Analysis
-
max time kernel
2527622s -
max time network
157s -
platform
android_x64 -
resource
android-x64-20231215-en -
resource tags
androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system -
submitted
20-12-2023 11:35
Behavioral task
behavioral1
Sample
ac0901c064a1a2af46cd8a63e68b57cb425189f7ab9d701012cbfb38f9dbc0e8.apk
Behavioral task
behavioral2
Sample
ac0901c064a1a2af46cd8a63e68b57cb425189f7ab9d701012cbfb38f9dbc0e8.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
ac0901c064a1a2af46cd8a63e68b57cb425189f7ab9d701012cbfb38f9dbc0e8.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
ac0901c064a1a2af46cd8a63e68b57cb425189f7ab9d701012cbfb38f9dbc0e8.apk
-
Size
25.7MB
-
MD5
51784151519f7714f3e0c5111319f35d
-
SHA1
5c971466a44fed4ea9d0189c775102d6c6654b8e
-
SHA256
ac0901c064a1a2af46cd8a63e68b57cb425189f7ab9d701012cbfb38f9dbc0e8
-
SHA512
9995c7ef3cf2a3ab1bd4881848a5fee41c2b9db35acd9aef9b2e015c78453d83fa154b12d4c16e2f49ba4712869fc52814719daeda6f60fee6f7b8e03719f8bc
-
SSDEEP
393216:u+xO+EyDlkDkXRVLwLnBAS5kZL4XOaqjP13NNV89K5AI1SZG069RzDq:uR5yBkkR9ytqjN3PuaP1yuq
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs
Processes:
cmf0.c3b5bmkjh90zq.patchnpdescription ioc process Framework service call android.content.pm.IPackageManager.getInstalledApplications cmf0.c3b5bmkjh90zq.patchnp -
Requests dangerous framework permissions 2 IoCs
Processes:
description ioc Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/signal/base.apkFilesize
24.9MB
MD599967011c5a1b9fdf2ce407a5bcb651a
SHA18cc104c3b8bc96e5ac38c7a2fc73fef2bba07dc9
SHA25682420d73102328abf9c725ef4b807795733eff1e3670f42e565aceb79708bc4b
SHA512e73564b557644b018b077c1ddaf8275a2f5d3e1faa8cbe236a3dbe49316a48b03096f548929d79fd5e05188bb7f550a9fc28207f6dbeb0f8504388167c768970