e2eb4fe023d4d8c78ef4c87bf23b23e1fdd1c8c7633d5ec2f0c99be5090fbecb

Analysis

max time kernel
125s
max time network
145s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
10/04/2024, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e2eb4fe023d4d8c78ef4c87bf23b23e1fdd1c8c7633d5ec2f0c99be5090fbecb.apk
Size

2.2MB
MD5

23df9739dd8805185665f98f2fc7fb1f
SHA1

7fa1ad7802dcdfd74b6d4b9dd758ae6ff651a594
SHA256

e2eb4fe023d4d8c78ef4c87bf23b23e1fdd1c8c7633d5ec2f0c99be5090fbecb
SHA512

aee01aebc16502d75e858f3355f61bd01702c763138bddd61e79360376cc34519e085b63debc8ab50889bac5f1f2ef943d16dd93755de45db2cbaed0d58319b5
SSDEEP

49152:DxHHiHVGJMPw4KNNhMm4gIsRoTwrVEV9XF:D1YtcIMoTwrVW1

Score

8^/10

collection evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 2 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion

Input Injection

T1516

Screen Capture

T1513

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4688

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Discovery

Lateral Movement

Collection

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b69bfcf1f4b9eced4fb7664a85387318

SHA1
61c7f542f58e16678592610d5bd49cdae0e533e1

SHA256
e11819bdda28bdf2dd9dbdae5075857a68a32861394b6fb0ea11b0acf02c1aa2

SHA512
7da8db9376089d4ea4a814a092aa9fe21d22c4c96331dd0b096da607f14f5db6092a4b699c3cca57f9684e04da9f14743efdaee502be6a0d6a77fdcc23bebf14

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
4caee3df66601ceff96771d4a7bf2d72

SHA1
dd86fa133134d09bcb293336c983e326bf42f85b

SHA256
983f7b946daddcb21a54bd2507fd3c6511c0a49676e82d736c8191955d841e05

SHA512
55ba106b676e8974a10fab3762473fa8aa239a6243fc5e5f2aa4147226150dbde9ba0fbf37b4b517e969951eb9a982a971a2959a3c141dbfde32afa2460e87f7

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
fa71d7a5a10b98edb318159fede2b56c

SHA1
043e8a9c45121f6471d168c9a0b624d710a016ec

SHA256
52058339e7dd2fec127f8e9327e9c93b23c5b330a5414f0e2fc331b5396c4623

SHA512
eaf4521fb3f2c26e8966569c10119b841f0402516057824575d7467137c39f49663e0434219611dc3bb2f5808a16d909fdb3db6ce46862a2fbdda8dab7982e0a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads