General
-
Target
Blockchain.apk
-
Size
4.4MB
-
Sample
250105-vfahfszmew
-
MD5
9a46a0d703614dc8095f1ac4a8daf0a1
-
SHA1
7edf90b165a30a0c517de42af4d973a5ae2d5895
-
SHA256
076195b4ca88c7619a2a316d49b96a1a7b51177e96255e511b528d7e1e82b75a
-
SHA512
b4528377fd96f2579652256103b5d1c675240b0f1363e7cec14bb4bf2532dfa666f3c5ad720be60cdbd68aa12ab822c291a20ca01ba5e08e612edd9db757f1da
-
SSDEEP
98304:xY0ZuPZte9Wc46I7C0WALdJONVpyC2umzHzBBT90tkYeFH9:O0qtecc46cEHb2pzny/s
Malware Config
Targets
-
-
Target
Blockchain.apk
-
Size
4.4MB
-
MD5
9a46a0d703614dc8095f1ac4a8daf0a1
-
SHA1
7edf90b165a30a0c517de42af4d973a5ae2d5895
-
SHA256
076195b4ca88c7619a2a316d49b96a1a7b51177e96255e511b528d7e1e82b75a
-
SHA512
b4528377fd96f2579652256103b5d1c675240b0f1363e7cec14bb4bf2532dfa666f3c5ad720be60cdbd68aa12ab822c291a20ca01ba5e08e612edd9db757f1da
-
SSDEEP
98304:xY0ZuPZte9Wc46I7C0WALdJONVpyC2umzHzBBT90tkYeFH9:O0qtecc46cEHb2pzny/s
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-