General
-
Target
latamAirLines.apk
-
Size
14.0MB
-
Sample
241209-h2wxcszrdw
-
MD5
c6f64da0660c72501398cb0f8b175eaf
-
SHA1
43b68ab63d87f57b358388e36bcb16b2c0ce375d
-
SHA256
06f2da8b2511866c6a7d555d89237cd7985135471e332f896578f65c718a2b57
-
SHA512
61e9eba8f20d387eba03d5ba6910f200e046a7dd688f8233097da01ddd32c90622731e670cae251a08496fd9557e0f1f2fe2b9bc8f83d7cd1b62f2eab173cf85
-
SSDEEP
393216:lO9cpJxXd8hKX90yE8W3HxiQ9y8QMSrga:lOOOhKX99csuIMSrL
Malware Config
Targets
-
-
Target
latamAirLines.apk
-
Size
14.0MB
-
MD5
c6f64da0660c72501398cb0f8b175eaf
-
SHA1
43b68ab63d87f57b358388e36bcb16b2c0ce375d
-
SHA256
06f2da8b2511866c6a7d555d89237cd7985135471e332f896578f65c718a2b57
-
SHA512
61e9eba8f20d387eba03d5ba6910f200e046a7dd688f8233097da01ddd32c90622731e670cae251a08496fd9557e0f1f2fe2b9bc8f83d7cd1b62f2eab173cf85
-
SSDEEP
393216:lO9cpJxXd8hKX90yE8W3HxiQ9y8QMSrga:lOOOhKX99csuIMSrL
Score7/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-