Analysis
-
max time kernel
149s -
max time network
141s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
10-04-2024 22:01
Behavioral task
behavioral1
Sample
9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da.apk
-
Size
760KB
-
MD5
c974ce6623837f755f24a61562ca2bff
-
SHA1
4d6ca706358838c1e52c0b8210968a062a01e73e
-
SHA256
9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da
-
SHA512
2d4945c9c4a6ed5818d69d00be4a760f316e4c2f35f4694fa1fc0b9ac9bb8d3d17431513f2890200bbbb52abfbf6ab465d7baa7474b4b6f24a62e5c7516565a6
-
SSDEEP
12288:kciBMHpgfvNldadNbubVRADn+JBjkAgMsFMjIP:khVfvNKdNibVRwn+jFsFd
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.content.pm.IPackageManager.getInstalledApplications cmf0.c3b5bm90zq.patch -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch