90b820191cdb1cf5134df733c84c77fcb0586aecee9047698358b77b1669f938

Analysis

max time kernel
2431814s
max time network
154s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
20-12-2023 07:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

90b820191cdb1cf5134df733c84c77fcb0586aecee9047698358b77b1669f938.apk
Size

668KB
MD5

0ca483ea9cc0b71c81dda633983ed859
SHA1

8785cc0e3278f13931ed5699e91f0b0e3b41b822
SHA256

90b820191cdb1cf5134df733c84c77fcb0586aecee9047698358b77b1669f938
SHA512

3603da95b27d7dc3eb20707c8e8e4acff339591878d4218e3f50b53171be16840f275f824ae01d147d6b420719670fed7323114b2688a9d3665056142641f8f5
SSDEEP

12288:MXhn2ubcTt+X0yv7BSjZ9PBAixs+C0kG+usT3cgtN0F4mB6Rq21agY1FM:en2uwCPvmt+HT3SF4mBGNnYg

Score

8^/10

stealth trojan

Malware Config

Signatures

Makes use of the framework's Accessibility service 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

Processes:

splash.app.main

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	splash.app.main
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	splash.app.main

Removes its main activity from the application launcher 1 IoCs
stealth trojan

Processes:

splash.app.main

pid process

4919 splash.app.main

pid	process
4919	splash.app.main

splash.app.main
1⤵
- Makes use of the framework's Accessibility service
- Removes its main activity from the application launcher
PID:4919

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMg== .txt
Filesize
28B

MD5
c07fc13c1206fd0a1ab080c0137b2faf

SHA1
5c643ecdeb4f8c5e8341455885de2e02e4f45667

SHA256
a4b4042acda7df80f55da3f2911db5ad502cfd8eeca8dc4c16d8e954a13ee3a6

SHA512
6f268c93c1d18bd9b15fc40b971127b20ba0e022eb0bf330c8afb60c31716d657d893be2d8ecf4971cb4fde785e158c7444184b89fd526a5ce6c028dbe1ed880

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMg== .txt
Filesize
24B

MD5
19e9022a0237abfcb41de0da45b6cdc8

SHA1
cfcb8500f6e281eb42e54dbf472cc05fefdf55ac

SHA256
6a3ed19be60f504848d404f19e7c3dc35b0e2d623fab204e02d6aa93acc0c4c3

SHA512
bd02400d5f3f91054f1bf60ccc35457d6f3d83fccae18b3fbbe22b81c5fa86e430d2886685a6a7777c5714d25b16499be31ce86097e64d3b878c04d89dd2aec6

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMg== .txt
Filesize
40B

MD5
3a71cc46a72de9883a7b8fa8cbe34ca1

SHA1
ef1bbdb281e546b3628a1a845b4941db1ca9e4a3

SHA256
c06d9e99f6ee253432eadfdfac6008e211182c3770fd883fd0ff6e4e08a5e201

SHA512
f65df913a1f4ecb920de54fb6c30ec52368e3b61043f9e37656f364d420f97d3a816ef2b0c6d9e770521e3cf1818cf9c5d689482418278b3c967a4d57c9bdf07

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMg== .txt
Filesize
283B

MD5
0e13a5379d23c3bf695dba7481519b52

SHA1
9f402f8a78d241e19a01a6b3884701ad93edc613

SHA256
84bac1bce307be4a69684825f426abd1c10327f5c9f498c3b20f4e57e3f8d30b

SHA512
875e7a5ce397fabc0690e4309ad494b659038b34c0f6b8d6ccd17e30145fc6f3f506044a26fbc5762604ec094bc1f88533b3c262b6c9f12a46a976da0bb77e97

Download Submit