Analysis
-
max time kernel
154s -
max time network
145s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
07-04-2024 22:02
Behavioral task
behavioral1
Sample
58330b5944169d53cdf153e684f9eeed71de7c0c754b9feddbce66b6dbe9f58b.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
58330b5944169d53cdf153e684f9eeed71de7c0c754b9feddbce66b6dbe9f58b.apk
Resource
android-x64-20240221-en
General
-
Target
58330b5944169d53cdf153e684f9eeed71de7c0c754b9feddbce66b6dbe9f58b.apk
-
Size
759KB
-
MD5
d8766f65f19798576ccd7a2663335d08
-
SHA1
a68019bf9280ef5198c71888280a87c5fd121aee
-
SHA256
58330b5944169d53cdf153e684f9eeed71de7c0c754b9feddbce66b6dbe9f58b
-
SHA512
848962d4764202f027f90b0ea514d8a5a1870c3ac84a1bab2f06da4e3a058d000222b37320225f6b18d56c2923fdccac13792427fd0a2d20266aa33c796b9420
-
SSDEEP
12288:gQwH7J6sgRALzv56xYnfdh5WmpYshXZPbGwidNpglBH:gQSJ6s7Lzv5qYnfdh5WmD9idNp4BH
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.content.pm.IPackageManager.getInstalledApplications cmf0.c3b5bm90zq.patch -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch