General
-
Target
plutonium.apk
-
Size
5.9MB
-
Sample
241130-t64csasrcp
-
MD5
fd1f099d51e80e346a73992e496e8c9e
-
SHA1
d91722cf30ff865d6835428672247ad93826b0ca
-
SHA256
1818e47351b295de034ba83a726c65cc5e8b776a82607c08249313350e5d8244
-
SHA512
9b684443b7cb9a4b62daa6c23494fd048bd60041fe8ef6d04b028ce1c27735ac689e866c657fdb3aa4739fad7d5e76b5f10008536be9c990021ae096cd1ebcfe
-
SSDEEP
98304:EDxN0bMyr3uqXT3e9mnH6m9GZLM7TFgGnSZmzZaLE9ZcCzBlD0m2TLmaTm:+x+wyr33TxanLIg8SszZaLE9OG
Malware Config
Targets
-
-
Target
plutonium.apk
-
Size
5.9MB
-
MD5
fd1f099d51e80e346a73992e496e8c9e
-
SHA1
d91722cf30ff865d6835428672247ad93826b0ca
-
SHA256
1818e47351b295de034ba83a726c65cc5e8b776a82607c08249313350e5d8244
-
SHA512
9b684443b7cb9a4b62daa6c23494fd048bd60041fe8ef6d04b028ce1c27735ac689e866c657fdb3aa4739fad7d5e76b5f10008536be9c990021ae096cd1ebcfe
-
SSDEEP
98304:EDxN0bMyr3uqXT3e9mnH6m9GZLM7TFgGnSZmzZaLE9ZcCzBlD0m2TLmaTm:+x+wyr33TxanLIg8SszZaLE9OG
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Launchs application uninstaller.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-