General
-
Target
41f9e34b6832c27c1121d8311840959a843a3c1b67e8464646841abd11b9d81c.zip
-
Size
4.6MB
-
Sample
241106-cy4j5ssmct
-
MD5
232a7faf28903b123af03257dbab51c4
-
SHA1
fa7f91ec0a253d93033bee2e3f6dc698925b47cf
-
SHA256
41f9e34b6832c27c1121d8311840959a843a3c1b67e8464646841abd11b9d81c
-
SHA512
5796e760f6abde93e729f39d89b7ccd635ad0e345cee457e0cae21d1dc093e6dd0f6414ebcc8ee4e0568eaf08c648ecf0c74fe1d466a08bb2df7056ae3c1b263
-
SSDEEP
98304:gM1IyJxJldEGwocQNcRNEMemmzozB1T20t8mTq7P9RLk8:kyJddluQNcRNEMeRzq9F+Q8
Malware Config
Targets
-
-
Target
41f9e34b6832c27c1121d8311840959a843a3c1b67e8464646841abd11b9d81c.zip
-
Size
4.6MB
-
MD5
232a7faf28903b123af03257dbab51c4
-
SHA1
fa7f91ec0a253d93033bee2e3f6dc698925b47cf
-
SHA256
41f9e34b6832c27c1121d8311840959a843a3c1b67e8464646841abd11b9d81c
-
SHA512
5796e760f6abde93e729f39d89b7ccd635ad0e345cee457e0cae21d1dc093e6dd0f6414ebcc8ee4e0568eaf08c648ecf0c74fe1d466a08bb2df7056ae3c1b263
-
SSDEEP
98304:gM1IyJxJldEGwocQNcRNEMemmzozB1T20t8mTq7P9RLk8:kyJddluQNcRNEMeRzq9F+Q8
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1