General
-
Target
6302ecdac4d5bc87ba4adb70a9b377cc.bin
-
Size
6.8MB
-
Sample
241107-bqf87strgr
-
MD5
e211d9d894049e55705bdab4984c273b
-
SHA1
9fbee457118aeb6028509a712c8f6a17364e30f5
-
SHA256
a9d34a2f42e6b4f41de1ae3325c26db557bb2266b1fc205e776d13778ca43943
-
SHA512
4cd78c2ecfdc0b493f044f5be5d23d42caaacf1204a7d0b721a8761e283cedf5d8dc68cfed1721d89134ad8ff41003496bd080ea5f863ff59e6e08e024d91538
-
SSDEEP
98304:nUSM5whZwRI6m85Mzg9lE91wvo6xqofMcl9p80fX4vWpr+TSKhE+tU539oz:nc5JRHuo4wvoQhl9p/fI6+TSbt53Y
Behavioral task
behavioral1
Sample
33066bfb04c8edd75de98004eba14762823977de63145db399de57c2166d1406.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
33066bfb04c8edd75de98004eba14762823977de63145db399de57c2166d1406.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
33066bfb04c8edd75de98004eba14762823977de63145db399de57c2166d1406.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral4
Sample
childapp.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral5
Sample
childapp.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral6
Sample
childapp.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
33066bfb04c8edd75de98004eba14762823977de63145db399de57c2166d1406.zip
-
Size
12.9MB
-
MD5
6302ecdac4d5bc87ba4adb70a9b377cc
-
SHA1
d1cede3fb707c565b5360da2bfc8ce6d330f96c6
-
SHA256
33066bfb04c8edd75de98004eba14762823977de63145db399de57c2166d1406
-
SHA512
12a8a9fd8808022bc3e646412246de19764d79dd282de29fbc54df02ff94d8070ba212f9a92d0cc1f292deba333b51cf31da81b5c69853c47e24723842134883
-
SSDEEP
196608:0xSLBQc/3zX68vAjC/Pu5z8MBi5nA3wGS+0LPmZ8:0saiD1H2ls5newGwLeZ8
Score1/10 -
-
-
Target
childapp.apk
-
Size
9.3MB
-
MD5
b9f9b3f15f1d46b2fcc7603c27fdd162
-
SHA1
d07bb872d7f523e113986690302cd49577d4ddf8
-
SHA256
a2c4875714b92fdaca68879b3227c937d57867479d9975465bc3a8413966342c
-
SHA512
7619ac4ce1e727e56b7abad8663de921fa4ad5145d8100dc3099013f0f89c69d6412db8ecbe4d5a1d9566aecf30e9d2f5b8343ad9d5c9266faae5bcbca4c8583
-
SSDEEP
98304:0OZqx0VfLBQ/kFx3zX6LInnvAjC/D80uemzvzBaTD0tYaWN:exSLBQc/3zX68vAjC/Pu5z8Mk
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-