General
-
Target
8774ba10a3725f07dba1b9f94a7a1fa07cc6517d6af8b3550863f5873b177cbc.bin
-
Size
3.2MB
-
Sample
241228-1w26astkbl
-
MD5
fe2f56e8b24a41b156279d422bebc50c
-
SHA1
f712d2bf523a1a5691c6fb71481fac78c87f8676
-
SHA256
8774ba10a3725f07dba1b9f94a7a1fa07cc6517d6af8b3550863f5873b177cbc
-
SHA512
a15b515e37c6d1727c78e19b07095d3adf31873758b3918f393207f048c3041cecf78b5a4364f55e49b4f39c32df42f67382b6bc117e8d9d376a9c575d4694c5
-
SSDEEP
49152:eCM9uH1DZHlB6Ctfsrke8ooXmzRzdGG8LTDwQTOO+URYq/0cg80LTDzDYM2ggmCq:e6H1DZHaCtjpmzRzBiDnTr0t8qD/YVq
Malware Config
Targets
-
-
Target
8774ba10a3725f07dba1b9f94a7a1fa07cc6517d6af8b3550863f5873b177cbc.bin
-
Size
3.2MB
-
MD5
fe2f56e8b24a41b156279d422bebc50c
-
SHA1
f712d2bf523a1a5691c6fb71481fac78c87f8676
-
SHA256
8774ba10a3725f07dba1b9f94a7a1fa07cc6517d6af8b3550863f5873b177cbc
-
SHA512
a15b515e37c6d1727c78e19b07095d3adf31873758b3918f393207f048c3041cecf78b5a4364f55e49b4f39c32df42f67382b6bc117e8d9d376a9c575d4694c5
-
SSDEEP
49152:eCM9uH1DZHlB6Ctfsrke8ooXmzRzdGG8LTDwQTOO+URYq/0cg80LTDzDYM2ggmCq:e6H1DZHaCtjpmzRzBiDnTr0t8qD/YVq
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1