General

  • Target

    f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.bin

  • Size

    3.6MB

  • Sample

    241104-1zgc1aybkh

  • MD5

    0257d1c1936ad80ec52accac27d4b737

  • SHA1

    79c6bdc7b910c59d4bab00c42c79fce03f4f948a

  • SHA256

    f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c

  • SHA512

    2ec076000a59112d15c3f9cd7c965437f90b9f886ad1fdba9d3849783d72509fc7369c4452592c3e91f4d096567cb1ce66d6c0c985d11f6a0b6ada0213015196

  • SSDEEP

    98304:KO8Qj844FynsR8prR83RMGujqXsQTyZ9JhRz/cb:H44qynZprR8mGqskBK

Malware Config

Targets

    • Target

      f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c.bin

    • Size

      3.6MB

    • MD5

      0257d1c1936ad80ec52accac27d4b737

    • SHA1

      79c6bdc7b910c59d4bab00c42c79fce03f4f948a

    • SHA256

      f49651cff16603e49f07bb4684055b94406aec94b4b4d4ffa014dcc82c84f24c

    • SHA512

      2ec076000a59112d15c3f9cd7c965437f90b9f886ad1fdba9d3849783d72509fc7369c4452592c3e91f4d096567cb1ce66d6c0c985d11f6a0b6ada0213015196

    • SSDEEP

      98304:KO8Qj844FynsR8prR83RMGujqXsQTyZ9JhRz/cb:H44qynZprR8mGqskBK

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of the SMS messages.

    • Reads the content of the call log.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks