General

  • Target

    fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.bin

  • Size

    3.9MB

  • Sample

    241201-1ylw4aypek

  • MD5

    a8867673095f5e4be8e5a76ddbdec4c3

  • SHA1

    a443f19c03e49927884899da8fd69745e7672d0d

  • SHA256

    fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353

  • SHA512

    2807b0c2d1ff9674399ceb0315b87da1e40b30d9b1ab4123fa2d41e03c4f1b8a675f9f99675d7dfcbbf35750a2c1eff4fc86f0d22810b4b066ef74b44000fc11

  • SSDEEP

    98304:fYX3sLQmf2g5hP75IPe2P4OH3BmNhqM9U2s1xorcIuOb8LYZ:fYsVhtIPeO4OHR20MworcIUYZ

Malware Config

Extracted

Family

godfather

C2

https://t.me/napikozaremossod

Targets

    • Target

      fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.bin

    • Size

      3.9MB

    • MD5

      a8867673095f5e4be8e5a76ddbdec4c3

    • SHA1

      a443f19c03e49927884899da8fd69745e7672d0d

    • SHA256

      fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353

    • SHA512

      2807b0c2d1ff9674399ceb0315b87da1e40b30d9b1ab4123fa2d41e03c4f1b8a675f9f99675d7dfcbbf35750a2c1eff4fc86f0d22810b4b066ef74b44000fc11

    • SSDEEP

      98304:fYX3sLQmf2g5hP75IPe2P4OH3BmNhqM9U2s1xorcIuOb8LYZ:fYsVhtIPeO4OHR20MworcIUYZ

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Performs UI accessibility actions on behalf of the user

      Application may abuse the accessibility service to prevent their removal.

MITRE ATT&CK Mobile v15

Tasks