General
-
Target
childapp.apk
-
Size
5.8MB
-
Sample
241120-j3524ateja
-
MD5
9b988bac1e8cc588927eb592754cd996
-
SHA1
7fe5261cd3643e7e0f723e0e801c844d148efaf6
-
SHA256
55f455189e3a8c607911c14adf0c6b2a40672105106daf85c488ad614508f6b4
-
SHA512
1a99623fa0be0b441083f419af13404d2845946f74760fa58b3c8fcab824e66488e3335dc73b59555cd795a2fc0632f3fb29f56b3196739984350a6d0e699baf
-
SSDEEP
98304:bnEV14nLHNg3cBy8Nyl+D55HzBZKOZm8DUtuKxmzNpT2MiaLEC5dWqSkcBl0mvRg:bnsOnLSc/ylW+8UQzNh2MiaLEC5hSkcy
Malware Config
Targets
-
-
Target
childapp.apk
-
Size
5.8MB
-
MD5
9b988bac1e8cc588927eb592754cd996
-
SHA1
7fe5261cd3643e7e0f723e0e801c844d148efaf6
-
SHA256
55f455189e3a8c607911c14adf0c6b2a40672105106daf85c488ad614508f6b4
-
SHA512
1a99623fa0be0b441083f419af13404d2845946f74760fa58b3c8fcab824e66488e3335dc73b59555cd795a2fc0632f3fb29f56b3196739984350a6d0e699baf
-
SSDEEP
98304:bnEV14nLHNg3cBy8Nyl+D55HzBZKOZm8DUtuKxmzNpT2MiaLEC5dWqSkcBl0mvRg:bnsOnLSc/ylW+8UQzNh2MiaLEC5hSkcy
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1