825bcade5a6323c5d81b11a572e51232a0ddb205107c2edeb5d42bf94f231f49

Analysis

max time kernel
2340656s
max time network
155s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
20-12-2023 04:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

825bcade5a6323c5d81b11a572e51232a0ddb205107c2edeb5d42bf94f231f49.apk
Size

31.5MB
MD5

6b2d8b82efb9990b4d5e2687e4cad11d
SHA1

dab7a69bcbfcf5b92d7ab700eaa7abe7df84c32c
SHA256

825bcade5a6323c5d81b11a572e51232a0ddb205107c2edeb5d42bf94f231f49
SHA512

7a340fc116428539c8d9201084f80bd39f6eaf3d2e0cd50db808b285c204ac2739c2802a97fcc4cea74a025cc2840d09178b07d5ab71b4fe52c3af8e1dc896c9
SSDEEP

393216:rIqCN0Teu1aj+s3FNgIuM9zhLfHIF1dXpYxYt:MqCyTV1TsFitMhZoXT

Score

8^/10

evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 1 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.screensh.control

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.screensh.control

Checks the presence of a debugger
evasion

com.screensh.control
1⤵
- Makes use of the framework's Accessibility service
- Requests enabling of the accessibility settings.
PID:4288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.screensh.control/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
571112758fefc013ca64f73bc959a009

SHA1
64b3e995d49a74c647cb467f54fc72c28c5af3bf

SHA256
632907b2357e6d3e99c86012795c6a2eebd1e8c1ee0a64c64878c5c1201413a2

SHA512
ce75b2bf73c4fd98b5391cf39610260fc90a91a7e85388c6074fe7b21f8b54eb88a0d0ce83a3403b496bcaf885deceab36daaae18976dc1f18fa4dd0605e2e34

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
3ef2e26f7836b9a8a714d3f30ecc1b55

SHA1
98a1c2dd9edc6078565f6bf9bf514e276ecc7a54

SHA256
a12b58aca25ac0d8b05801eab348f7625f046d575496cca637776888180d74e7

SHA512
f59303cf28a35748dd46c7731b2b674d6a49d83496fdbf7f9ed9bcc336a00d9a9f4a0427549a8903812adbfff055367e924eaacc0df7639c409fb41797a756e2

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-journal

Filesize
28KB

MD5
807292ce8af4dfe1f848f19e3f6c36e0

SHA1
456e6376116483182723d0229107c87d6b7f4def

SHA256
e11dbf1b1249ea7296ceadafa78a33e3d6a7d8a2eda09a5beecbdc34e18f5d52

SHA512
0c2d4e72a5eb3d1ab2c7a3dfdc87ff36c78f59c233aeaf319b1f1b4ab8358489c2f382b7db065bb19177070549fc8b8b6793b0d0632702624fcc5b829779784f

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
8d528e7ad6a7e84fec4390f5bf622f59

SHA1
4ec4b9dd2c325991f793ce915b27b2203acf239d

SHA256
d1ff04be8cf82fe3351352b010bbf1e56d2c7d447078ca1ec2a0949ee1ed7e53

SHA512
1a65c2d0625728ce5405a1b43af81a39da07735ce2cabab92783919d4b461429fddf3bac5aa660081eb657a89257526c9388e8eba9b785162580a767ae0e8eae

Download Submit
/data/data/com.screensh.control/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
8c77f1b38dadac5486c4ee8fbe2ff8e4

SHA1
51e4d288e3091d94d9b47ad1115cd09f85543558

SHA256
f6b67ec32bca92deb9aaaac013dced217eb54d2c94d2826ed02bee9be37fec9a

SHA512
bf2783c40057fb1d2c15febd7748b987f3141d5eb0d313e928674735b0d8c572c39d24e0e633cfdd886676f1598622ddbb087827fe6626933983877d143f7bcc

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F83401D6-0001-10C0-2F8ADD0CB887BeginSession.cls_temp

Filesize
75B

MD5
f2ed6e91961b628158d51d2d740b7987

SHA1
095107fa29764d5889aa2a621e6fef2616207a85

SHA256
b222bcfa91ba9dab83b909c319eed3b844a7914697eee7a5fd28f5f30ce274db

SHA512
cdc681b0aa77985a0e66df60e2f988ca13bab444d8f2faeefa31be6acced6bbc2c5ec23509a251f891cc1a814b352c833ba19a2732fdab882b16348eecfd8f8e

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F83401D6-0001-10C0-2F8ADD0CB887SessionApp.cls_temp

Filesize
70B

MD5
60411dfe7a8d5750e0f270e6f295b8ee

SHA1
a929641c5cb0425007c917e282ab9bc469999088

SHA256
086ac3f1e232eddb07b8f70ce504972cfa9473ec96524f6c902461d675794a47

SHA512
0ab9b569464cebeb3ba98a221fe3ff5c9b369edc2f968881e6b6e8332d056159b3015921426efe6397aaf1505be11218109ff165e23231a907761fd4556fb322

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F83401D6-0001-10C0-2F8ADD0CB887SessionCrash.cls_temp

Filesize
12KB

MD5
fc1c971f4d78ed2e3189bd253dc12075

SHA1
ac1c4bc229879d444a10e1327815c989ebc27549

SHA256
6ca9e9f041355f084021c268356be1c5e9dcbda2bee96e6bfd2db7bebc55ff59

SHA512
909fb58cb89f0f536af7a6f7b71c680cb8e41596cdfc3908b943dd5a67b89b635d56c233800957d42da36d582011f4d8a67142b036ab89490177be6fb669d9ac

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F83401D6-0001-10C0-2F8ADD0CB887SessionDevice.cls_temp

Filesize
48B

MD5
565c6ee401c88ff45333d76d9a45b41e

SHA1
66d1d4970e2504ca80eeb12108deaee208d7beb5

SHA256
74d24661d5bbd395690ee059fb9886184ae12d3ac9306b805c0a106c9ba97ca1

SHA512
79430461bfe8d08f8f92882daaf59251a7ba36dd47c2020bc8b471b7d07170aba1da9de935a8074c38a1aacc7fa898bda74814365be1a4c570bb88dd37ca3d6a

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F83401D6-0001-10C0-2F8ADD0CB887SessionOS.cls_temp

Filesize
15B

MD5
f8b3ebea29c91d82f009e5a9c6d11060

SHA1
99d88c4b39d9143084e777b93d9692a59a3d087d

SHA256
b7869422f5dcf3f24ae91560cec05ebb39852ed45baf3a31176f9b90de87aafe

SHA512
6f89bfe6bc1c0a68bca73ef92c53e1a308fd63f2228a25a6e34d117fc5cd253209eed56fe08f51d5643343a152acfdbfbb1c5dcea224e2750aed46074af369de

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F83401D6-0001-10C0-2F8ADD0CB887SessionUser.cls_temp

Filesize
4B

MD5
3ed7a02f7ecd29e9a0da73bbd02b94dc

SHA1
ac0e7b5b3976127f95e987bd1f27e504b343a305

SHA256
dd385bd6d860af19cb2c132d628e3d6872d7b89b3bd2d50f56253bfcb84c78ae

SHA512
115fde1208bce0530dea2a5ce627349653d304274582103eda80da3e254ac4c3963444af769ecbda4bc609d89b2816e6620c2eae88f7b3cf3c5e9de5491855a0

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/6583F8B90228-0002-10C0-2F8ADD0CB887BeginSession.cls_temp

Filesize
75B

MD5
8c2b12df086a8f65dca93b3a408305f1

SHA1
f4bd3a422e2c193f123fd627dfa2be58085ff03c

SHA256
7e2bdbfec8b704d5a41c193b7a4b2c6f8b7e9bc1cd69a4d0be80062e58a15771

SHA512
f0337f9276cb9520458e8d0d1a8e751668163f7fd7c32f59be738ece7f7368013db265173ce15a70c979bc94e1848bf147438610179a7c70e7dc85ee940cc155

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
711B

MD5
fa865f06cdf23daf2557d37590f946ab

SHA1
f64f5e648678d260b6d50e6e64d2ffcd139383a3

SHA256
5de972d8d5861c0dccc54ea4ada04ffff7d3f106642392c6405bace99e8c07c9

SHA512
c2af7aac899139852eeb078722bb0424f92afc533e0fa67605fefe9591c364056f3ab6c80a12d697e2268fd7b47a6390ca4aece77d582fb717c243fdb94e6bd3

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/fatal-sessions/6583F83401D6-0001-10C0-2F8ADD0CB887.cls

Filesize
30B

MD5
b1952d740e65a5a52bec99459311f362

SHA1
6d0f0e79520108005b3c3a5ca972ea5a0e201bfb

SHA256
9141a2633b9ed5d98595675f562a108c2659186b6f0d1450ecc4c8adf4d176c9

SHA512
d0ea68db55666b5f9c68b84352c846999155f48aff0817fde83f819995b88f3fd38814f207aa262dae663f9fa8023b3cd83aadc227da3d12c1f408219fd24626

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/fatal-sessions/6583F83401D6-0001-10C0-2F8ADD0CB887.cls_temp

Filesize
12KB

MD5
59c2e634feb884116d95fe03ac59ffb3

SHA1
c7cd2c785fb2de63695500b35e2990b1adf81ed2

SHA256
cfb0a2f0ca505aa70cea63543b766dec56e6b8f212a19782b381b65ea67d8b8c

SHA512
c0ccb11a519349dcc955833d5bcac9d71cb01776f2195fd34d1274570d830694223c31a31e905855765d8757e85e01c8d2b870c8169cb078828d1122940c0928

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/priority-reports/6583F83401D6000110C02F8ADD0CB887

Filesize
21KB

MD5
f5e3781f49638129c6df6c3361e9e1c1

SHA1
4547f5bc23e2d4078620a257df8b3e31c78f9127

SHA256
a7115cdd14ea86ac2c55fcfb455f76cb124bf5dbc904e0c995afd5b98d62ca1e

SHA512
24b80081303024f04fa5c46e05e5f925efd96047d4d4681ca1679267977c948b54c602e2eed2a1cc34417e0c6640903955acd3b2f5f98b4a0cacb2e9972eeb32

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/sessions/6583F83401D6000110C02F8ADD0CB887/event0000000000_

Filesize
20KB

MD5
d28751e3b02b97e5d6c4e9c297281232

SHA1
489a4646571ee6d6e998fa9ff2f32b25ab510bfd

SHA256
e20e66aa65d9cb2fc3a9afd5b83b56a6fd1b1ebfae6d1907db8f7f831e2a1122

SHA512
d44b833c1581ab22def53f3a2fc99e049b45663b638c214c70777a3e078ed2c5b489f874aca5c25a70780e1789fed3d732874245c39d9f4fc3370da0d6b7f14a

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/sessions/6583F83401D6000110C02F8ADD0CB887/report

Filesize
743B

MD5
30e5c132240d1eec51616a11cb793485

SHA1
4530cf73ddc8789086d96794fdb791c5736ed1ba

SHA256
a79a86f8b62ec6371a948c5cc3da27ece59217ed5b1f692c57c06c250f0e2c14

SHA512
ba7bfc39202b4d92665306d0859d6bf4a2f9b9694e2d222c81fedcc80c811019b9797b6d4e6ca2f5278ca51d2be44913e86a1f0d49f0fef09b2f995ef9575708

Download Submit
/data/data/com.screensh.control/files/.com.google.firebase.crashlytics/report-persistence/sessions/6583F8B90228000210C02F8ADD0CB887/report

Filesize
743B

MD5
e213f9c5e4f2e73ddf9578d8c75d3158

SHA1
896ff79dd7cb0615b09fa0cddff3fa21b3eb228b

SHA256
5b9adc6ec39e4108137490d7e9e522d6557af3cd040488f2ed617593d5b3076d

SHA512
e89e650099ec6a431c37399028bb1bda0dc478f6edcb8c464435f469d11ba9e48b0ea2942d4a2c93828bc29a97713405c322b70e94ede518925a534c48edfd9c

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
521B

MD5
4f30fd5edd5c3602c9c40ec2498922b7

SHA1
e16d460b04bd02d420e0e5dc860ffcfc21630a4d

SHA256
c6b412c91bc5fe83f7788164e02449c0c0d967baf6d7fdf5abaae8e2ee4c75f1

SHA512
bae7b4977a5c3379217bf1d4ac1dd20814cd9304c6e63dc8d4a51c1148128a3688d7eb199ee4c032fbe53368697d6e4377878ca5cabcb50bfcebe7521200962e

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
277B

MD5
6fd8081bdd9aecb54d76628c5e367ec3

SHA1
37c94549744fc45e3391155785a228f55e2a3955

SHA256
fc7d4ae4bbf0155a40f621d3fb14ce2f4ded5fbd77046144f05f81906004c506

SHA512
d326d3d5c352803190fc44466f0a8ab405b005b45a39eef75e1fecf9f3acd3899c0970e4c3b23e5f18279afdd7c927ebe3cbddd3eab5284ca2765c054ae2edf4

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
277B

MD5
8cb6f898c447d311a9b336b04f1f3d10

SHA1
05d197300c0a03b540183914374e3013ffd7dca6

SHA256
624b3eb5248556f01dbd4192ce621bc8afa8cc0c38a74b6c80eae430ca1ef401

SHA512
e330ae1b45e63c2c641654d2c4ce47be12e6ab7acb5f36eb6c1cb6e37c9dd43a5b7bd135085cb4dc9394e20a14c3070981d3445024b1022cc8e45d600d7c57fe

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
276B

MD5
e291fb4398cb18b1a0ff693f46b11b15

SHA1
587a5f797847db58adb009a2b8caa9fc51124866

SHA256
6a3b6ba315a025b1379a55359d71ec9cc9d1bbb0a93d2a0855381a61c76fe9ba

SHA512
8affd413d8e953ecd9292957b3dedf7fd7ae19054a1ed10285f8ae73e656153be8ae17a93678cee6fd19308d9e2019809c683d352db5905cd7d4ba6d7f23d8b2

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
277B

MD5
ed1b84984f2e44d00ca4e6e1d5ab16e5

SHA1
2f0fcf5820c1c8836e01aa0d38f17c040522bdbf

SHA256
41806efb5aac2c668d92abba938e4ae442c3b3df7d53cb6b5787d4ab30365c50

SHA512
d5c27d200b76758b028442d8dc71ac396eff39364102a9531c0af91b36f8e742e1051a230fe8529b3997b549338c6fe8e935d61148f8ae1bcd08a22c7537dcc3

Download Submit
/data/data/com.screensh.control/files/CloudQueue.log

Filesize
390B

MD5
518694cf3c5d11f2c6348d190596da73

SHA1
1afd5e2eaa1bb78b70811e22844a276240e78dc5

SHA256
7420015686097f63dca12252e8913faeb9cb7fe771a76e86f3e7f232179eed15

SHA512
4ff0a29ae493354ebcc78c51e747030b9fa95fbb5d3baf503e92a7d143b46d71f77a9117a0d311c7aefd8e9ffb663a1df740d12b1151d4652f165c3956138036

Download Submit
/data/data/com.screensh.control/files/PersistedInstallation3152054322428344705tmp

Filesize
566B

MD5
cde704bfed44c2ff0504f747d456b276

SHA1
58a21a84c16db824c3cfd2f34617c2b5bdb73422

SHA256
1e4a91fb7fbe92cb8d0b1dba93afdfb635d0e6ce8a908953dea32fba0d179550

SHA512
84c334a18a6c14ccaeacb66ca4a0c2d6d58d1058f49a02814a7fcfc595d270fb86e094d763b385f6e5882d320a90dde39b3f993c1ebc65a741c4e00722d57243

Download Submit
/data/data/com.screensh.control/files/PersistedInstallation7751451019812391034tmp

Filesize
90B

MD5
dae7d93f66d375393ad9f8a701be4c76

SHA1
f025a82ef29853221ceda5135d8a9df545d7b5e2

SHA256
9bebb8b04cea1204e50a59c1a27370200aa1463db8238c76f10760a918d2d576

SHA512
6fca45423d9870f5aa5302ef43383053b9d03c4e0094f22239e02e01eaf6acc43905ff52fc36aa3cd9b27b13f9ffa822f2897695406c11defa9d12fd58571b38

Download Submit
/data/data/com.screensh.control/files/config.json

Filesize
419B

MD5
e0c937be1c5659a7fb5e99c0a896b8cb

SHA1
834e25a8486d39356386f2557bdd5de1a3a6cc46

SHA256
2cbb51a4ee1464fac5fe381aa198b6ca9f2c199ccfe09a19c23eee72ed8feab3

SHA512
78cefea592c119d6eb9493270642ca8a9dae052b2b7724878a92d9823f9a5a65660d12b30834a5cbc38b78e840c0d7c8d28db3ef401194dc830022a7add083b2

Download Submit