8cb941658ed8340b67a38a47162ab8850b89a14eee2899f0761fadd4f648fd5e

Analysis

max time kernel
534076s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20230831-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230831-enlocale:en-usos:android-11-x64system
submitted
11-10-2023 10:44

Target

anubis.apk
Size

213KB
MD5

ba7b1ba0830e11da60dec1c90632515d
SHA1

b0a38160d78f9d0799c646d9f21ab65afb917202
SHA256

8cb941658ed8340b67a38a47162ab8850b89a14eee2899f0761fadd4f648fd5e
SHA512

b53be16ce325c094dd6c1188605b8abc1fbb7c085a4cacd9f9649d9fd4143e70ae9c49a718747f46860e0c3899704a8bd379c104107ad565fa6df980ba00d420
SSDEEP

3072:daC6U6a1PPE/387RpOnzy3fmhbGluwXK6boURb0gqJo0DK0z5StS:sB9a1PgMOnzhxGlZjb0n9DK00I

Score

8^/10

Makes use of the framework's Accessibility service. 2 IoCs

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	wocwvy.czyxoxmbauu.slsa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	wocwvy.czyxoxmbauu.slsa

Removes its main activity from the application launcher 1 IoCs

pid	Process
4551	wocwvy.czyxoxmbauu.slsa

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	wocwvy.czyxoxmbauu.slsa

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	wocwvy.czyxoxmbauu.slsa

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	wocwvy.czyxoxmbauu.slsa

Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	wocwvy.czyxoxmbauu.slsa