d6157f0e95d779e71313b68616c0b55330ab639d39e4e142e51ef1cd957fabd9

Resubmissions

06-12-2023 12:47

231206-pz878sdb7t 10

05-12-2023 11:01

231205-m4lavsah93 10

Analysis

max time kernel
1059912s
max time network
114s
platform
android_x64
resource
android-x64-20231023.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20231023.1-enlocale:en-usos:android-10-x64system
submitted
06-12-2023 12:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ready.apk
Size

8.6MB
MD5

63e1a96e44c538e64c4101b3efa06def
SHA1

a96e35c5c6a11cc74e29af2d2d52438868ab6021
SHA256

d6157f0e95d779e71313b68616c0b55330ab639d39e4e142e51ef1cd957fabd9
SHA512

b6cace864a2162a94c7229b7bffbe6fd4950f63f58f23978052ed1b96ca1395b8c578e0d4ff76ed877183f68a1fca72201c77a12d42ed429aed13fbf165498f2
SSDEEP

98304:wWekjTjdiEunideI1N2mzDzB4TG0tcsfCCB:wWjvFBzeNOCB

Score

8^/10

Malware Config

Signatures

Makes use of the framework's Accessibility service 3 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

Processes:

diploma.situated.ceiling

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	diploma.situated.ceiling
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	diploma.situated.ceiling
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	diploma.situated.ceiling

Acquires the wake lock 1 IoCs

Processes:

diploma.situated.ceiling

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock diploma.situated.ceiling

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	diploma.situated.ceiling

diploma.situated.ceiling
1⤵
- Makes use of the framework's Accessibility service
- Acquires the wake lock
PID:5021

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Config/sys/apps/log/log-2023-12-06.txt
Filesize
53B

MD5
3bf7cf538ec7caa655b3867a6cef6af6

SHA1
ad8f260e8020a387bae89ff5c5697ee6d9626f28

SHA256
f59c01e7c2d80cfbf0258bde1a34c279c6482be670c0966cac098f5f66f844a9

SHA512
911ede096265f8feabcf0a76bffb502f95008992b82a2ef0605d47532e37634d6691d22c61ae962ca60bd4210e6e440099678d9f8f1c3b814d24f03bfa2deabc

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-06.txt
Filesize
57B

MD5
a9ec0c42a43c72d73c499e5c17ccbb8b

SHA1
731652fbfe61eac3fdb4b9d3e2eaa010848a0906

SHA256
6c5309ce3f31c9af3288b0de3305b7f5ddee97be60ca4ac1184f3c334480c05b

SHA512
5f8ed24a51f68cfa0627aceb9190d3a7febaee61bd5a89898ab113ddaa7ce2a41f129a28c4e200d5e5e4ddff7a483abc0393dc38e870782caf1c46d2ec0df2e3

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-06.txt
Filesize
33B

MD5
365f074d64faad2f0f0c7784608e5b57

SHA1
2105b80d01621cbd370bec93f73709a7b67d565b

SHA256
0c4662ed55fc03738e7903864ed0249c921b8f2d858531577eebd53501237cc4

SHA512
d29b5c16d10a78b386ba1f4882f7e80bc6d41887671abe6a36c746b015ea280d4a26f3d2af323b4ad755c256e5851a5b95d0bda8882c6c0a2c125bc748fab47a

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-06.txt
Filesize
33B

MD5
365f074d64faad2f0f0c7784608e5b57

SHA1
2105b80d01621cbd370bec93f73709a7b67d565b

SHA256
0c4662ed55fc03738e7903864ed0249c921b8f2d858531577eebd53501237cc4

SHA512
d29b5c16d10a78b386ba1f4882f7e80bc6d41887671abe6a36c746b015ea280d4a26f3d2af323b4ad755c256e5851a5b95d0bda8882c6c0a2c125bc748fab47a

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-06.txt
Filesize
576B

MD5
76285aa81733f8f56f6c96e990607bf5

SHA1
efc19230b07ee4cee8a546e8630f079519d7e57c

SHA256
41f7c48a725edd3433dc15926e091e5cd7d6e517246f22503c60ce6567d5ce99

SHA512
450d08520c5becad0889ba8c5c94b2524cf70d4f154884d0d128138312e9b0e954b77341f7b6f4e7e3a97955536699b368cc32017812036852629a1fdc3da696

Download Submit