478b44e3615102769dbf4bbe727003be3113139b1554d3c9bd46d9ef60323eb6

Analysis

max time kernel
150s
max time network
162s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
09-02-2024 09:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

478b44e3615102769dbf4bbe727003be3113139b1554d3c9bd46d9ef60323eb6.apk
Size

10.7MB
MD5

33f6f371f32b69b59cb949e0077511ed
SHA1

0c72cb9102071a9de16ede7701e567f8c64d7c2b
SHA256

478b44e3615102769dbf4bbe727003be3113139b1554d3c9bd46d9ef60323eb6
SHA512

a92bfd80f1a4256ea2334a91e3fe35680dc83304a867c7319b963059ed6d525754cdbea8a73bb6a22df9cfcfaf47110c42959b77343742819a3daf0faae25880
SSDEEP

196608:zh+5cu64PQvuEa1VGq6kvBNsOf3wR8RlO+7gfZ+lBjBGYXUxhnOpfFDHOM:zCL7oxhqlwo3wMlOSW+lhkpheFDt

Score

8^/10

Malware Config

Signatures

Makes use of the framework's Accessibility service 1 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

Processes:

com.e_mining.cloud_miner.e_miner

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.e_mining.cloud_miner.e_miner

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.e_mining.cloud_miner.e_miner

ioc	pid	process
/system_ext/framework/androidx.window.sidecar.jar	4486	com.e_mining.cloud_miner.e_miner
/system_ext/framework/androidx.window.sidecar.jar	4486	com.e_mining.cloud_miner.e_miner

Acquires the wake lock 1 IoCs

Processes:

com.e_mining.cloud_miner.e_miner

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.e_mining.cloud_miner.e_miner

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.e_mining.cloud_miner.e_miner

com.e_mining.cloud_miner.e_miner
1⤵
- Makes use of the framework's Accessibility service
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:4486

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.e_mining.cloud_miner.e_miner/databases/OneSignal.db
Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/OneSignal.db-journal
Filesize
512B

MD5
e93e21864ceeae776f8aca662df58bc2

SHA1
e337db239ec21d8dbf7f57b802109f8e5e5589c0

SHA256
f4391d91fa7273fb8c11682b7509e07abd3761a5981a89546f94696bd79e1fff

SHA512
aeba144f387bfcac0a89f0b3030ae3522ee0474a9178422e437a28b42c47ad350ddf7f797234b947ff38e40193c3993d419e7fd9ea94f516dab7cc5f451d11ac

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/OneSignal.db-journal
Filesize
8KB

MD5
9833eb660a09ab0ca1458ef7e21460f1

SHA1
a9a9362cc00f8b154a7841db3646410cae1fda9d

SHA256
3b8c47f38b7e3eaa8a32776e367ddc9054e9a9aab2a3b0b0f2d28477dc74c51b

SHA512
5c8cdf36ed87b01f4d3a9ec684cd76ca427bfb97138bc1144643c473bd9deeb307185ee6a13ba292f49380e26594be4ee59e5a23e55bb7b67fc75e0c394f8382

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/OneSignal.db-journal
Filesize
8KB

MD5
ff1bd9d1cf6792174d3946ee6df3d8ce

SHA1
c4653a2db8fe6e89a0a5f552285b8af35b1050d1

SHA256
1d3ec9a465530521395294cec699be4c4e69fd9a691a493af337e70ff988a5be

SHA512
1d16d79ad93cc2b466a244c474700f228387879e640babe6600c6efaeab7703bd5fa0d07046fadef2a05b85ab4793b0c3ba7746e9354f5d49925e59c69f06d86

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events
Filesize
56KB

MD5
80d8641cfbd8e60e43719db11a00dd00

SHA1
c630bd3046e2d66a24b24ffa2c455fc4ef894f35

SHA256
0d85563adb5b328f96685108694dd353c5e0be596fabfb4810f7a7ae277fa43a

SHA512
b25c9ae38b02e5b2df86ffff408c81c94633967abb97ffa3702f14e55f73a3cecdc8a49f9592d31d154e705dd3c04f32984a26d89df7b395af80c9c24e14f91b

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
10e4764013b2d4926820e74c8ee06edf

SHA1
9cb70ca1e5598fde905d63923df1541a1e20d7e3

SHA256
809df6d0c54c8d3ee38d83c2aa04102eab7e06547930c881ac689fefec501a1f

SHA512
6d1127b60085488472dca6cceba1c3e0cd335663a5c20b898cf11443b49dcb8a483ad72fd0557d5bde80e5e7cc8910de2d3f2a6fdf89fa827f36314dd43354f0

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
0536932b7fd50cf59d6d281d2c51a2bb

SHA1
1a9e08199405fa4a588297df0bd39363d8d8dbc2

SHA256
50115109f11ee3bc89a5673837a41232cff994c4ae1eeee0e17b599fea217424

SHA512
139a05338b1e28afd379fe3956b73a9f854b39017946114a916a2c75396953a616f84cc8057f39977ee8c8de56e8f08eb94cdc45158ca8968cc2d829045cdbe5

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
7fa4ec884e4ee3da7f796fdea098b70c

SHA1
ce515897a22c4c64db3f3af827861ce0ec81b5b3

SHA256
5210f7d08f0f5c2b1f3d87324af087d64785a2fe3231e0be730ddfc4c1a96d89

SHA512
f15e804aff9a733e7e0851049077b9705d5b93f37d5ff9c2c200eb6c5257c2e82478433b4f905d1dcce41149f185e6bbb69f0bd6cfe12df3a837f27a3f2d3e18

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
73dde037d43818d6392e51665bee0446

SHA1
79d2b7aaad055aaa21aa371d61b05684c2164073

SHA256
d8aa44c8b932aa136e23d352f22689c2173c343125e0e7588bb111fb635b30be

SHA512
95c88a7ca75a3f60fc3715bcac6a0a0f67bcf8a3a9fde5482f15e8da321521faf184548fc7a31df3f6019c48214b97a683b9fd7d0d2b1bd5595e50fb5d80f4fe

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
8165b8d2006ce0e15c783b6e570a3ed5

SHA1
da421dfe0230463535afffe5c987298d6a338c39

SHA256
f8617d84fd18dcf3a108e156908ae2884d8d5990f59626967e827e2d2afa1b6f

SHA512
94fe34d8740dac9aa5a2f8beba84fb42266bf0151b564399f8b351f16352cd4a5387873d35eb431ab162e116b558d384eae383df279b25e0cfb14b2037cc06e9

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
433829ff954c9b56c549dbd17877ffd6

SHA1
80211d13f074822b8ffc4c7cb13b281feb3a4007

SHA256
533433a80739bccecd94534bff9a9434dfde2ff9bdaebc8c077a780cd63b6030

SHA512
b561cf7b282bcf94e72afd537bb7a85f2ee1782b6dd6d9a99382516173971b6bb14c868f3ffde2d6938995d2e3c42bba30296d6f6c211d6715e7a0127b7293ac

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
fa471c1dd2130725ba3a5382b868698b

SHA1
2cba18c298c84aa57e0d33bb6d8c88f8b5c5ab81

SHA256
6efafbb5036d09cb46b583c3a21e73595cded9c01dd577e73ed63eb3752e4a52

SHA512
9728bbc8f5d4992e69b163fa76170a37e77c5e72061ef2337b7c23e7fc5f1d62277ae23ca2ea99dc270020d877418ce7ad213ad9f0db6456fee8286f37d7d5bc

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
6c9e263b7504b608808886e6bb22263f

SHA1
71f0ac2962fd71f55eb3c77602ea58cfbb01717b

SHA256
fbcffa526ad06769aec0829c84fb9c56b4f674689499a1668fdc69fb1941e320

SHA512
ac31a640a686562fce1f6f1830e8dd2b49251ea1c825f9add13fc7362fde05992f5424cdf09eac346465275301c80c514c6f3765d59cffb7f33b5314cbaba001

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
4b4d7522bdd708ea295713b142bbd0c0

SHA1
dbb18e17b4806bf46f30b941df7072c8fe5fc2c6

SHA256
07199aaacac6c0ea0a79d7bd2f25d10a526003201963fd4a30f75ca1c85678b6

SHA512
49f5e229b5ffc3917bbd5530e0a9f17164fac183ced510ea81d8ae80f743c0f5bae022a5530c3c0288c93b6854d6b47cce88c3f6a5ed824d50bcdc08d797125c

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
72589ddd0a6e02558deb19c1f1d9b958

SHA1
198bcdce71d65eb606ca699bca644f360f4c967b

SHA256
3f67a96e4147d87c29beb284793d29b609a874eaee67e1df51dfbd9ea54ed768

SHA512
917bb561d455f733360058d72e1e9f85c58ebb08bb082ece308d5ebeb4cdf2272eb79d4d0f33d845501221b7b68705dc6dc49c0c6692c7ea068a53af89f28f06

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
508ccf06ad9804b9b9b9ffb529833d09

SHA1
011d7a9eb60f084751d7a868f20c2d3396df153e

SHA256
0fe5869babdd61dd82a20d92d9f4aff5256dbde5554ae8486047426cc2e01d73

SHA512
b0cb83b992197875b044fe5eed2fc8bae15022464e991526fb4818fb169b4b519af3c9f45c28bab3b260a83474ac14404b5c3fde04796e9d5b289c026b93b7bb

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
bb499281f71315fff075b88556a49d9c

SHA1
1991fea82cd87d76ef0ee7d610b4e54a4a67d2f0

SHA256
c9ba59cfcf1193578a43736ee44dc445d70896084035efddff4859ea47f41ea1

SHA512
e53bb0c366e46e383452e7e5d8ec4bbf579bea06b237388328a03009f0f0b00e7a4830d009b9bfcdad7dc2c8de6f1a08726eec27aa0a5f5c59b9c12fe8f3610e

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
3bff814b4e48126d65a5c697b9449e20

SHA1
71eba69cc2bef8e3cebed9327c2b62ceea71427e

SHA256
032e1f9fd68a93e9a1742ba4addd0aee8d50bc7b4d8c07e4fb15aa2159b6acdf

SHA512
3fe8f510e794e4d6a94102b99b595709e1aafe34b996c5e33d3413e04c63aa0ef88145963a9a60f6f146cad55cbf830edfde82fdbae15bd0cbfb247ac54e33a1

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
1815aad25331b002e111e3bca740fe41

SHA1
802ef8ac92e2aa7ca0f7684d6064900b5f53a75a

SHA256
92993c174d7a18b3ba06af2d1c110d71599068e8b27b21eb3c0dbd646ebb024f

SHA512
27678ee6b71dd5740b708465b39a7bf95456602d6592ca8e3f1d1e47b532101447fa8ea6718635da624fa6f6860027a763ccd2eb07fbd0f2faab54937f2a949d

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
ed4bda5a9643604114f666255d5fb206

SHA1
e91f32d6b3c45847dfbc0764bd37fddd73bcedef

SHA256
284ba3bdac8772be6b99ea5c4bf5077f16f42e60335d0dce088e8d47121bb4e9

SHA512
e12e73fd11b9ea82f43c2b0c69d62e64b3b2961b4ad88acd65e0a47f5609434c647c020fbf7496d6d72a74cb5076034bb547ace07a84ca590813c08b1268fa6e

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/files/PersistedInstallation1927283675857656367tmp
Filesize
90B

MD5
a42468041698c247c6f04d7473459684

SHA1
8b4739fbf51d634f4b27b036aab37b7c8f845e6c

SHA256
6057bdeba9df4e9de7a52d21ea796dea4697f6b440f4a2a9f3722986435051d5

SHA512
8607164e595ea65e0819676b49db25918be8fc6b6c895247e064a20cb8818d96d4f01b36e6fcd33b3b952ca9430257c0baaf8a9fff91f52c400d758131e7a452

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/files/PersistedInstallation418268031854016054tmp
Filesize
567B

MD5
2414373b8a630dbc4053e430627433fe

SHA1
7878f2ab6e3f7c8f50d397be07a089b08d88203e

SHA256
346ff0cb4b802bf39294c01c75c22009cd3530c932371a933a81910eb0899650

SHA512
fafbcb64397988b6a7ab4d407709a02831dda877eabfe0f5cab8f2dd90ad98c4d5128f9f8837bfc5fc4d60f8d5a5644f75e3edbdb1dbef1c8576568cc76e7b1d

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/files/PersistedInstallation5129035570602275510tmp
Filesize
569B

MD5
12c7a033b082346661234db4b19e1b43

SHA1
c1fe459a8886d93235b91ef96fef97633074183b

SHA256
94835525ca02ef903b557d11b489148a98a8a71cd5730463c2f509b7b9306064

SHA512
f63951c3354abd3e061c28f5b819e7fb95db5e4f2dcc1171cf4c84f07f0ad081a968677ed2e2353c2ccc365d5d49e6442292f0b4439bd6910e2b9a82642677c9

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/files/PersistedInstallation8852655935814824545tmp
Filesize
90B

MD5
49e18f492ba31fc86d0ba12242bc19d5

SHA1
d39a6ae8956fc80eb4ad40a1f756300063ea85d6

SHA256
353663cd08d8f4ea6ca0d79179d557317a72fe22d6105d41c69c55fe07bc6802

SHA512
80d689bfffb34dea5274d56582bf4662dad7860cb56ef919748c0f60cae26f452ab1ce7fd404aeba013e4191a34ea2a8bf213af48175b8b16a3b1e3aba6e1e04

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/no_backup/androidx.work.workdb
Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
d5f688d32a0d9019672d0a18a4658a04

SHA1
94dd14f673509c0bdbc5ce06d4d193eaafbf6677

SHA256
2f2a243f727c0abf5a7e9fa99e31fedef30aead3ddfaac5ba5dd779c5b9c365c

SHA512
4069f842c234a977d0c11135f4dab725341ded05bcc1e77d2fe7d67da2004f077f1f563507d63ce330146a4a955b799fb384a166ddfcab0e962d9228a9177303

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
c2049fccc47e6087e2d17a205239b104

SHA1
6b2455747011bf077c2aef1302c2341bd9a964af

SHA256
964c1a3ac5518135b9a32430030b9c46016d97b5b32305c5fb03b76c0dfc64ae

SHA512
dc4aec9cf1f34db4f4aa8bba96a4587de1cb1c123ec1c22de4de8a05a8e7e4cc0f7ecc9b38aed20d46365ff67e48bdbfe4bb92464ec1eb762840dac413d2e7cf

Download Submit
/data/user/0/com.e_mining.cloud_miner.e_miner/no_backup/androidx.work.workdb-wal
Filesize
217KB

MD5
f78bba930c22e1dfd6c6fd4063790a8e

SHA1
7b6f66b37a0b955e6f3e359d85a4e3c18eac5103

SHA256
dbfbd41d323962f20c26547e749a82a4fa6bd351adf563456cbd91b3861c8c4c

SHA512
b81645e1bd2dfd3d6b9ffd2a2df696fb5c6858801001ca26577118fea1b1a6d304ddf3520bd6f6eead53f9ecb24becb5cc7c60723e0d2a4b45ba73d24e7c69fc

Download Submit
/system_ext/framework/androidx.window.sidecar.jar
Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit