bff0087b9e9d47e64841c0fd32d89c521d1ff4065d695472c7c107ef620ac9ba

Resubmissions

29-04-2024 16:39

240429-t5y2nsfc99 10

22-03-2024 02:09

240322-ck49hshb5z 8

Analysis

max time kernel
18s
max time network
140s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
22-03-2024 02:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.apk
Size

3.6MB
MD5

3b2bffa809e1332c8b77f91add1a7374
SHA1

cf0489ae4122584fcc510ca1c6c93ba8c0405899
SHA256

bff0087b9e9d47e64841c0fd32d89c521d1ff4065d695472c7c107ef620ac9ba
SHA512

6a74cb476d094958b66b73501ccd961601d1bee0c2f86ef453ccde2dd9c2cf1c53437df8bfa6c1d64f212b27e6f8087b8d1d64ebda3d1582a6150513e2d98531
SSDEEP

98304:88zYcEK7XH8yVw98Mbwb81jjrcz7dpN9hB/W+3e+NQGAytLu/:88nEK7XH8yOhjI99j++uG+/

Score

8^/10

collection evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 2 TTPs 1 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion

Input Injection

T1516

Screen Capture

T1513

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.systemservice

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

com.systemservice
1⤵
- Makes use of the framework's Accessibility service
- Acquires the wake lock
PID:4261

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Discovery

Lateral Movement

Collection

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
7029359ce341208c8c0a9cd2306ed6b9

SHA1
68c955923b6bee0819f51c9d195b93e7546f0e63

SHA256
e203c964907e71eb0f4ac09c3fb995342377fd597650c216697b901f21b3c5fd

SHA512
4214ee2423e4f0b0b06490f91fb4d97439772dfc64f6b18eb10f3a74e52cb1be12e685fe48e24a1165e43f9c41799b9f3588528d1e29ab0f582e670479bfbe14

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
16KB

MD5
de6235b4c8c35373ec1d59ff82c70d06

SHA1
0019504af6d76edeb834bc945ead9c97475cc896

SHA256
3f0595de014d63fc24e8f55b10a5358956e2b33e08b44453d6bd641c875002bc

SHA512
7d088759327c93908ff4e4ac73a9a7f43b9b0c0a94bdb1d2e2dfe0096d87e41314472c947f809b4f0b1f179a27d09c72a164f1b9a59d50ae0cc64523a7a99a51

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c340f961ca08d0f177de104dbd012a8a

SHA1
5ff7c95650e49c57135aa231f8be227bb8800d6f

SHA256
b99cc78a638520e5d984d88ee73361e6e6643da253d1f94405e3aa2d95709649

SHA512
7deb82e1df027b8f16eafd28dda2112dd602c4c9aaf4276efb1cb73c2a659b91d02da5a00d66e5ed8539917771f4fe6a34d78b74f71371e5c485a669e984dd48

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5ed617d08cdd669142aae91c63e4bf5c

SHA1
02f138848879ea2474bdc901a0850cba9975cebd

SHA256
94b26f8db8e02483bd42ffdab102031f8f13730f8ca8412567fefcceff4671f8

SHA512
7158c01c4e33bfbe8be0cc1726808cc878e77e4d1621eff9f4b9059c0f76dccded39ffb73c4378af98d0c121ce9c53020ec9ab8ba000644befcb354855312374

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cc92f6e226306c7bc98da53e25d93632

SHA1
2c82a4b719bd35914026039ecac92877bb1c1c7c

SHA256
edab6bf20be0c6de0c6e06a3f31d992023564f00ec932a3c6408a6ddd7026a71

SHA512
9d72f307588ff891c3bca4515eace39897fe23e65179c1da7cb46f92dbfaf3dc9caa5b0c6813c32d239322ecedc0d26ffd746b069fe535145fb7ecd0f1069811

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
37a9325e1a575ab9dff4899f585d9144

SHA1
92dbdfe74e4c921f32c228936a620852db13a7db

SHA256
4c61eb68ea8970da236d7145d7c13c18581c7323b24ad5b15986df93205210e2

SHA512
65f9ab02105bdc091e6acefcf9f77dfff4622118fd8bd3356e129bb69e208a77e51f1fedf9b7213c55b57444a5ce4f2fa48c28d51177537eba1bac149e56fad0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
0fced743df688edb6cd412c509724b65

SHA1
97c03e6d7d0c297c4e2960d4f3ff2f5136d04820

SHA256
9578b66a43648517b0783b1297a02f6bee4b000341f20459353ed0813b902285

SHA512
8de11a2548fd90063aa1cdbaa48fb45348795ddc1adad2cc2947ea8339000abf9baae7021ec30c1211ca825540531f4f8d32dd96ab94e66efc76765b965d4173

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
06e27907fc04c1fbd27d689b9b0f7c90

SHA1
978024a2b2b0c59eb3719c846eaa5c54900abfc5

SHA256
ba158f2ad68dd181c5d4fb4f10d8351710baef3c3af466d3e9adda83abdc912f

SHA512
6a19044aa76708cc26de570733871eaa9267b4ef650785d2ff5271b29d7b6925e89c9eea311193dc62231fd3748063d346eed533eabf907a953a188c4c88898a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8a8745a0c9d5e66ef2a4727c4cd45caa

SHA1
09f57d97c11ba582213e8a37cd041253c846ad1c

SHA256
2c2bbeb631e916fad7857c70593016e1409bb204ac4d6b95ef15a13b9910f1fe

SHA512
b92b8a6777da867472e4ada4effde30153fbe03fa28cf4a636c4237923a9e12a4fb6790e4a8234e8592ee942b413cf86dba558fed3f2764b6843a4b14d488d4f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e90613247c098d8970519255b5cc2c08

SHA1
b3cc29542c1ca281e93d38011ae36b1fd5bba29c

SHA256
f9f3479c821a20a0758315db6f36ccc4e84a96873083085f80e5cfa57af053af

SHA512
d9c5ff9d5c2de937d9adec9daaa24ee5f6643f503256851f1d7a29b0672008219e506e9be350c9a4708ed39af8204f074c17ac091b6a885c370f67711ff70b84

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
cf1f7e1879c8dcd26a7810b5cae42ac1

SHA1
8091177e6545705e2fa470123bcdaec520c9d148

SHA256
eaf71994e639990c22160f473e62fec296e646117d77dab6a2d81c3f2a51529d

SHA512
2fb1acb47f013456c3af7f17264d5ed64fb38c61eeab7890118e9251b8b86aa5df8b8eb4bb5d87a694d6610adcee4c37c4aad6abc9bf659ec8e748710fd619f3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
38e664e45753bafa1ae19466f90219f9

SHA1
1ee5719cbfb083bfebcc53170cc220b290b76665

SHA256
238af4d09389ddd4004eac29582e75982a757dfaad738dc6cd6c301ea5422b7f

SHA512
eef05ed0cb431f549a32a3bf3e2cdffdae243f6a37d1994286332dd3b6dcad2611ee8db99d023e3e6fecc1e489c8f1aff6afc5742abc64a3919c2d56c1cf0628

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
115f481a863c46581af2c1b81588090f

SHA1
b31aa9f7e49a91221b24c09d8b58907d94f1121c

SHA256
830996c2459b28d21bc75db8c43fd0c9a7dd05d343f023bdad5583c4ae6f4df0

SHA512
9d697ef328b906e0a0720a8e8b8baff87afc147059a3559c230dcfa15ee8765ffb01099b410612c2deae26a74d5ad98405b1f871c6ef29daa2b8fc28dafafadf

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3045141418950785849tmp

Filesize
90B

MD5
aa3438adf09c706582777c0872549733

SHA1
d8edbc1f9fb71c35e81f764499d455acc68c812d

SHA256
e02f8c7ff0fd53d90e116de3aef6c844e0eb2f966c387017abd534e2ae4a4521

SHA512
57bc211ba824274e54a6d894b4dc367d793aa315115bc9f3d9a7d924f6c45336a48a6ea74a7869dca68d73d0186f5c0fbf21c30e80372f5024b47317b5d7fa85

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3498068646248794262tmp

Filesize
557B

MD5
0f1bcb42e0b5b0e61cc41113a3d1c709

SHA1
70cb8efd6c94c9d38999c4d69807dcbcf805f987

SHA256
86d83166f71ab7d99f7ceed20c9791f79585fd23846f2772872e769c4dc66235

SHA512
7319a64d053bfd4eddb1de7a498c4829e45ca2c62ee5e90afa4a70bcddddf3df91d39ac8d629bac28400c53d7a07a54c80fb77d403cf7e207c8cb07d247ed12c

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
1KB

MD5
a6803d87d0f62887f5be0ca335108776

SHA1
b5e652b03c3e0c433dbac9a8eaf5270529d5a059

SHA256
bd662f82bea04f32671baadeb43bf3fea21adad181f370d8fd46f90c8257254a

SHA512
71611727575d2ec0fc1f57cf6fecc055428f5b9c690de41752ea08c9b88577e9a6928076cfb92a164ac7b78be7b290b8c1d62e0c45991ca31e7cc1b2938d1a23

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads