Analysis

  • max time kernel
    2993011s
  • max time network
    155s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    24-04-2023 08:31

General

  • Target

    6f606bc5004af2b90b66d6e6e4f29f35a3b4a31dc6974b55434b3c53d70584a4.apk

  • Size

    5.2MB

  • MD5

    44e3c256cb0b2b93b76986983df71a8a

  • SHA1

    44fd2551bff74a252e1c17194e21dfad87c229c5

  • SHA256

    6f606bc5004af2b90b66d6e6e4f29f35a3b4a31dc6974b55434b3c53d70584a4

  • SHA512

    e76d0fdc87736b0d181f4bd3848519de460231ea254f7dc1c1868ae0924816aa91df8a508d018fa53753b8c153c8decb9b27346522f999a56d575e0dc55bbf15

  • SSDEEP

    6144:A6jNYUjUPJYSihkN4jiNjpeo0TKbOERQRWagj/yYlIbq5JDs56GE28R0luOe/2vK:VNYUj6yyCSUoMCQRWRTyYloG9R08OCkK

Score
8/10

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
  • Removes a system notification. 1 IoCs

Processes

  • com.employ.mb
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Removes a system notification.
    PID:4147

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.employ.mb/shared_prefs/com.employ.mb.xml

    Filesize

    146B

    MD5

    e0ae18ee51f8080061f538d00a4a2b1f

    SHA1

    b39e93a0da5a827e9154142070e5eb93eb2a6314

    SHA256

    cb60eb5f68387d91f47eecbf64f465400f1d0dfd29dca34c2f7835a381f2c1ee

    SHA512

    646b099795a1e9232a3548f78cd3e0025695f2cfd002cb9eae73c0ce14c64dc253ad3ceb7dd53e6289b38b5f556ed511c103e99c197c0685f80361aa0d97c96e