Overview

overview

10

Static

static

10

9ad6d8d10f...da.apk

android-9-x86

8

9ad6d8d10f...da.apk

android-10-x64

8

9ad6d8d10f...da.apk

android-11-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    141s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    10-04-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da.apk

  • Size

    760KB

  • MD5

    c974ce6623837f755f24a61562ca2bff

  • SHA1

    4d6ca706358838c1e52c0b8210968a062a01e73e

  • SHA256

    9ad6d8d10f0da32ff294640e0b1d2cb2300badaa49d0d6cb4daaa40512c106da

  • SHA512

    2d4945c9c4a6ed5818d69d00be4a760f316e4c2f35f4694fa1fc0b9ac9bb8d3d17431513f2890200bbbb52abfbf6ab465d7baa7474b4b6f24a62e5c7516565a6

  • SSDEEP

    12288:kciBMHpgfvNldadNbubVRADn+JBjkAgMsFMjIP:khVfvNKdNibVRwn+jFsFd

Score
8/10
bankerdiscoveryevasionpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs
    bankerdiscovery
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs

Processes

  • cmf0.c3b5bm90zq.patch
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    PID:4584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads