Overview

overview

10

Static

static

10

tamo on pa.apk

android-9-x86

8

tamo on pa.apk

android-10-x64

8

tamo on pa.apk

android-11-x64

8

Analysis

  • max time kernel
    777892s
  • max time network
    157s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
  • submitted
    14-10-2023 00:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tamo on pa.apk

  • Size

    3.7MB

  • MD5

    11f3d45d0d7a7e04565fb533be5605f9

  • SHA1

    4e3cc84634735ed5d8373cb926c979af3b49e1a3

  • SHA256

    481c1de00a0afc5260feb41d0e5e46fb2020b93ac346462ce970321cbcbae886

  • SHA512

    fab2327e56e965f05235e6a8e999c093fd44268516e9e7c7efa9560eb3645c89877ce4a9923360cdb5e4449a1b766ff5e24816b99db49c5a585ba5d89cfc7491

  • SSDEEP

    49152:wnL+kxbDR3FRpkS7zNz4dPp0bXvT5AyWmznzdGGLQTOC3UfYqh0cg4Sr+ik8XBIZ:OL+kZ1FJzNBfjWmznzB8TK0t4S9X0

Score
8/10
bankerevasion

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
    banker
  • Acquires the wake lock. 1 IoCs
  • Removes a system notification. 1 IoCs
    evasion

Processes

  • create.generation.provision
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
    • Acquires the wake lock.
    • Removes a system notification.
    PID:5029

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads