General
-
Target
Blockchain.apk
-
Size
4.4MB
-
Sample
250120-13ryxasjbs
-
MD5
afbbf52a1be9a76bfb95dc4998bf2b89
-
SHA1
edb9dcc93d9eddffce37de455674af64cdb3ecd5
-
SHA256
2149d2a70bd47236a0ac2ead264a3950b64b06c1c0bbfdf5202b612e7af55479
-
SHA512
0f1f68d478ea237585d392d473c94f0ee959353f063da9acc238881d7181e76671ecb46984b01f2d9342e3f6cc3daa153f5d03048d7b506f12c774e85c9178c9
-
SSDEEP
98304:I2ZjJdEj9X4EwHhS7Q2iyDjh8mzfzBdTJ0t8XSsqt:IEjcjaEwHI823zfmQ6
Malware Config
Targets
-
-
Target
Blockchain.apk
-
Size
4.4MB
-
MD5
afbbf52a1be9a76bfb95dc4998bf2b89
-
SHA1
edb9dcc93d9eddffce37de455674af64cdb3ecd5
-
SHA256
2149d2a70bd47236a0ac2ead264a3950b64b06c1c0bbfdf5202b612e7af55479
-
SHA512
0f1f68d478ea237585d392d473c94f0ee959353f063da9acc238881d7181e76671ecb46984b01f2d9342e3f6cc3daa153f5d03048d7b506f12c774e85c9178c9
-
SSDEEP
98304:I2ZjJdEj9X4EwHhS7Q2iyDjh8mzfzBdTJ0t8XSsqt:IEjcjaEwHI823zfmQ6
Score7/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-