Analysis

  • max time kernel
    301s
  • max time network
    311s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    11-03-2024 18:48

General

  • Target

    xxx.apk

  • Size

    4.4MB

  • MD5

    5b416a264c452d413954c3c6b2a7f9b2

  • SHA1

    c556a2949abb5a01863060869a59c8f6be88f32b

  • SHA256

    abd521ec0f2bd43ffc644d260d8c8ff57d9335adf9a667b4ebc00a597402fe35

  • SHA512

    d40a5c0746776c2b07f1df063f000712137dba667dd999a18530ce0200a9162c4975f5f54e56366191fd00ef1406df46ade60f260f21118093bb0a74f8f43bf1

  • SSDEEP

    98304:zPlRr259qHV7unzkYw6dejpo64mzAzBvTE0t40v/47:rlR894YQYvejpzz03rvm

Score
8/10

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 2 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Requests enabling of the accessibility settings. 1 IoCs
  • Acquires the wake lock 1 IoCs

Processes

  • com.whh.premium
    1⤵
    • Makes use of the framework's Accessibility service
    • Requests enabling of the accessibility settings.
    • Acquires the wake lock
    PID:4457

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-03-11.txt

    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

  • /storage/emulated/0/Config/sys/apps/log/log-2024-03-11.txt

    Filesize

    17B

    MD5

    1c26ecab0d94f2a4b2dfc7bfda43eff0

    SHA1

    3c89a227f7d5f3b3db5824c4a707f4438bd74cea

    SHA256

    4b4e3e72c544d8cf6533031bef655dc6f71834c4ec473fa218144a4c0c6014fa

    SHA512

    513cf924f101091eeff27a8950a6913d557ff4d72696e89df869accc3dd1b5f64c9b519782222e412d04ed50388ee3bc4016cb92ce0809bee56234a3acb5a5d5

  • /storage/emulated/0/Config/sys/apps/log/log-2024-03-11.txt

    Filesize

    25B

    MD5

    cc174b383802cd2ef348facbe7ff6cfe

    SHA1

    1ec43151d80eec7706e49c525d7f5acbba5a3931

    SHA256

    b62bbe71f455993330bf93bd0a20ade083c5f96bf3a932a145665f4fdf115c3f

    SHA512

    24e7b563646ad5d9c4f1f1f4cedf290486a2c5fd00b5df2065df3b8f18cefee84c7fba43499e59bb46c8e448ad53d47598fb12217af5b27886582a4152c473dc