General
-
Target
MiCaixa.apk
-
Size
7.3MB
-
Sample
241119-ltawpstdmd
-
MD5
4acdfdaedda6b55629b8140777b24e2b
-
SHA1
3d704372c056aa894bccb0ca91a2f34ea282f5c0
-
SHA256
08bbf6e703d84ef4ecb40f3335fb4ecc2a09c058fb886f7dc205d00d4dfafdff
-
SHA512
9b9fcb1bf2d5995793ec135bb1266b809cd4a1c88dc35468735ec50a066ea86e9c1931366cf9e7291c6dce64b48e2807a0f1e4c86c5d7adbbadaad1a72c727ef
-
SSDEEP
196608:Ltkh7pZjbC/5rcKR+mHDQDvDWD6DC1DBDfDWu+:LKpZbg5bR+uE7yukNLx+
Malware Config
Targets
-
-
Target
MiCaixa.apk
-
Size
7.3MB
-
MD5
4acdfdaedda6b55629b8140777b24e2b
-
SHA1
3d704372c056aa894bccb0ca91a2f34ea282f5c0
-
SHA256
08bbf6e703d84ef4ecb40f3335fb4ecc2a09c058fb886f7dc205d00d4dfafdff
-
SHA512
9b9fcb1bf2d5995793ec135bb1266b809cd4a1c88dc35468735ec50a066ea86e9c1931366cf9e7291c6dce64b48e2807a0f1e4c86c5d7adbbadaad1a72c727ef
-
SSDEEP
196608:Ltkh7pZjbC/5rcKR+mHDQDvDWD6DC1DBDfDWu+:LKpZbg5bR+uE7yukNLx+
Score7/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
Requests accessing notifications (often used to intercept notifications before users become aware).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Access Notifications
1Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1