Overview

overview

10

Static

static

10

fee9632fb0...f1.apk

android-9-x86

8

fee9632fb0...f1.apk

android-10-x64

10

fee9632fb0...f1.apk

android-11-x64

10

Analysis

  • max time kernel
    45s
  • max time network
    146s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    05-03-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fee9632fb0d203d1e945339015252b8c4f0f326c3094b93ddc14ab7806ad80f1.apk

  • Size

    1.1MB

  • MD5

    7f3fbd968788cd060ed891149d7019e8

  • SHA1

    8c06f8c0db215d1b592b8b36581270f6f8b07bc6

  • SHA256

    fee9632fb0d203d1e945339015252b8c4f0f326c3094b93ddc14ab7806ad80f1

  • SHA512

    2a2c26757f55fc7796d54e59a41432c95959e0d54b4d49c8435f9d75bd21c90466f687af440a38f9a0ced73f5c0a8c0148d32a5d9677cbb2551ec35a94586f2a

  • SSDEEP

    24576:votkkugX/a0C9GbCJy8MkBUWjXuoE/oJyONg/Pe8TW:AtkkTa0O5UkW/tONg/nW

Score
8/10
collectiondiscoveryevasion

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 2 TTPs 3 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion
  • Requests enabling of the accessibility settings. 1 IoCs
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.kicozapiruxesati.tasulu
    1⤵
    • Makes use of the framework's Accessibility service
    • Requests enabling of the accessibility settings.
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4181

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.kicozapiruxesati.tasulu/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.kicozapiruxesati.tasulu/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    05e06572e549516bed2d07ff0e153a09

    SHA1

    8eaac548f6ef13fc622f29dbca886ba26dc56964

    SHA256

    7e0f3de447a874b5664aa89bbbb05dba2cbfd6423dd77fb81098db75fd2accfe

    SHA512

    4e1769f76cfe1a9c0d63e9608d9a2b708274d360ee250efd4c5cf00b07a739e1a8cc645cba56df8374ca9180e4393e15fc206b5c3c2c3d8b536195d066d39d8e

    Download Submit

  • /data/data/com.kicozapiruxesati.tasulu/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    8635154a4e265f195858d297429f7972

    SHA1

    67ede36a38fbf2cc85e00484630b826dcdd9e0c7

    SHA256

    c0d70413a65cf2b4d0ca0609d6efa496ffb79cb3c47b04416d900b06633dc179

    SHA512

    6b5c71b6e85702847c7e17b77887d500e89aec1fb93b4bd918f65cfa77ceaebb6e6a5ce4a0182fa44d2fbf8b01d3ae8d069daf209bf8034f05a75280be516956

    Download Submit

  • /data/data/com.kicozapiruxesati.tasulu/no_backup/androidx.work.workdb-wal
    Filesize

    173KB

    MD5

    732488a794cdfa9d72b35beee921bcae

    SHA1

    5545ad90fa5a36e7a3d118b9a4693567f5c59e5c

    SHA256

    2a24a7046ca9c75903800c1e76c5f4e205427799ccb09a095dbe51c3a61828ad

    SHA512

    97e24f640d1cddb0329c72f3eb3e460fe9dfef3da398c32740137a8d6f136e3001d5836c27759c5e997dd24a052e7be87e20267060f95bab2829eee3e1f9bd76

    Download Submit