Analysis
-
max time kernel
155s -
max time network
165s -
platform
android_x64 -
resource
android-x64-arm64-20231215-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system -
submitted
25-01-2024 22:04
Behavioral task
behavioral1
Sample
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1.apk
-
Size
4.9MB
-
MD5
1982643596b660f74346e7132a500cf4
-
SHA1
0beac20aa4201b349a1a23063ce5830ec17a34fd
-
SHA256
716f49cf535ca5d04b3011cb35b47db43657607f36ca7069327689d7212702e1
-
SHA512
8a9fb3a2e1c4ee71224c541d1e51f0bf6297b8e92009b591c60c01fc17eae024575b9299b7e07e723005e0dc3da236cc4d1d0350b9bdf3132415cea6dc19f07e
-
SSDEEP
98304:hn146so8kEN6OgefRhS31k4K3madOU1p5iINBVDsC76mCpFP3kusnio/:F14wV9aphS31kX3//1p5iIFQBmCzMV
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 3 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
acibea.dgaehb.igeaacdescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId acibea.dgaehb.igeaac Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText acibea.dgaehb.igeaac Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId acibea.dgaehb.igeaac -
Acquires the wake lock 1 IoCs
Processes:
acibea.dgaehb.igeaacdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock acibea.dgaehb.igeaac -
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
Processes:
acibea.dgaehb.igeaacdescription ioc process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS acibea.dgaehb.igeaac
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/Config/sys/apps/log/log-2024-01-25.txtFilesize
13B
MD5de2c41a51ee9246eb1708f65b511add0
SHA12f442d634c8a18760a232c8829d4b5d74a52f074
SHA256ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab
SHA5127cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a
-
/storage/emulated/0/Config/sys/apps/log/log-2024-01-25.txtFilesize
17B
MD5c1216f79e80330f85cef94276fa59a6c
SHA1b82305b9be00a6987c8c07d44da2fe316395bd9d
SHA256ca3a60b9c56a669f0c2e3e36b864dfe46cfd0b8cc7b43abe0e8f04a40649b3b0
SHA512fb5403a4d08d4304cb8c507584c9299e9a3acc66c9e027c43c662a48f40c857cc25cea57699bda4163aeb65fd62ded716a1e8d6eade6a4cc29f0328b717699c5
-
/storage/emulated/0/Config/sys/apps/log/log-2024-01-25.txtFilesize
37B
MD57f70c4414adaab79e9d60ca8024cfc36
SHA1075902693f4d19b1c3e255144d4e340b692a15f2
SHA25648da4feea17d4d9fe41fd2ca49fe99b5e8f1b4c9d10f2d80965eb88ee58db13e
SHA512bb556b27d474fc8915254a3c137b37e09d314de722362a12ac97af91800346ece2469715a8e48cfcbdfb62d0af3d0eea46636820c4e3d87857d9456c57f7d168