General
-
Target
d8452b39b1962239e9dbe12e8a9d8d0ee098b9c8de8a8d55b5a95b67b552102f.apk
-
Size
161KB
-
Sample
250327-m6wjlssrx9
-
MD5
de6ef70d8f9e0af2071a9ba1be902a37
-
SHA1
fb4bc1d9b1b6f1f22331dee8ba300d32b2563649
-
SHA256
d8452b39b1962239e9dbe12e8a9d8d0ee098b9c8de8a8d55b5a95b67b552102f
-
SHA512
a2cc63f788caa00678a6d90ac655b71ee28f8bb999239fe71475ce87a78180bffe4ae114b825d319995741b1bc005111ba8fa72d1d20686c9bb4baf169776879
-
SSDEEP
3072:SQZGjcHoU3QiCxEH14Xj4JKBLRP9cuTqUcanhXEcMYZ4JBpEFRrCVJnacL:SQZGjcOBQSj4CcuTqfanh9Z4TiFRrCHT
Malware Config
Targets
-
-
Target
d8452b39b1962239e9dbe12e8a9d8d0ee098b9c8de8a8d55b5a95b67b552102f.apk
-
Size
161KB
-
MD5
de6ef70d8f9e0af2071a9ba1be902a37
-
SHA1
fb4bc1d9b1b6f1f22331dee8ba300d32b2563649
-
SHA256
d8452b39b1962239e9dbe12e8a9d8d0ee098b9c8de8a8d55b5a95b67b552102f
-
SHA512
a2cc63f788caa00678a6d90ac655b71ee28f8bb999239fe71475ce87a78180bffe4ae114b825d319995741b1bc005111ba8fa72d1d20686c9bb4baf169776879
-
SSDEEP
3072:SQZGjcHoU3QiCxEH14Xj4JKBLRP9cuTqUcanhXEcMYZ4JBpEFRrCVJnacL:SQZGjcOBQSj4CcuTqfanh9Z4TiFRrCHT
Score8/10-
Removes its main activity from the application launcher
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the SMS messages.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Tries to add a device administrator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Privilege Escalation
Abuse Elevation Control Mechanism
1Device Administrator Permissions
1