Resubmissions

14-11-2024 13:54

241114-q7t9qazfrb 10

12-11-2024 22:07

241112-113bvs1nhs 10

General

  • Target

    e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9.bin

  • Size

    3.4MB

  • Sample

    241114-q7t9qazfrb

  • MD5

    36794af87e599f3598490a24fb772b91

  • SHA1

    8eb5e5e5092b5abb8d1f3c04c3baf5ab0321a890

  • SHA256

    e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9

  • SHA512

    a2fc5e2cf2990f1d416129b356c37db7dc60e07ce5c74c2d54dd17b9fd66d34bcca8d7ad86c11082501c54b1702cd980106b7ce112c83c0348333a669424ef8e

  • SSDEEP

    98304:PPPWl9BImOCp+CoR9b+0sGC9Pc89Sk5rY03Ldraaj:HPWl9BnO0+59iFx9Pf9Sk577deaj

Malware Config

Targets

    • Target

      e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9.bin

    • Size

      3.4MB

    • MD5

      36794af87e599f3598490a24fb772b91

    • SHA1

      8eb5e5e5092b5abb8d1f3c04c3baf5ab0321a890

    • SHA256

      e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9

    • SHA512

      a2fc5e2cf2990f1d416129b356c37db7dc60e07ce5c74c2d54dd17b9fd66d34bcca8d7ad86c11082501c54b1702cd980106b7ce112c83c0348333a669424ef8e

    • SSDEEP

      98304:PPPWl9BImOCp+CoR9b+0sGC9Pc89Sk5rY03Ldraaj:HPWl9BnO0+59iFx9Pf9Sk577deaj

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

    • Queries information about active data network

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks