Overview

overview

8

Static

static

6

23c51ed174...70.apk

android-9-x86

8

23c51ed174...70.apk

android-10-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    159s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    06-03-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070.apk

  • Size

    4.3MB

  • MD5

    c09e5ec180e2ba9ef8229136b7edfd06

  • SHA1

    548747e87edf2d49c1182ce46735517b2a92a613

  • SHA256

    23c51ed174a6014b3207b41a82c2aee0eea16df8fa1cd14c2864fb3307215070

  • SHA512

    f086bd8304043858cf826beae74280e6e9697051f0405e982e0b60f9f31cc4d02adb02bb418a482ebdc60d25f0319c232b86df2927757976c4fe9cfb8ba687d0

  • SSDEEP

    98304:DQrETnOllY4f8GB0BOydEl1LKTXVquJ+WEFjmYVcysKz2DhTiE:swTOl2s8zdqK5qt1cyxch+E

Score
8/10
collectionevasion

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 2 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion
  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Requests enabling of the accessibility settings. 1 IoCs
  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.example.securityprotector
    1⤵
    • Makes use of the framework's Accessibility service
    • Loads dropped Dex/Jar
    • Requests enabling of the accessibility settings.
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4188
    • rm -r/data/user/0/com.example.securityprotector/app_ded/KYfYeVawVHcZiqb37WKDtT2M95aExQSw.dex
      2⤵
        PID:4252

    Network

    MITRE ATT&CK Mobile v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.example.securityprotector/app_ded/KYfYeVawVHcZiqb37WKDtT2M95aExQSw.dex
      Filesize

      3.1MB

      MD5

      e06cf1893d943fbbea3550aba29819e8

      SHA1

      f799ab4febc1da1c2ad942bb5ceb90beaa14d3ab

      SHA256

      6a141907d0e45420367a220a4d6609bb4d13a5c5b6463ac116285dc7805b8353

      SHA512

      e93fc6c95a3adf40346f2cbcf6b5241d2b74b22600702dc98f897bffa344ac3033d51c4e6e94a721ed88244271a7866d2ffa68ac5d56d2e817284ef758838b55

      Download Submit

    • /data/data/com.example.securityprotector/databases/firestore.%5BDEFAULT%5D.braindroid-f00d3.%28default%29
      Filesize

      4KB

      MD5

      f2b4b0190b9f384ca885f0c8c9b14700

      SHA1

      934ff2646757b5b6e7f20f6a0aa76c7f995d9361

      SHA256

      0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

      SHA512

      ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

      Download Submit

    • /data/data/com.example.securityprotector/databases/firestore.%5BDEFAULT%5D.braindroid-f00d3.%28default%29-journal
      Filesize

      512B

      MD5

      e5730351f2c9ec0e802810085db0c272

      SHA1

      40e22d5e376a41af6ddb632fe869d311cddf7602

      SHA256

      29701daa0ba45f765b0bc14acbd516d51426da4743eaab298791589be9d4ba0d

      SHA512

      df82c0d737a784793518a40e330d9b910281b7bd289ef3ac1ea0c0a75b46c9521632b9fa8038db4caf49bce32dac6d4449a96f544a1052050356a7c989ad09ff

      Download Submit

    • /data/data/com.example.securityprotector/databases/firestore.%5BDEFAULT%5D.braindroid-f00d3.%28default%29-shm
      Filesize

      28KB

      MD5

      cf845a781c107ec1346e849c9dd1b7e8

      SHA1

      b44ccc7f7d519352422e59ee8b0bdbac881768a7

      SHA256

      18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

      SHA512

      4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

      Download Submit

    • /data/data/com.example.securityprotector/databases/firestore.%5BDEFAULT%5D.braindroid-f00d3.%28default%29-wal
      Filesize

      16KB

      MD5

      13a85d2a4a3f3b8ab9a839bd158d416b

      SHA1

      dc096f08a2de1d7b9b1b55f85687adcd2baba170

      SHA256

      6f247fd7ff143d22390c9d100c1225a216cd32dace5d38f42e3444c7e81e969c

      SHA512

      6ea676b0f972e32c18a70d0642f431e9a68660f13b80b22c37368b854912519764e9577e614030e6aef3a13ca042f6d24e33ffd62913bf69c42ed86564842d48

      Download Submit

    • /data/data/com.example.securityprotector/databases/google_app_measurement_local.db
      Filesize

      16KB

      MD5

      b955b0f6322dd9281b89215db47526f9

      SHA1

      830d0298933195ec644bfacbebaaaa8b9053148c

      SHA256

      8ce7d911580cdd671653cacda5af24bf6e87f049a4dacb35e65b909f1edf3df5

      SHA512

      2e199b1f5f1a62ebf6839fb423fd34bc7910d1779c7f89e6a2b3b7e22018f94879a0e9375a35b6424134d2190adb4129039093223d82121b0a87262b013f2070

      Download Submit

    • /data/data/com.example.securityprotector/databases/google_app_measurement_local.db
      Filesize

      16KB

      MD5

      34a01adc7e4ecfdb3b7ff0378411558f

      SHA1

      f27e5b50a1a79b52efd44c8aa26c017f4198da01

      SHA256

      88b93e55c5fbc02f7bcf402b7c5027940a79798d233683da8da4ccc03d4baf3a

      SHA512

      3d626e44e66d26ab6f6f507c7da728bdc059595df4d8e14ac00f0d88dd1baae7d0bc8f4a61f80f74696f4d9b3286e39ff9990fa9beceba4fef754a3979f7758e

      Download Submit

    • /data/data/com.example.securityprotector/databases/google_app_measurement_local.db-journal
      Filesize

      512B

      MD5

      b9cdb26b6f3921779a84929e5c9ed3f4

      SHA1

      b54fa5d1d03bb528e33da6233a48fb04d3b099d6

      SHA256

      6a116d2e2c1270f52235e29cf4d2bb0c31a9ab0e1e51451b01c3bcacb4fb1b78

      SHA512

      7b36fca6e29af1fdac77cb61618402991c484b5674662fe195da5afaf5d7d184210b2597cf7a69b4b07a0471f6a63faef342eb41d3dd27cee3723055e53b89cd

      Download Submit

    • /data/data/com.example.securityprotector/databases/google_app_measurement_local.db-wal
      Filesize

      32KB

      MD5

      3b5844c779ffdc1f8175911cd03126e0

      SHA1

      acea731cb094b3c3938e300641da3b5e0f726d6d

      SHA256

      1d5fabc85ff78d1552dbd98a06b15c0b28c799d1393266aa51b9602cba733628

      SHA512

      da88214404b5074de1002bf0ff6a10aa78b55390fad1d91214b32fa67777d34efa70befd85456b310ec9f69c0d78ff0ddf2ac0c2a26e06a1a630c36ba5c89257

      Download Submit

    • /data/data/com.example.securityprotector/databases/google_app_measurement_local.db-wal
      Filesize

      4KB

      MD5

      61964ad20e4184a46b906aa1322d4b53

      SHA1

      27b6828083a9ec2dda7a477c6c4a2fb52f1e31e9

      SHA256

      ec47877b71ecdcc996663c404fee714b543e42e894593a4f238af595083374aa

      SHA512

      1a19e1059a77cd51aa765b19eb127222e3697e297dbe985b2dcde9adaf609bed58ff602c0d8180bd1aa78eca622e42b554660618566862cf35235a93207b29c1

      Download Submit

    • /data/data/com.example.securityprotector/databases/google_app_measurement_local.db-wal
      Filesize

      4KB

      MD5

      3696c17e0ea710282f18675fd335e0a8

      SHA1

      6a036ed62852057d70a78846e83be243081ef81c

      SHA256

      e9bce5c21c263aaa82809b38bcbe4f1718f0ff25dead97583284d450388ee755

      SHA512

      3bf137d283f0a3e68d942d36d8129ccc28920136f340d81f7b81be6d4409a5eae15a75b802ae1dd518901f24938e2e612f9c290e3869198dec3c7360565e05d1

      Download Submit

    • /data/data/com.example.securityprotector/files/PersistedInstallation2159832900555383624tmp
      Filesize

      90B

      MD5

      3ab8db1826924c8503c01ea25a5a2a3c

      SHA1

      ee27d63e587d84e34d4c5079384c25b8e84cc2fe

      SHA256

      3996289742426c35cc6d331623e3daab2d5dfbce7ac4e1a18c15d019f723b3c4

      SHA512

      844adcb4e970627181ebb092319ee6016f00a75e5a0dc1b8bca079eed811a6ef82730a2a7aae63da4628776ae7ad51c7667b98a4cef31ba08a7e297f151e32a3

      Download Submit

    • /data/data/com.example.securityprotector/files/PersistedInstallation8359596026818708787tmp
      Filesize

      569B

      MD5

      39cd9a10e7308b7cd62adcbe952e224d

      SHA1

      ee212590cb20c58f5f45cd0a5fac8c41a3bbcdd1

      SHA256

      55ec28b68de4c71edde968682b4a169ab071cc912b937a357026ecaed0a296b1

      SHA512

      590f6dcdd3e342541e6d3baadb8482b3e01671ae310509971b40013144711d295a12aba88adf98f756fcfc1bc97f5c7fc2baa219af44e3b70bd56ee6567c494d

      Download Submit