General
-
Target
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.bin
-
Size
3.9MB
-
Sample
241201-1ylw4aypek
-
MD5
a8867673095f5e4be8e5a76ddbdec4c3
-
SHA1
a443f19c03e49927884899da8fd69745e7672d0d
-
SHA256
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353
-
SHA512
2807b0c2d1ff9674399ceb0315b87da1e40b30d9b1ab4123fa2d41e03c4f1b8a675f9f99675d7dfcbbf35750a2c1eff4fc86f0d22810b4b066ef74b44000fc11
-
SSDEEP
98304:fYX3sLQmf2g5hP75IPe2P4OH3BmNhqM9U2s1xorcIuOb8LYZ:fYsVhtIPeO4OHR20MworcIUYZ
Behavioral task
behavioral1
Sample
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
godfather
https://t.me/napikozaremossod
Targets
-
-
Target
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353.bin
-
Size
3.9MB
-
MD5
a8867673095f5e4be8e5a76ddbdec4c3
-
SHA1
a443f19c03e49927884899da8fd69745e7672d0d
-
SHA256
fb034abe26c258845c226a4d2c65d0266e0d74b6f6ef37c25a86a3acbbfdc353
-
SHA512
2807b0c2d1ff9674399ceb0315b87da1e40b30d9b1ab4123fa2d41e03c4f1b8a675f9f99675d7dfcbbf35750a2c1eff4fc86f0d22810b4b066ef74b44000fc11
-
SSDEEP
98304:fYX3sLQmf2g5hP75IPe2P4OH3BmNhqM9U2s1xorcIuOb8LYZ:fYsVhtIPeO4OHR20MworcIUYZ
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-