General
-
Target
Social Boost.apk
-
Size
4.8MB
-
Sample
250117-qh7thsypfv
-
MD5
1b0e950b5f55b9436c3088666a35a2e4
-
SHA1
1b531d38ef5148279eab605250bd1b8d9f3bef3f
-
SHA256
c86da19524361f624653785171e8aac3b030a8e709954cd8b9a5727010656265
-
SHA512
aec0fb07611e2a766406f8ab45606c92b99d87a939f86ff64959df54e74b0ff8dccb2e2e6efcf56ff03496c827c8b1d8ab44b376481f8bd923e42d65e88b39ba
-
SSDEEP
98304:L4PkaMaxyxCRyeWfpmzLzBfT90tgCiHlYt:L4MaZxmC0eQczpywm
Malware Config
Targets
-
-
Target
Social Boost.apk
-
Size
4.8MB
-
MD5
1b0e950b5f55b9436c3088666a35a2e4
-
SHA1
1b531d38ef5148279eab605250bd1b8d9f3bef3f
-
SHA256
c86da19524361f624653785171e8aac3b030a8e709954cd8b9a5727010656265
-
SHA512
aec0fb07611e2a766406f8ab45606c92b99d87a939f86ff64959df54e74b0ff8dccb2e2e6efcf56ff03496c827c8b1d8ab44b376481f8bd923e42d65e88b39ba
-
SSDEEP
98304:L4PkaMaxyxCRyeWfpmzLzBfT90tgCiHlYt:L4MaZxmC0eQczpywm
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-