Overview

overview

10

Static

static

10

xxx.apk

android-10-x64

8

xxx.apk

android-11-x64

8

xxx.apk

android-13-x64

8

Analysis

  • max time kernel
    301s
  • max time network
    309s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    31-03-2024 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xxx.apk

  • Size

    4.4MB

  • MD5

    609002651a476451a876d70bb2113a3a

  • SHA1

    cfd3ca670e09ab76978c21c6d7abf71337ec7edb

  • SHA256

    18ebf26a49e2d0781470fd6a2afc8f7f47d480f939ac0fceaaf0d534f0564bf1

  • SHA512

    26003a86728567d644f4bca36d8aeec7071d2e0f19320ae527e2ea3b18a108681fca53e5768d56add41f2d7f8c54fe5183569f0887cb4cc2236d14025d15b300

  • SSDEEP

    98304:kyYLJNrab3QPKcZE50+9Q4mzQzBjTQ0t4EHY9W:kyYL/ejwvE6+9gzs73F

Score
8/10
collectionevasionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 2 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Acquires the wake lock 1 IoCs

Processes

  • com.whh.premium
    1⤵
    • Makes use of the framework's Accessibility service
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Acquires the wake lock
    PID:4684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-03-31.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-2024-03-31.txt
    Filesize

    17B

    MD5

    ca7d8ac6124e1626f1c6412913414831

    SHA1

    f953af9a378db943f9584b381e146233c5d0fbb9

    SHA256

    0af366b2556fb64ce7226d6e0bc722d0d8a65f10e2fd6df678fa3c9137131dbe

    SHA512

    1b615d2e9556a060ea21115a4fdd036a5cd29071ce22f5b55e49f7184a7d78aee6cb5cc7ddcf2f44e6860796cb327de0c37faf957d433c04360551342164b1d9

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-2024-03-31.txt
    Filesize

    94B

    MD5

    3853562775362ba1a7b8f551b8978753

    SHA1

    c2fada066718ce03c48348d1e630c4f57aa156fc

    SHA256

    50b1c996dea5b9e6e81829e23d8929d9ec46c77a3e1324836e443fe768e6f3dc

    SHA512

    60c76533611c8213c80192fc6acc954320799335f765b69fb259d5563b04016922c87778ec1d11b2e4bca7043a6cd5e0a0870e65b0c55ef73ef02e108b67e192

    Download Submit