
Target
fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400
-
Size
24.0MB
-
Sample
241102-t7nzgszeml
-
MD5
d6f6290c38d02d54b744b611f9f552ea
-
SHA1
a1c4f0da62946896a5ea8a3bb207586bf37b8452
-
SHA256
fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400
-
SHA512
72836061d6c68390eddb7a94e36338bc8af88cd4f6dea28fd156ab86bd9aa265d4cfc2341701e745afc085c6c99997756796a543315eefb720dc9c3d42bf7550
-
SSDEEP
393216:KKVIq36TYlbmOVf6VSmkNS1S9gu4ehUyA0uVnFk3q36TZvzzGCsuNpJbFk5fuE:MtsIOMVST4St0vVnFk3tR/tDdbFkBuE
Static task
static1
Behavioral task
behavioral1
Sample
fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral2
Sample
wavvzucu22.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
wavvzucu29.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400
-
Size
24.0MB
-
MD5
d6f6290c38d02d54b744b611f9f552ea
-
SHA1
a1c4f0da62946896a5ea8a3bb207586bf37b8452
-
SHA256
fabdf6f305ed33293ffaac8651657426a6fa4a5bba79d95bf6b3ff481e9e6400
-
SHA512
72836061d6c68390eddb7a94e36338bc8af88cd4f6dea28fd156ab86bd9aa265d4cfc2341701e745afc085c6c99997756796a543315eefb720dc9c3d42bf7550
-
SSDEEP
393216:KKVIq36TYlbmOVf6VSmkNS1S9gu4ehUyA0uVnFk3q36TZvzzGCsuNpJbFk5fuE:MtsIOMVST4St0vVnFk3tR/tDdbFkBuE
Score1/10 -
-
-
Target
wavvzucu22.png
-
Size
5.1MB
-
MD5
0adfa947acd3880f6d6e05c85350b388
-
SHA1
a2077a02ea901af075f42ba327ad350f07f8dca5
-
SHA256
fb61250d64af13947366d86122dfa4fa9600cb5b7f4bb900a081cccfbfb487ec
-
SHA512
c650bb9021042412f6811476edf022a8c92705c2a9f336b366901960c6273c3718e7d68f78fc1c38c68cfd1f2ef45ae64fcf5f19e75ccd44f4ed18a9304c09db
-
SSDEEP
98304:F/sQQpYSly9aNaHV9EdJ+cpITRo6tJ4Ob34L5HEs4altMvN422A:F/hc09y+cVSr34L5khalWS22A
Score7/10-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
-
-
Target
wavvzucu29.png
-
Size
5.5MB
-
MD5
5d51b02f5270a1e1dbb1c96ec1e7940f
-
SHA1
c6230451d7e487ede0253d33fa7e546ba4d1250e
-
SHA256
099fce4dd0f15f591f59d9e39d68c669c7ec4e421c113d86605626318e4751b5
-
SHA512
fe66a795e128b4c5a95e2bde6dceb7e9f644c449480e4f335dd2165b2bf3dfc815f0519400dff2b421049df5b63bb426629d54255fce73c643970e3a2851589e
-
SSDEEP
98304:WNARYe2HY6cwRWPChfhzJ+cpITSnoQ8yoRNauYQjzClzy1QUWaj4hBR+HWbFkek9:Wq5p6TRWPUfhF+crnx8xWGCs1QNp+2b8
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-