General
-
Target
e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9.bin
-
Size
3.4MB
-
Sample
241114-q7t9qazfrb
-
MD5
36794af87e599f3598490a24fb772b91
-
SHA1
8eb5e5e5092b5abb8d1f3c04c3baf5ab0321a890
-
SHA256
e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9
-
SHA512
a2fc5e2cf2990f1d416129b356c37db7dc60e07ce5c74c2d54dd17b9fd66d34bcca8d7ad86c11082501c54b1702cd980106b7ce112c83c0348333a669424ef8e
-
SSDEEP
98304:PPPWl9BImOCp+CoR9b+0sGC9Pc89Sk5rY03Ldraaj:HPWl9BnO0+59iFx9Pf9Sk577deaj
Behavioral task
behavioral1
Sample
e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9.apk
Resource
android-33-x64-arm64-20240624-es
Malware Config
Targets
-
-
Target
e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9.bin
-
Size
3.4MB
-
MD5
36794af87e599f3598490a24fb772b91
-
SHA1
8eb5e5e5092b5abb8d1f3c04c3baf5ab0321a890
-
SHA256
e9515238f096e249a73b7cce538cc54dd890f71dfb972e9b830fafa4b52051a9
-
SHA512
a2fc5e2cf2990f1d416129b356c37db7dc60e07ce5c74c2d54dd17b9fd66d34bcca8d7ad86c11082501c54b1702cd980106b7ce112c83c0348333a669424ef8e
-
SSDEEP
98304:PPPWl9BImOCp+CoR9b+0sGC9Pc89Sk5rY03Ldraaj:HPWl9BnO0+59iFx9Pf9Sk577deaj
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries information about active data network
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Defense Evasion
Foreground Persistence
1Hide Artifacts
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Virtualization/Sandbox Evasion
1System Checks
1Discovery
Process Discovery
1System Network Configuration Discovery
1System Network Connections Discovery
1