3ce06090bfc2e600798e29c6cbcd65e0d74de2da6a3231bbc64a4007673e34b0 | Triage

Analysis

max time kernel
1151652s
max time network
61s
platform
android_x64
resource
android-x64-20230831-en
resource tags

androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
submitted
18-10-2023 21:15

Sharing

Report Analysis Logs

General

Target

Final (1).apk
Size

193KB
MD5

2425a9fd00772a4505253f704112da4c
SHA1

09f78a89835db29354c839e05a8293e6537aa461
SHA256

3ce06090bfc2e600798e29c6cbcd65e0d74de2da6a3231bbc64a4007673e34b0
SHA512

1cb8324f89940feeb5f509cb434c6d55063e23879ca1946ba3e9de4a784c50e0ebe913f5bc609ee6e059b155e28acd24ee9ddaabfc247f4256c7b86bba85ad05
SSDEEP

3072:goTYbO3kmsENEpje0LI5ErXXQxNpxXBsHYa5raEnTxp3uZUCS/:dzSEq7Q7Rs4aVrTxp3uZhc

Score

8^/10

stealth trojan

Malware Config

Signatures

Makes use of the framework's Accessibility service. 1 IoCs

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	wocwvy.czyxoxmbauu.slsa

Removes its main activity from the application launcher 1 IoCs

pid	Process
5025	wocwvy.czyxoxmbauu.slsa

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	wocwvy.czyxoxmbauu.slsa

wocwvy.czyxoxmbauu.slsa
1⤵
- Makes use of the framework's Accessibility service.
- Removes its main activity from the application launcher
- Acquires the wake lock.
PID:5025

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads