General
-
Target
ZIWECP.apk
-
Size
2.0MB
-
Sample
250219-m1drlszjes
-
MD5
82e7f559c59fa39eff037680c8d314d6
-
SHA1
89a557906dffeb35922ff99766940cc32b8cacce
-
SHA256
f63a01ba9728d0c9654d5133e3e461634fda8f0bbb9aef46f472f1c5cc6b701b
-
SHA512
a3ebec2d3d6e7c72dc8b49858ecf7f351fa28ab28ab64a9c0dc2b83dfd7ba7c54c0c637476fa2b7e162b645874cbf536130ca1075728feda45e9d83ef39f73da
-
SSDEEP
49152:BgNw0/vTIyxF5Xx0eABDegmhcw++f5bQWdD0CVTplPhk:BH0/75xrupe/Kw++f5ZdD0iPhk
Malware Config
Targets
-
-
Target
ZIWECP.apk
-
Size
2.0MB
-
MD5
82e7f559c59fa39eff037680c8d314d6
-
SHA1
89a557906dffeb35922ff99766940cc32b8cacce
-
SHA256
f63a01ba9728d0c9654d5133e3e461634fda8f0bbb9aef46f472f1c5cc6b701b
-
SHA512
a3ebec2d3d6e7c72dc8b49858ecf7f351fa28ab28ab64a9c0dc2b83dfd7ba7c54c0c637476fa2b7e162b645874cbf536130ca1075728feda45e9d83ef39f73da
-
SSDEEP
49152:BgNw0/vTIyxF5Xx0eABDegmhcw++f5bQWdD0CVTplPhk:BH0/75xrupe/Kw++f5ZdD0iPhk
Score8/10-
Removes its main activity from the application launcher
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-