825bcade5a6323c5d81b11a572e51232a0ddb205107c2edeb5d42bf94f231f49

Analysis

max time kernel
2410789s
max time network
155s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 04:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

825bcade5a6323c5d81b11a572e51232a0ddb205107c2edeb5d42bf94f231f49.apk
Size

31.5MB
MD5

6b2d8b82efb9990b4d5e2687e4cad11d
SHA1

dab7a69bcbfcf5b92d7ab700eaa7abe7df84c32c
SHA256

825bcade5a6323c5d81b11a572e51232a0ddb205107c2edeb5d42bf94f231f49
SHA512

7a340fc116428539c8d9201084f80bd39f6eaf3d2e0cd50db808b285c204ac2739c2802a97fcc4cea74a025cc2840d09178b07d5ab71b4fe52c3af8e1dc896c9
SSDEEP

393216:rIqCN0Teu1aj+s3FNgIuM9zhLfHIF1dXpYxYt:MqCyTV1TsFitMhZoXT

Score

8^/10

evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 1 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.screensh.control

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.screensh.control

Checks the presence of a debugger
evasion

com.screensh.control
1⤵
- Makes use of the framework's Accessibility service
- Requests enabling of the accessibility settings.
PID:4231

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.screensh.control/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
e6b8f2fec8e33d5e0ab38add779a9795

SHA1
e32c6baf8d648782bbc231ff9aa6b8d1a08b4026

SHA256
65040053c49e4070e384818822753cc603eaa557d9a840eead919af0772746d2

SHA512
c45aa83c9617fd962d119589e2c650b4d2a37bf4c798e3e532e9d5e52919649b8f439654b0f80f2d27961b4af6034db141d87642e7474cd67e65c1fb6dfd48d3

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
03d9cf86f083ae67cd0a12724419df89

SHA1
a3e6a50312cbd0870887fe4bce6ad12b57bfea91

SHA256
ff94007b12a81bef2338e9e73aeb8829bf26b57bc254ec56ce8b15ed022596da

SHA512
7c63ce613788607ad6d2134fd9fb9159befff42b164de41fe3e97e14eb6212a7df67de48ba5e78dc246aff7e2baf50007da25c9e685763aa930e065a2193d56f

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/65850A210334-0001-1087-30FA55BAF334BeginSession.cls_temp

Filesize
75B

MD5
00fc3df1c48ed31492d7e47b193eb6fe

SHA1
26feff7fed1fb56b331da0a8ddee6e97da5d68a6

SHA256
7a6d2bd97718368013da9cebe3116250fef56edf6ed80e65c85ae5cb99228a51

SHA512
492b36578134be73a3b893e21fc7c3d7b61f1d603ab6f94396410208886490a64ada2c1f8e202e5f031c5e7fa1fdd7ad80b9731b0108af507b7c8e08e422670a

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/65850A210334-0001-1087-30FA55BAF334SessionApp.cls_temp

Filesize
70B

MD5
ec5a495e75e529549266d507966a9730

SHA1
bfd5f56f48f907fb6383bc8e9aeae46dbfe775b2

SHA256
64760184c9b3f5932aac9d4643793c149f18550875eaaf16fc057d5e036d3d57

SHA512
df68c41692dc3f06acd4950a851539eaa2d92f245ae3da1a8b83b05c9c33b499fe357574d3dc5e22ab37308d2f430b09ad1cc798e633a6569a0e889d02ebc1c3

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/65850A210334-0001-1087-30FA55BAF334SessionDevice.cls_temp

Filesize
48B

MD5
630aaf4621d940e95530e8a8b0d39283

SHA1
d06c5d18de58b6abb5890a83b6fb3c3aa4a2139e

SHA256
2f752007f6c33aaba282800edfe3d52da2ea954e3eceddf08efb0bfdc989cb93

SHA512
98c301f0188ced6036a863ba790e03ba22f88ec55a884fdf808711147228e97ee0571abad094ad68d758b2482db6ee3f2950d43d56c875bfeda7f0a58cd1a86a

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/65850A210334-0001-1087-30FA55BAF334SessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/65850AAE0011-0002-1087-30FA55BAF334BeginSession.cls_temp

Filesize
75B

MD5
15db9abd1244df5997609df01a9818a5

SHA1
6a8cbf07f8688b43d294a9f4ff27c3f510bb802a

SHA256
1f73f95c4452baf4d0c1e00149f19d1c2ab551944bd2e07f79f41f8e9939853a

SHA512
95fced801d63f3a852405b9b6157d56c1fa4af227d154f5ba3a405a69cfc0adbe51cf03dd4ecf9e1386636be6d54a346f3a3e514eb7da0470b5450562a4515bd

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
711B

MD5
ba4fe4049a08a02843e806d62b95594a

SHA1
9883c88cd9986c01232a683a966be4ba7fee91b2

SHA256
1ba66fb0a80dfa64c64719b3ae1e59767debf8f550d6b95edd18a842d602f58c

SHA512
089ba8b22baf6c0b931c060a14c1270f9e8e4b987bcb5a1f7a514d3b92e1bc0423b481786f475a8dd6866aef52a296e190cc81dfa3253307c648174f31709f49

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/fatal-sessions/65850A210334-0001-1087-30FA55BAF334.cls

Filesize
30B

MD5
b1952d740e65a5a52bec99459311f362

SHA1
6d0f0e79520108005b3c3a5ca972ea5a0e201bfb

SHA256
9141a2633b9ed5d98595675f562a108c2659186b6f0d1450ecc4c8adf4d176c9

SHA512
d0ea68db55666b5f9c68b84352c846999155f48aff0817fde83f819995b88f3fd38814f207aa262dae663f9fa8023b3cd83aadc227da3d12c1f408219fd24626

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/fatal-sessions/65850A210334-0001-1087-30FA55BAF334.cls_temp

Filesize
14KB

MD5
556f4db052e6d1b9b941d7d12179d54b

SHA1
370eaf07483f9ec5dfed7c9c9aa414fff197989f

SHA256
abd73839a179b8da7b68a543db6bce2804822e9b3be57bf414ce84fe667e0491

SHA512
e28a69e959018380bdfac9f1d17b6d494ce9b62605996eb46b3f3aa90c499bdf64f9a94529a2739423e907a403de825cdc0a3d12dd5a29f0d86e01cbf93ee34a

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/priority-reports/65850A2103340001108730FA55BAF334

Filesize
22KB

MD5
cf3c67f4a22d7e95ecc5e1f163472877

SHA1
ed28e47c96fb493d6d223e7da2c907346ee73304

SHA256
8350e1ed0a8c3cbf16b181a17508a36d242a6c602c55132814449e018f316b27

SHA512
edf60484e1f64b528d512a70319db31329072dba1aa866417bffb9fe451fadee6a81fd80baf9dd2e2ce23a1317156c619bb14b5118fbc0d39fc8787c750fcb6f

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/sessions/65850A2103340001108730FA55BAF334/report

Filesize
741B

MD5
c42ebf3c23cdf2cb9ee711de2725f369

SHA1
2bf0f80f7b796f04e85eb9ceca297b0e04ccd796

SHA256
7b07819b30d56032393efbc3c84cd088a21d01bec0bbcd1688e7ca585358ed59

SHA512
06bdcd19675dee08141ecd8ede9de935fc4c0fd984ca6ec788a99b0d05473da30ccfd95f2654f51e06d3b3ae0db78943a8855109c8dbab6da2d0f32d3f34a994

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/sessions/65850AAE00110002108730FA55BAF334/report

Filesize
741B

MD5
971341c9fd245edbed398914027a015f

SHA1
16b5390f060026032a7a5fc3e9df1be85a715669

SHA256
7b96a21813ee199fe9ece9077323fa06a1674d2feb7228f48d71dc69f5e010d5

SHA512
59536443b4b2b6e8cb078d9664a257ae7879a2e8543a050438352aad3218dfa321b06017096186bf92ccbac45d3b5a61b6df9d3d11e943217d5a2379aacdd6d3

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
520B

MD5
f8626b1070026f3ffb200e243f490947

SHA1
a8beba09e6d77596ae10d8efc7d0c08729607752

SHA256
63415995d8132291635675396b67402dcdd7a5ac1e47de053a1b1e89dfe9fb55

SHA512
66fc29365da16d5ddd05af6405bd99ae52220160d266508da4b717c5b13dffafb93a06f9dc806ee58c40350111481a6c1d30369a360e7f200795a8a27e80486a

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
277B

MD5
0f225847fb112c2f99be6c066bf324a0

SHA1
85820056af4993c20e9784f71bb274b5611ded92

SHA256
1d6f67e0ff160e8b74f87dde9b9592dcd31b063ef83489a1435aadb70790b06d

SHA512
0c277ec65397864ae14e63f5f93aee9bd1d0bd940938d25013bdd98e5d7b3beec26cfc0654f83e75cc92e06eb09dc59ae370115631272a604c580096da198cf8

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
277B

MD5
b39fe1e70a09b5736f52981d54ee7886

SHA1
6df4c94ea21f85de4d26c16c7c9917cf761a1be1

SHA256
da21e903305ed311c768607a690e802d5601aeef9a37a63d16cc53efb3d941b5

SHA512
7aa6f86ebef2a2f792256b42681a10b8906a88813ae146f58ffef906e1aea9716a6abe031155068a525660737f2e7339b6c02626fb777a4bcf07a588967f8cc0

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
276B

MD5
40913de1e06f05c74becf0fc282646a1

SHA1
647de527faf0d4a2f18085f93cbe1ba48f892c8e

SHA256
44e3feb169fd64ada4537605e56f008ec2da148c059b5cc5ef68cad3f009ec1a

SHA512
98c6316f2fd0a1140ace516619ec76d31ee6f64a73ab959eb9f84181ef79830c0a13c18b9be79e9a9eb47909f11687b7539194f92e8b1ceae3aa9127748c5e4c

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
277B

MD5
b07f618ea3b4b9ab0ba55103b00fda34

SHA1
c88ce31d3bc74202dc9c0ba5849a12ca4269e567

SHA256
a5d61dc7b2b88e783a067c453607ce17a56f721cedb4c34ac3585c17dd7d1692

SHA512
81027451b2f03f0b9718c58f8b7aa3bb17d5eec2b639f866c79debf08162f0bd9a9a3800e03f7dbfc48558957c164ed4ce15f7ab810e24f5b85db936672a3e23

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
390B

MD5
360a8633340960026a1a4005e79ac991

SHA1
2c9eb3090429bb775b5f67e964310ce657ce96fb

SHA256
d013061ac424db425d5be57bb7b170fcf6cbdcc957c6fd11d3353d489c9266b3

SHA512
2efec572b4ec9abfbf136159f7542b643203d94298b465951bf97ada7545422f44176a206c8d4265b33396a0746f86d9d3e3c0a19ddc9fa2f0f754145c8c7db9

Download Submit
/data/data/com.screensh.control/files/PersistedInstallation2535381343329164361tmp

Filesize
567B

MD5
5c3821365273ae9fcb6f8d1a9c4ba783

SHA1
ef48302ae9eeb6335a2137f3e5585218f1373ebd

SHA256
0f0099eb2dc6560b33390b206394cae78a08e717c16910157f76add479459405

SHA512
0d62210f307a1c7c092bafdb4d576185e7e1fc61f473faf2bb71eda395cb6750fc8409449d19759b95558ca911839ff63c5c191b2b87fd7d4c78e5ad403e8a0a

Download Submit
/data/data/com.screensh.control/files/PersistedInstallation4143665327642103262tmp

Filesize
90B

MD5
20b1ead47281405138ef0fcff7f6728f

SHA1
266678cc99f082ce00b3b4a753ca3b287cbe6bd7

SHA256
e2a4b60a05d3534b434e850734f0d3f71880f76f45bf48a812fd5a2750f7f50c

SHA512
408ce0e36fe8cc39dc5816b8a31a667f31093134663dee0f9882112811c3539d4a830b2abf53c91532e2c5eae94bd183f08f7500ee8dbd8172ce50721bfef588

Download Submit
/data/data/com.screensh.control/files/config.json

Filesize
419B

MD5
e0c937be1c5659a7fb5e99c0a896b8cb

SHA1
834e25a8486d39356386f2557bdd5de1a3a6cc46

SHA256
2cbb51a4ee1464fac5fe381aa198b6ca9f2c199ccfe09a19c23eee72ed8feab3

SHA512
78cefea592c119d6eb9493270642ca8a9dae052b2b7724878a92d9823f9a5a65660d12b30834a5cbc38b78e840c0d7c8d28db3ef401194dc830022a7add083b2

Download Submit