805bce32df90c1e05ec5d86137115f75e2ec8665e3f3098439acf9e33ff0ee42

Analysis

max time kernel
2340202s
max time network
161s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
20-12-2023 03:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

805bce32df90c1e05ec5d86137115f75e2ec8665e3f3098439acf9e33ff0ee42.apk
Size

145KB
MD5

657082dd0b1d7f36ef409b8fab26579b
SHA1

082af750a859714ce6d559f2a60aa40718436bb0
SHA256

805bce32df90c1e05ec5d86137115f75e2ec8665e3f3098439acf9e33ff0ee42
SHA512

29bfda1a9598abfd44fc8fa5d9c33e6fe2cf29761349f56d5156c3ab37a68815fc2e6e15bf186944b13a886616314ca32d9ea16f6cb6be15027ae74c1365b0df
SSDEEP

3072:RnDcEgy7IuX5xrtXxTOQC2OhS94/x5VTvkdEeKfZAiq:h9r7B5OhXJ5pAtgq

Score

8^/10

stealth trojan

Malware Config

Signatures

Makes use of the framework's Accessibility service 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr

Removes its main activity from the application launcher 1 IoCs

stealth trojan

pid	Process
4564	acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr

Reads information about phone network operator.

acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr
1⤵
- Makes use of the framework's Accessibility service
- Removes its main activity from the application launcher
- Requests enabling of the accessibility settings.
PID:4564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr/databases/init.db

Filesize
12KB

MD5
f41f531c07d4141546a531ff9caffdcd

SHA1
9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5

SHA256
bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646

SHA512
e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

Download Submit
/data/user/0/acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr/databases/init.db

Filesize
16KB

MD5
3c46d0ea34ef50ba9cd9bce022ccb8b9

SHA1
2829d8c22ea3329034314955ec012bc58086748a

SHA256
497684b72f946ef09155d97397b1b09c0900d5fb3d0ea4f079054d9e5aa73966

SHA512
a7e5b60cd21ab17a9c93607ed4f164eaf8eb43e85731f46823174aac6ef6957bccaa3d6a3612f5fedd937e96c0beb4f1616bb04d62cfbc876d8a067ac8e24133

Download Submit
/data/user/0/acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr/databases/init.db-journal

Filesize
512B

MD5
1ad7c8bf61fa89def88238b4aacb4af9

SHA1
8745fa27ec2d4b1edbbef816dba63ad113d5ac62

SHA256
d4aee1a2a767a497b10017d13ecb986ad75f4cff2393e7091972161051b0dc5c

SHA512
deba8bbce6b49bb0c829667d19410eccda17864acd55810b8ad1fc8ca1de9248eee053ac060e04305ae8184de9a4902fe2b553ed1d0c8e471d23004bfdf1343b

Download Submit
/data/user/0/acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr/databases/init.db-journal

Filesize
8KB

MD5
7a19b16d5b9e4f183f7cdce3883eb627

SHA1
d0ec401ed93ae2a8622afa28e24da6cf58597e33

SHA256
4f36a047dced7e61b9fff4bf1bf271773b76d8bd5a27df423788a23a3b7654b5

SHA512
97040ceb7add41f97fcea15a7f175c7628dfcf5fbf9558f764235a9f6e16758379738ad5e0ae406005e86589c22ffb1fc938a66b30588c807cab8e188f8d3578

Download Submit
/data/user/0/acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr/databases/init.db-journal

Filesize
8KB

MD5
9f9567850cf714b5d6a7997cda2af75f

SHA1
342f5daa5093050cb0442a45b6587e4035922f56

SHA256
c2a2c30c66b9fb0647409098c5cee5926eff785d9d335a1752a0e639bd9e5502

SHA512
86b5e2814a85e8bada8a79413f13326e1f659d6fcd9421565236341f9697dadb2bb8920841ee58b4218c9bcb609ef488b19347e94f5c2b59119c5acb1a2a6fa7

Download Submit
/data/user/0/acy.avsihcujlhameorwdhctculvpsluuxuzyddwhqp.euppywigoielikpkfncxbiazulrdkzjdhgyjr/databases/init.db-journal

Filesize
8KB

MD5
3adbd04cfda48b0048a1ad2d41d44a34

SHA1
6ef1184bcf0cd738372cb43b6eb827858f5ba49d

SHA256
d817a8102bc1546453a1dffeb67faaf8207f1010e7f0cb3aa47131cfcea81635

SHA512
aa4d2c45356924464d0570dd8c7198ccec07e8e54b528b11ef5cda31004dcb82a95b0c2d2d98f18a2ef5867a28ab2b1a0e192b8acaec16de14faa4e7fe10cb2a

Download Submit