General

  • Target

    016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.bin

  • Size

    128KB

  • Sample

    241108-2m6b2a1gmp

  • MD5

    bb5ad469d3c5d891d4f24a8b77e40cde

  • SHA1

    6018e1fe7a1c6300b7592a62f7a6b6e1d20197e7

  • SHA256

    016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd

  • SHA512

    b5c888d02641800f6b25e1c5d81e5c0ffa37b4524bb464252965736a68467fa153d92103db78c530bbedd6cea7c27560d552a1977b47e254b6a23d3daeeef309

  • SSDEEP

    3072:lrv0DzKJ5sITZxpWRklEmYw2p6DuKUm9EjbSEwzQfAuel:lvJ5sITeklcbpKPyjb+cfAuel

Malware Config

Targets

    • Target

      016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.bin

    • Size

      128KB

    • MD5

      bb5ad469d3c5d891d4f24a8b77e40cde

    • SHA1

      6018e1fe7a1c6300b7592a62f7a6b6e1d20197e7

    • SHA256

      016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd

    • SHA512

      b5c888d02641800f6b25e1c5d81e5c0ffa37b4524bb464252965736a68467fa153d92103db78c530bbedd6cea7c27560d552a1977b47e254b6a23d3daeeef309

    • SSDEEP

      3072:lrv0DzKJ5sITZxpWRklEmYw2p6DuKUm9EjbSEwzQfAuel:lvJ5sITeklcbpKPyjb+cfAuel

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks