Overview

overview

8

Static

static

6

18832427a4...25.apk

android-10-x64

8

18832427a4...25.apk

android-11-x64

8

18832427a4...25.apk

android-13-x64

8

18832427a4...25.apk

android-9-x86

8

Resubmissions

02-04-2024 06:58

240402-hrp13aae2w 8

13-08-2020 12:07

200813-m8qffw1xej 10

Analysis

  • max time kernel
    26s
  • max time network
    302s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    02-04-2024 06:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    18832427a4a7dd1c2960a40fc13fc0dfc5357ecafdf7dae9f89d721f4138bc25.apk

  • Size

    1.6MB

  • MD5

    b8d3cd2eed88a3dbd30e1447c1add48b

  • SHA1

    c21e13d788b4c177829ac43b8bd4c71487fe41f5

  • SHA256

    18832427a4a7dd1c2960a40fc13fc0dfc5357ecafdf7dae9f89d721f4138bc25

  • SHA512

    fe012a29fc00b8d76f9c293ca42618edeca8e2eec41f8117513ed162b3e9a178d2ee5ca3e9abcab0cc423c03c2d0b9a3867f428b9ed9f75cb06bfcbc8ab540f3

  • SSDEEP

    49152:CyLC2HJXfWuJASAW5Gxxqa3j+SuqWTSMJR:7C2pXMSAWW3juI6R

Score
8/10
evasionpersistencestealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Acquires the wake lock 1 IoCs

Processes

  • com.arhmhjzr.qrcbiocw
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Acquires the wake lock
    PID:4188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.arhmhjzr.qrcbiocw/app_files/nrjohko.jar
    Filesize

    224KB

    MD5

    c4588edd01e29f3d8ee7436176a456af

    SHA1

    d3891818b4087d520f37477bccb93dd72811cc07

    SHA256

    9c67b44a54de4e031577592eab5b73cabf7d234ee7c4fedcf17b9f6e6c84134d

    SHA512

    939617259aa77a8cc74004dc03ab45ed1a593c453c187a5dea803b56db201050cb0f83c238fa17fb2613480218399b912ebfa49b351472843cd2b4998d2f17dc

    Download Submit
  • /data/user/0/com.arhmhjzr.qrcbiocw/app_files/nrjohko.jar
    Filesize

    469KB

    MD5

    7961033a8ef99a9109afb5726e53e485

    SHA1

    ba786fbec06875c048a375afa172c6f53a1d1687

    SHA256

    bda2af1c666433f5026692405a11b8a30646c7f95f86f27e2279002e51dbf302

    SHA512

    69cccf064c1858541ab059c0b58aaabce8cdde3a6f6ae43edaaebc74cbf94f77c84842063dab5f0d722f41a608e9bf7a3b9c7d8b98a24e3769e5129d63a96323

    Download Submit