General
-
Target
1731033356460.apk
-
Size
4.4MB
-
Sample
241113-gpransxald
-
MD5
f1da843e0caead846edfdefc718f2e3c
-
SHA1
6ac5695bae09b12d19e1a2f83fe9abf05f76e565
-
SHA256
18b7555aacde50facbd5aee8501fae09629e7b6770e0b5793da6432da32a23ee
-
SHA512
0495f04a47bdb4d91c60b41ecc898e671a9c77cdbd67d8339a078522ac1ce315255ae9a297e0efbead4173464207700fed39217b9ac9d531ac83978977f463b7
-
SSDEEP
98304:sILzBZTPmzVSQ0tl0AyQIi+XFzY/XyeRP1juLNp5JdWV4w:zezIl5Ii+VzY/Xykk/WV4w
Malware Config
Targets
-
-
Target
1731033356460.apk
-
Size
4.4MB
-
MD5
f1da843e0caead846edfdefc718f2e3c
-
SHA1
6ac5695bae09b12d19e1a2f83fe9abf05f76e565
-
SHA256
18b7555aacde50facbd5aee8501fae09629e7b6770e0b5793da6432da32a23ee
-
SHA512
0495f04a47bdb4d91c60b41ecc898e671a9c77cdbd67d8339a078522ac1ce315255ae9a297e0efbead4173464207700fed39217b9ac9d531ac83978977f463b7
-
SSDEEP
98304:sILzBZTPmzVSQ0tl0AyQIi+XFzY/XyeRP1juLNp5JdWV4w:zezIl5Ii+VzY/Xykk/WV4w
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1