Analysis
-
max time kernel
4134128s -
max time network
616s -
platform
android_x64 -
resource
android-x64-arm64-20230831-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230831-enlocale:en-usos:android-11-x64system -
submitted
03-10-2023 16:30
General
-
Target
client.apk
-
Size
750KB
-
MD5
6ab55ca85732bd709fb66c305562117f
-
SHA1
b316564fae8e52eee8cc3b688196842272b4cfee
-
SHA256
625a0157c3eeb1413a370733abfcfe3cf94230ba4545bc013627817825851346
-
SHA512
c207d5ae71ec57454c37cf123792e47ef8923ab65e3a8bc3133e026af7aa258caad76dd06fd48335795828ab3701d8780794394df04125ee8515d3fe4c08147b
-
SSDEEP
12288:Ttpa1a8LreWURVSW67D1TN5WmpYshXZPbGwidNpgTon:Ttpa1a2eWURT67D1TN5WmD9idNpnn
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.content.pm.IPackageManager.getInstalledApplications cmf0.c3b5bm90zq.patch -
Processes:
cmf0.c3b5bm90zq.patchpid process 4535 cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch
Processes
-
cmf0.c3b5bm90zq.patch1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Removes its main activity from the application launcher
- Requests enabling of the accessibility settings.
- Tries to add a device administrator.
-
su2⤵
-
su2⤵
-
su2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/Google Services/config03-10-2023.logFilesize
76B
MD533f5a289a9ed12247966d25499962c83
SHA1abfe4ea47cc12b67b19ffb7a86ee39ece22a6dce
SHA256750d5becfb1f8d642bb492c9ab71820b1e0246bbdf60e00a825aba6b07c9e13d
SHA5124ab5df47165fb4c2f0e58561b0c598fbd45ccd1d43aeaf510965bf4107564d56be8b41ebc8ff53fecc2f68165ec4a4cec7ec728badbba32f607aeb6701592268
-
/storage/emulated/0/Google Services/config03-10-2023.logFilesize
600B
MD553d82f9094daa62bde22dfdd7fb0f70d
SHA137edcde19fb0b0f0e6e8524c1daf9ddf2f3dc4bf
SHA256e183d93eef6d722c93013060f129fd5f9fa7a7d063664d3e04274dc2650625e9
SHA512972bcd474e5acb2a3623946e78b0dcf17d0f725368eea16838ec4f23b69b1c2e294ac7ac17702e76a433e5d5a7533266c1aa48523cf9faca10f1683995e82f8a
-
/storage/emulated/0/Google Services/config03-10-2023.logFilesize
76B
MD533f5a289a9ed12247966d25499962c83
SHA1abfe4ea47cc12b67b19ffb7a86ee39ece22a6dce
SHA256750d5becfb1f8d642bb492c9ab71820b1e0246bbdf60e00a825aba6b07c9e13d
SHA5124ab5df47165fb4c2f0e58561b0c598fbd45ccd1d43aeaf510965bf4107564d56be8b41ebc8ff53fecc2f68165ec4a4cec7ec728badbba32f607aeb6701592268
-
/storage/emulated/0/Google Services/config03-10-2023.logFilesize
78B
MD598b4ced8a0dacb2ecfd69e8f4f136a41
SHA1d9d20d1da6196617df6c4a80f6c6e9391e867eed
SHA2566132342d9546bf1e302b63857199be37933b6c3dc123f8e4192f7ad30a8b3503
SHA5123057bc57268291f42300e5b1a3de1d135f8eff3a71a1e02c2f624aea3036b5fc949a6626a9664cb1b41a30a48df64e6d9d733d727bdb65168077b9673f7f5b84
-
/storage/emulated/0/Google Services/config03-10-2023.logFilesize
1KB
MD5fe2a8387e438c8b19cd1f2b4aa7c66bb
SHA15ee82061f3943553aec8edeb95c35df9ed8fd570
SHA256bec4a6313d019dbc24475405b5fae64afe489784279e3184927cd97d0a247cc2
SHA5126190bfb577ffc3e819efb2ea1c0d89d36e9c72dc8d4e4b6c29ec9454e5f28a903d91b04456d8bfaffedd267a0ff1d7a2dcb99d85cae7803d7f6a6e7897a4544b
-
/storage/emulated/0/Google Services/config03-10-2023.logFilesize
1KB
MD55fc2b14a0e40914654a7a8e94c974cfc
SHA196a6b34d1c3a953c98ef9a733e68fc04326711f9
SHA2561a8a9905d41a282c70bc25a7c7e89cfb93d205e917247398df487622c248a843
SHA512b78e582d77e1ba6e83af191da092cd5933af0200a3918fc8c343bebe8e8787691398689bcc28613793cf70461c52b6961d977794090e152d0acc9190fda61e4f