General
-
Target
Predator 2.apk
-
Size
3.7MB
-
Sample
241119-d95f9azldw
-
MD5
732b55fe03a3f5e3d69afe5ef525438d
-
SHA1
bfc3d17e88d86258e8e37cb44c7c2d7082ee49c9
-
SHA256
a11ae11a5733dd29842ae1d6431c949ecfedfc4c0b10176131d1e8b3942862f5
-
SHA512
7a2fa9c2bcb47cf2a174d90c2d79caf93ff5e77ea8f624938b74c250c3ea7a88d24bacc953e4c5960817edcf54c5972bff099ca41b1d257bbb39723da7ae6546
-
SSDEEP
49152:XmjUiEZT53/ng3nxdFdKZHymQgG3f6CmzfzdGGFQTOMKJUxYqL0cgc03yL3LGSk:0REvkRySmxG3SCmzfzBqTD0tc0yW
Behavioral task
behavioral1
Sample
Predator 2.apk
Resource
android-33-x64-arm64-20240624-en
Malware Config
Extracted
spynote
5.42.92.97:7771
Targets
-
-
Target
Predator 2.apk
-
Size
3.7MB
-
MD5
732b55fe03a3f5e3d69afe5ef525438d
-
SHA1
bfc3d17e88d86258e8e37cb44c7c2d7082ee49c9
-
SHA256
a11ae11a5733dd29842ae1d6431c949ecfedfc4c0b10176131d1e8b3942862f5
-
SHA512
7a2fa9c2bcb47cf2a174d90c2d79caf93ff5e77ea8f624938b74c250c3ea7a88d24bacc953e4c5960817edcf54c5972bff099ca41b1d257bbb39723da7ae6546
-
SSDEEP
49152:XmjUiEZT53/ng3nxdFdKZHymQgG3f6CmzfzdGGFQTOMKJUxYqL0cgc03yL3LGSk:0REvkRySmxG3SCmzfzBqTD0tc0yW
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries information about active data network
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Defense Evasion
Foreground Persistence
1Hide Artifacts
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Discovery
Software Discovery
1Security Software Discovery
1System Network Connections Discovery
1