Analysis
-
max time kernel
10s -
max time network
144s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
07-03-2024 03:45
Static task
static1
Behavioral task
behavioral1
Sample
2eb4546ef8f173039501329088e7cf81.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
2eb4546ef8f173039501329088e7cf81.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
2eb4546ef8f173039501329088e7cf81.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
2eb4546ef8f173039501329088e7cf81.apk
-
Size
1.7MB
-
MD5
2eb4546ef8f173039501329088e7cf81
-
SHA1
3d5fcfbcc0c6689e0f3a28483126c0348fd6793e
-
SHA256
6260f500a0847ecebe34f4fcbe89cf5f9708669dabe7bb1dfa6ca0d2f3cbd107
-
SHA512
d79a9ea31cc6a5377c32079b72d587a0dbe9578d65b462275bfd798ef9741d4751c5d960ae2da06644e6736f5bce07ce5727e11e4e465648723b108e3e7dc39e
-
SSDEEP
49152:sGmzInM7lq0g+5zZEnZe7kdMg/Fb+xbHeG3q:gGMpawEZXRx+bq
Malware Config
Signatures
-
pid Process 4390 com.sas.seafkoagent.seafkoagent -
Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://media/external/images/media com.sas.seafkoagent.seafkoagent -
Reads the content of the call log. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://call_log/calls com.sas.seafkoagent.seafkoagent -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.sas.seafkoagent.seafkoagent -
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
flow ioc 25 ipinfo.io 26 ipinfo.io
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD559a6f5a47e5f7cc3fbeb3554b9a1716b
SHA15300611869d10ebb568c50298416ae2d8b27907d
SHA256d4e61a70b49bd35acd3057ce9a093e8ce19852457547d0b535d5831009124d35
SHA51282a5bb8a1fc36e574349c9ecad6f13ba1d10d53ac97da0d503bcb384c786f80cd22d2a889f25d7eccb7bd21330dbcb14dea2a6813ab7ad39b0e991d604dc28f3
-
Filesize
512B
MD5bffcb744ad662644877bdf8ed45598da
SHA10a208becebcb75fe763985a2005990367f6b71b4
SHA25630df10928c2302e8834f6c0b4afed7dbe9293cd77295ac84fb5a3c07a3541527
SHA512d998a11622c23a24f45f90a859b143b43db565037b3af2ef38dc238854dfc019fe3161d1fe016148ed304a40192a76cce794ac052bc0a9316cd7866e9701354d
-
Filesize
8KB
MD591b7973a10582b8e314b7e3627c6451f
SHA1e33cdb7282e2f3ba8993f457b1112180f17e32e1
SHA256f276d79531dd363022bde30abf399df5637e1800cdc5aab244e4526f7575d27f
SHA51244ff34692dff961c5928769a76c0b19accd3f248f1e80457db8787baf2df6996e449a408df0b979b6705c989d6f1689344c566621e6eb76007eb41f2e878e9f9
-
Filesize
8KB
MD5a5e1662114d2658735bba9fd6219d1fe
SHA152423664d4aafdee5c72dccee1db83d28c3a7ddc
SHA2566601f233da7245227fe617804f453eb43e33d87c870f6633984b1590c365ee96
SHA5124fd495064ac78012116b8b3e947dd3423338891caf81e766e56d8b8edafdfcf2a3d8818a1465742b46a1abd7e5196ed10739c7051b9fe945ba9d18a631557cfe
-
Filesize
8KB
MD5a19ad5b411a59d034a39eec1f3d29566
SHA1ddee1df7506fa316346b7a28f30b093f2ff07fc0
SHA256f0de2802c8fe3b1133707daaedf7654f5829f8f7a428e4f6f3bb45f09f6b242e
SHA512b57c2e243fec1ec9bd8cfcf4d3cba3d67a3813385e0143da1e4880827bf6506637c0996ec5cc45b458b82b46162d122b60f4aa0b92c9e54b2fab22529d31be52
-
Filesize
8KB
MD5c558d7fe657bdfad1b6a3fa2d69cd762
SHA196364e3503a1025fa1430963ffc0773c4b50a2a0
SHA2566fcf682167d274100bd592419e3a141a9caac255d610b2de5d9207768e223106
SHA51211a2c40181b7d6c920b580e58399381bd348b8ca395a5b0c2acf0d5deba8ce49a5c1ebceb8e9fcabe91d086b1a58979736cd72471ebec2873c5945e9f7fd51ea
-
Filesize
8KB
MD523d2c2b4d6082dcb200b1dea07391076
SHA14355d833c3c4a85e84fb0f76db2061ed509fb597
SHA25663370584fbd79785318be50f81a94ae6c649970fa5dcbc9ce415608124af77ba
SHA5125af950bfb030a044034bbe90d53845c9425be07dde7ab48a6264ec418c125920f2a5aaddc3957f11ef9e08c83f6e6509473fad3b7153f605108d7d491c1f30df