Resubmissions

18-04-2023 09:12

230418-k6hawacc9s 10

Analysis

  • max time kernel
    2477047s
  • max time network
    68s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    18-04-2023 09:12

General

  • Target

    ready.apk

  • Size

    700KB

  • MD5

    ca277ea4539a168b302d401c6403e992

  • SHA1

    e7d3b7fa1525ee5e6615535b2273c72af8c6fa36

  • SHA256

    f6da1a4e62ca28ee583ba3cbf536bdfc845e1d156ad1f97e634f65efb1555311

  • SHA512

    28bb36c4caceb13df01041041ef6f12c897721684a50f7e200799429c764b59671b7d43ce9aa7c0699a1cf7bafa7194ef52e602f7de6443f8a5e403c4979d300

  • SSDEEP

    12288:VTtRz2nglFDBnhTXafTxHs6EkbiIBl5Te1laVrusT3cgtN0FVU6Rq21ngjwtWDuA:VpA4xhTXaN5NBuEHT3SFVUGNg/ukv

Score
8/10

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 1 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs
  • Removes a system notification. 1 IoCs

Processes

  • com.expand.calcium
    1⤵
    • Makes use of the framework's Accessibility service.
    • Requests enabling of the accessibility settings.
    • Removes a system notification.
    PID:4112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.expand.calcium/app_webview/GPUCache/index

    Filesize

    20B

    MD5

    93027d42b314432c4216e6cfca48b384

    SHA1

    43448dd8102979c3926828182579691945eedd4e

    SHA256

    3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

    SHA512

    a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

  • /data/user/0/com.expand.calcium/app_webview/GPUCache/index-dir/temp-index

    Filesize

    48B

    MD5

    1542376edfa270b66fe387a25d933418

    SHA1

    cad580717e2eb3d0fc956865f1bbcf5fe474fb47

    SHA256

    dcc2b5d4f7612efabbfa2d6a7a99c47ab4683a13c4a3ba2d03b9d5c96e416ab6

    SHA512

    3792402e60e582848237fb017d592c6c92d7e805edf7ba8e1bc1bddec22e43e5ade84641b0c341b5c42afcd7654a47fd9bde173da8b8403e97eccf9c75e33b48

  • /data/user/0/com.expand.calcium/app_webview/GPUCache/index-dir/temp-index

    Filesize

    48B

    MD5

    a6ce58ef4793eca996d7bb736d09df33

    SHA1

    fff010dc5d744c63f87b44ab7f6c3ca542bbe322

    SHA256

    163c3fe1d05899d17a7cafaec42c5db0735c9f772ed3963f386c4d914008f8e5

    SHA512

    1aa356b51811e962fd9f077dc0995cc13684756c616012a39e3548cf5f7d2a54bef32e8e7ce7f89c20047ed2c9ed6fce30f130c8a0c236b855204b6f8bb36f03

  • /data/user/0/com.expand.calcium/app_webview/Web Data

    Filesize

    104KB

    MD5

    dc79f9ce5f3ab5270b33e61119dfc959

    SHA1

    1844bf222a5144b513dcf2fb50a18c011701c647

    SHA256

    47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

    SHA512

    18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

  • /data/user/0/com.expand.calcium/app_webview/Web Data-journal

    Filesize

    1KB

    MD5

    3a4c998d9aae3311f251767c5a6da428

    SHA1

    3efbdbbb9cef288cfb04ffc14748d25fe0a7f7df

    SHA256

    e8a795d939980aa90a062fb5dbeb8cc123189672e67316782c30f234d800dfae

    SHA512

    98e0529b1e12748b92668271666f4a29f54246325f4d5d8a6c5754a8f703fdb74858975a8d241906dc1b7ca971ce47f3ae68e7c11b0bf3226f8538e4f2866752

  • /data/user/0/com.expand.calcium/app_webview/metrics_guid

    Filesize

    36B

    MD5

    1ab5033e91056b5dde02f3cd1e745e41

    SHA1

    88ef5953de54eae9ee2611f834eda224ce73c99c

    SHA256

    d100f4a45155dd477733c7fb9367fb9a13ce12ab426aee5e62da1f819f67eae3

    SHA512

    61a5c91fdd14d80ca2500a19cc422522da1cfdc5a67ac3e0cae3e405f2a5601f0bce8f8f9f3e7b4f24d42bec210d31ea96ab9a7fc0bc59ca3d9dbcadca42be06

  • /data/user/0/com.expand.calcium/shared_prefs/AccessibilityPreference.xml

    Filesize

    122B

    MD5

    baf6dffa71b075ee709f19a6a7f88ef5

    SHA1

    852beecf653915845acea21d65a330dc86e9355e

    SHA256

    606d80aada57d7d7e700369c048b6a675ac4df19cb8a0412d489fc229f2baa7b

    SHA512

    6fc92553e59d1f58c2c93dc264e1fd969b9a1d79e2dc1a4e1afea0a1c320aa6f67a71aac23e94ba08b5073e1f2bd35d80d412eefda32b4222aecacde2337d340

  • /data/user/0/com.expand.calcium/shared_prefs/WebViewChromiumPrefs.xml

    Filesize

    127B

    MD5

    21223e9184445fe043476484cd8cb1f9

    SHA1

    2b4813f849121d60ba35eb0889080668bb62c778

    SHA256

    bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

    SHA512

    be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48