General
-
Target
c22ccebcb94895dfc31120dede226ce5835243c7b6bed7c6738bc2ebfeb0bd2f.bin
-
Size
4.3MB
-
Sample
250328-1y6lhatnz2
-
MD5
7cd8ba8e2d1beae38107e76520db0d25
-
SHA1
8865f2044d7af855dcd16cc6541ca9e53b02cef2
-
SHA256
c22ccebcb94895dfc31120dede226ce5835243c7b6bed7c6738bc2ebfeb0bd2f
-
SHA512
51d8151d420ac03599e0beb27cd4910c9b91c5ceb696157c73374b65cc4504e8a6e99b01689b201fd5921f0854979a76839fc94a4c14922a6913d3afc705495a
-
SSDEEP
98304:vrUQN3Az6oX2mUuqa1x6nKLrrRxTRMSujqKQ9+9uki3zl7HhXtU:vrltAz6M2m5xAUrrRxCSqqWgki3j2
Malware Config
Targets
-
-
Target
c22ccebcb94895dfc31120dede226ce5835243c7b6bed7c6738bc2ebfeb0bd2f.bin
-
Size
4.3MB
-
MD5
7cd8ba8e2d1beae38107e76520db0d25
-
SHA1
8865f2044d7af855dcd16cc6541ca9e53b02cef2
-
SHA256
c22ccebcb94895dfc31120dede226ce5835243c7b6bed7c6738bc2ebfeb0bd2f
-
SHA512
51d8151d420ac03599e0beb27cd4910c9b91c5ceb696157c73374b65cc4504e8a6e99b01689b201fd5921f0854979a76839fc94a4c14922a6913d3afc705495a
-
SSDEEP
98304:vrUQN3Az6oX2mUuqa1x6nKLrrRxTRMSujqKQ9+9uki3zl7HhXtU:vrltAz6M2m5xAUrrRxCSqqWgki3j2
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the SMS messages.
-
Reads the content of the call log.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Discovery
Software Discovery
1Security Software Discovery
1System Network Configuration Discovery
3