Overview
overview
8Static
static
7chinhphu0629.apk
android-9-x86
8chinhphu0629.apk
android-10-x64
5index.html
windows7-x64
1index.html
windows10-2004-x64
1l762f62c5_a32.so
debian-9-armhf
1l762f62c5_a64.so
ubuntu-18.04-amd64
l762f62c5_a64.so
debian-9-armhf
l762f62c5_a64.so
debian-9-mips
l762f62c5_a64.so
debian-9-mipsel
l762f62c5_x64.so
ubuntu-18.04-amd64
1l762f62c5_x86.so
ubuntu-18.04-amd64
1mask1.html
windows7-x64
1mask1.html
windows10-2004-x64
1Analysis
-
max time kernel
107687s -
max time network
159s -
platform
android_x86 -
resource
android-x86-arm-20230621-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20230621-enlocale:en-usos:android-9-x86system -
submitted
29-06-2023 09:07
Static task
static1
Behavioral task
behavioral1
Sample
chinhphu0629.apk
Resource
android-x86-arm-20230621-en
Behavioral task
behavioral2
Sample
chinhphu0629.apk
Resource
android-x64-20230621-en
Behavioral task
behavioral3
Sample
index.html
Resource
win7-20230621-en
Behavioral task
behavioral4
Sample
index.html
Resource
win10v2004-20230621-en
Behavioral task
behavioral5
Sample
l762f62c5_a32.so
Resource
debian9-armhf-20221125-en
Behavioral task
behavioral6
Sample
l762f62c5_a64.so
Resource
ubuntu1804-amd64-20230621-en
Behavioral task
behavioral7
Sample
l762f62c5_a64.so
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral8
Sample
l762f62c5_a64.so
Resource
debian9-mipsbe-20221111-en
Behavioral task
behavioral9
Sample
l762f62c5_a64.so
Resource
debian9-mipsel-20221125-en
Behavioral task
behavioral10
Sample
l762f62c5_x64.so
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral11
Sample
l762f62c5_x86.so
Resource
ubuntu1804-amd64-20230621-en
Behavioral task
behavioral12
Sample
mask1.html
Resource
win7-20230621-en
Behavioral task
behavioral13
Sample
mask1.html
Resource
win10v2004-20230621-en
General
-
Target
chinhphu0629.apk
-
Size
7.7MB
-
MD5
7aac62728f4a58575f76141675d9c3d1
-
SHA1
6c7b71632e495cc74bec7630078e5aae0e6c169a
-
SHA256
f6aaeed90d51f1d3c270c9b9ca9f0df89f6af484cf657b2edc1d2f4262820a2c
-
SHA512
a57f5efb452a0f90ef0318dff65b07420d1601e3265895b40438e445c82c10204317d77ea3a2d302961ba879fec0f0a0b8bb16ebbfeab394cae561717bd25959
-
SSDEEP
196608:r1BG/6TsXbAUTvfOj/gnO28+UUV4HKmqKiPC:R0eS/fOOdUU8oPC
Malware Config
Signatures
-
Makes use of the framework's Accessibility service. 1 IoCs
Processes:
com.ac.apckdescription ioc Process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId com.ac.apck -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
Processes:
com.ac.apckdescription ioc Process Framework service call android.content.pm.IPackageManager.getInstalledApplications com.ac.apck -
Acquires the wake lock. 1 IoCs
Processes:
com.ac.apckdescription ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.ac.apck -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
com.ac.apckdescription ioc Process Intent action android.settings.ACCESSIBILITY_SETTINGS com.ac.apck -
Reads information about phone network operator.
-
Removes a system notification. 1 IoCs
Processes:
com.ac.apckdescription ioc Process Framework service call android.app.INotificationManager.cancelNotificationWithTag com.ac.apck -
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes:
com.ac.apckdescription ioc Process Framework API call javax.crypto.Cipher.doFinal com.ac.apck
Processes
-
com.ac.apck1⤵
- Makes use of the framework's Accessibility service.
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Acquires the wake lock.
- Requests enabling of the accessibility settings.
- Removes a system notification.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4164
-
com.ac.apck:p11⤵PID:4209
-
com.ac.apck:p21⤵PID:4255
-
com.ac.apck:p31⤵PID:4339
-
com.ac.apck:s31⤵PID:4423
-
com.ac.apck:s21⤵PID:4398
-
com.ac.apck:s11⤵PID:4371
-
com.ac.apck:r11⤵PID:4479
-
com.ac.apck:r21⤵PID:4571
-
com.ac.apck:r31⤵PID:4624
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20B
MD593027d42b314432c4216e6cfca48b384
SHA143448dd8102979c3926828182579691945eedd4e
SHA2563cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c
SHA512a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e
-
Filesize
48B
MD5bb2bdb77268fd450190f441071f46ed7
SHA1b13fa6785a3b39c36afae549150cb7c3b2a6cf37
SHA2565752b9af8c5609368ed430a061653c766c5e0ab3bcdfdd457a26b14fdc8bd6e6
SHA512a8191a20c89268c0a8670b2a3b4f3ba83c56845f35255a7116037833d61850d650bb81cfb5542f629135e8cd70e036b2270a66f9bca6bcaffb498d119a404b93
-
Filesize
104KB
MD5dc79f9ce5f3ab5270b33e61119dfc959
SHA11844bf222a5144b513dcf2fb50a18c011701c647
SHA25647e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65
SHA51218b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e
-
Filesize
1KB
MD5722f2afed128434626bf421523ae07f6
SHA1d8ec533e1a0bfa8ebfcb910ac38931ba9bc52d2d
SHA25663a2c4bb77d2f24cf64cf9965692fd11e47ed4359d1a71aa1bf0fece6acb6d61
SHA512f2fd1f6d46b0f10bf469a4522697730838d31111924f6da764e73674fc59fa98e827cbe2e1c5890df1370abd8c30d6e3555f53e43156038067ddf7826ff7150c
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
Filesize
36B
MD55c38802313b64f2744c014cc3372be84
SHA18ee93f74cde90a67d49b2f9ae6fb2d38b646208c
SHA25620da59ca0abb1c408d3ab9aa3f09afacd50e1ade51f2857a19abf0c4af690b79
SHA512e28a43265d12841cbb22902be9e0de53437707001f840b70501839f83efdfc54f1bc5d247f918317372f6b76b7f20fb25239dc829106c527bf11031fb88fdae8
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
Filesize
127B
MD521223e9184445fe043476484cd8cb1f9
SHA12b4813f849121d60ba35eb0889080668bb62c778
SHA256bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af
SHA512be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48