Analysis
-
max time kernel
148s -
max time network
154s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
07-04-2024 22:01
Behavioral task
behavioral1
Sample
5b7f3a88d0776a4edde90847c76b583da8f90db717f94a341697cea5f48edaa2.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
5b7f3a88d0776a4edde90847c76b583da8f90db717f94a341697cea5f48edaa2.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
5b7f3a88d0776a4edde90847c76b583da8f90db717f94a341697cea5f48edaa2.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
5b7f3a88d0776a4edde90847c76b583da8f90db717f94a341697cea5f48edaa2.apk
-
Size
760KB
-
MD5
7899935b847a98f8540bbb936b62e836
-
SHA1
cf7689411da21099adc31e92b4950f9793f6213d
-
SHA256
5b7f3a88d0776a4edde90847c76b583da8f90db717f94a341697cea5f48edaa2
-
SHA512
a27f934da8b258d740a8e1e0944986f7a67d5ae3efae5366ea62a6510e5dabb382a65d24111242fb503a3c43ddc59509673762b2d5c4fe4d25ec87238a2c48bb
-
SSDEEP
12288:G/3dCYa1a8Lze4bqheoDzj5WmpYshXZPbGwidNpgha:G/3Na1ame4WeSzj5WmD9idNp7
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.content.pm.IPackageManager.getInstalledApplications cmf0.c3b5bm90zq.patch -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch