ioc[.]one - OSINT Cyber Threat Intelligence Database

PixStealer: a new wave of Android banking Trojans abusing Accessibility Services - Check Point Research

Tags

country:	Brazil Israel Portugal
attack-pattern:	Data Credentials - T1589.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	a3ee2584-3862-4893-ab15-524420a7283e
Fingerprint	8d3559198d732c81
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 29, 2021, 9:54 a.m.
Added to db	Sept. 11, 2022, 12:46 p.m.
Last updated	Sept. 4, 2024, 3:22 a.m.
Headline	PixStealer: a new wave of Android banking Trojans abusing Accessibility Services
Title	PixStealer: a new wave of Android banking Trojans abusing Accessibility Services - Check Point Research
Detected Hints/Tags/Attributes	61/2/18

Source URLs

	Redirection	Url
Details	Source	https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	research.checkpoint.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	11		br.com
Details	Domain	2		com.nu
Details	Domain	3		br.com.bradesco.next
Details	Domain	4		com.santander.app
Details	Domain	5		br.com.uol.ps
Details	Domain	4		br.com.original.bank
Details	File	1		autobot.ace
Details	File	5		uol.ps
Details	md5	1		2ef536239b84195e099013cfda06d3dd
Details	md5	1		678212691ab75ea925633512d9e3b5f4
Details	md5	1		d74e8b32e9d704633bd69581a15f55de
Details	md5	1		38737771e1ddab60c062cd0be323e89b
Details	md5	1		5b3deb74ec783b05645b3fff5d56667d
Details	md5	1		64679e8af5f494db86fb7b7312e79ba9
Details	sha256	1		28e8170485bbee78e1a54aae6a955e64fe299978cbb908da60e8663c794fd195
Details	sha256	1		c0585b792c0a9b8ef99b2b31edb28c5dac23f0c9eb47a0b800de848a9ab4b06c
Details	sha256	1		8b4f064895f8fac9a5f25a900ff964828e481d5df2a2c2e08e17231138e3e902
Details	sha256	1		2990f396c120b33c492d02e771c9f1968239147acec13afc9f500acae271aa11