Analysis
-
max time kernel
150s -
max time network
158s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
25-01-2024 22:04
Behavioral task
behavioral1
Sample
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
-
Size
4.9MB
-
MD5
1982643596b660f74346e7132a500cf4
-
SHA1
0beac20aa4201b349a1a23063ce5830ec17a34fd
-
SHA256
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1
-
SHA512
8a9fb3a2e1c4ee71224c541d1e51f0bf6297b8e92009b591c60c01fc17eae024575b9299b7e07e723005e0dc3da236cc4d1d0350b9bdf3132415cea6dc19f07e
-
SSDEEP
98304:hn146so8kEN6OgefRhS31k4K3madOU1p5iINBVDsC76mCpFP3kusnio/:F14wV9aphS31kX3//1p5iIFQBmCzMV
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 3 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
acibea.dgaehb.igeaacdescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId acibea.dgaehb.igeaac Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText acibea.dgaehb.igeaac Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId acibea.dgaehb.igeaac -
Acquires the wake lock 1 IoCs
Processes:
acibea.dgaehb.igeaacdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock acibea.dgaehb.igeaac -
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
Processes:
acibea.dgaehb.igeaacdescription ioc process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS acibea.dgaehb.igeaac
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/Config/sys/apps/log/log-2024-01-25.txtFilesize
13B
MD5de2c41a51ee9246eb1708f65b511add0
SHA12f442d634c8a18760a232c8829d4b5d74a52f074
SHA256ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab
SHA5127cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a
-
/storage/emulated/0/Config/sys/apps/log/log-2024-01-25.txtFilesize
17B
MD5d09d7181c3be0c754e9ce71ae4eb3120
SHA11c0866de478a3cb62abe37d5e389ac4d06ca0935
SHA256c9ec32ee8e4493a9031b81f8e48b9a5c23a1341aabfd0266f0271341269c7463
SHA5127cc6e89d0c71511ddb77b98b2b79cdee25d16c72cde211f35e01ca8b6e4b77b6dad28b7f0569286cb72896255c7e140e51d84a39d3e05d606ce39dbf8a22ff47
-
/storage/emulated/0/Config/sys/apps/log/log-2024-01-25.txtFilesize
37B
MD5d7a9b4bef00246659fd8c930c514e16c
SHA1b4e60897a1847014e045117e78ffb5ae7e366a27
SHA2566b81f83b4d4eb062588125c4e8d8803801410992e3f533a29f69122cc40f9228
SHA5123654aace4e3fd6fe5fec3b7e8a224c441906448ed0aa6d6810a1ec6a682e3b209145c6e13c4b5485745531012e5aeb16d5092638228e73c2f03f6b5711ad458c