General
-
Target
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.bin
-
Size
128KB
-
Sample
241108-2m6b2a1gmp
-
MD5
bb5ad469d3c5d891d4f24a8b77e40cde
-
SHA1
6018e1fe7a1c6300b7592a62f7a6b6e1d20197e7
-
SHA256
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd
-
SHA512
b5c888d02641800f6b25e1c5d81e5c0ffa37b4524bb464252965736a68467fa153d92103db78c530bbedd6cea7c27560d552a1977b47e254b6a23d3daeeef309
-
SSDEEP
3072:lrv0DzKJ5sITZxpWRklEmYw2p6DuKUm9EjbSEwzQfAuel:lvJ5sITeklcbpKPyjb+cfAuel
Static task
static1
Behavioral task
behavioral1
Sample
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd.bin
-
Size
128KB
-
MD5
bb5ad469d3c5d891d4f24a8b77e40cde
-
SHA1
6018e1fe7a1c6300b7592a62f7a6b6e1d20197e7
-
SHA256
016cdef505083d31ad163420531297eea632565b6c3d5e355f2b2486139926bd
-
SHA512
b5c888d02641800f6b25e1c5d81e5c0ffa37b4524bb464252965736a68467fa153d92103db78c530bbedd6cea7c27560d552a1977b47e254b6a23d3daeeef309
-
SSDEEP
3072:lrv0DzKJ5sITZxpWRklEmYw2p6DuKUm9EjbSEwzQfAuel:lvJ5sITeklcbpKPyjb+cfAuel
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Impair Defenses
1Prevent Application Removal
1Input Injection
1