General
-
Target
xxxxx.apk
-
Size
4.4MB
-
Sample
241114-j4n5zavqcv
-
MD5
17d77bd4d09ea81574ec6a1fd590d306
-
SHA1
aa2c0ae4e3fd5e715a92a288ece0791c44352631
-
SHA256
433afbc9570e18b0bd0d6b1d6b8b61353cd6ad429edd19c7956c84d15867ea8d
-
SHA512
3eb9ce4269eba612cc2c2508b86b649ecf20fd7f3ad0eb7130b43dd1eb8522668ee2bd4f11f51e1d48e038aa6b218ad5217b1ec5b3b059b8abcea680b87c9be7
-
SSDEEP
98304:eX2AWAuKoYvE2+XoAzKtAX/lhuxW2domzDzBbTd0tA4Mtf:eX2NhKo9JXtut0ruNdXzFSN8
Malware Config
Targets
-
-
Target
xxxxx.apk
-
Size
4.4MB
-
MD5
17d77bd4d09ea81574ec6a1fd590d306
-
SHA1
aa2c0ae4e3fd5e715a92a288ece0791c44352631
-
SHA256
433afbc9570e18b0bd0d6b1d6b8b61353cd6ad429edd19c7956c84d15867ea8d
-
SHA512
3eb9ce4269eba612cc2c2508b86b649ecf20fd7f3ad0eb7130b43dd1eb8522668ee2bd4f11f51e1d48e038aa6b218ad5217b1ec5b3b059b8abcea680b87c9be7
-
SSDEEP
98304:eX2AWAuKoYvE2+XoAzKtAX/lhuxW2domzDzBbTd0tA4Mtf:eX2NhKo9JXtut0ruNdXzFSN8
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1