84ce04fd8d1c15046e7d50cd429876f0f5fbca526d7a0a081b6b9a49fe66131f | Triage

Analysis

max time kernel
33s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
10/04/2024, 12:20

Sharing

Report Analysis Logs

General

Target

84ce04fd8d1c15046e7d50cd429876f0f5fbca526d7a0a081b6b9a49fe66131f.apk
Size

101KB
MD5

7bf2ca0e7242cabcee8d3bb37ac52fc7
SHA1

9e3ca59dabf0bd46250a6892b1fa088629a6a4b7
SHA256

84ce04fd8d1c15046e7d50cd429876f0f5fbca526d7a0a081b6b9a49fe66131f
SHA512

cd9d07d526a1b149ea09fa761e18a7d93feb8ab55753e9b958b8855884c7544cb0eef830d43bfbf927db798ca50e8dcc0bfd2686e1b3f3578acb95b35ca0e6a7
SSDEEP

1536:TP/GkKUv6l/pAmRcV/aoALqtPyYBCcnPp/a27bfY1DdPhXfbI/QuBo71V3Cfau/:TXR6lR3RESoAmtPyyCgdchXfbMg1cJ

Score

8^/10

evasion privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

pid	Process
4268	com.sy.go.immx

Tries to add a device administrator. 1 TTPs 1 IoCs

privilege_escalation

Device Administrator Permissions

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.sy.go.immx

com.sy.go.immx
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4268
- su
  2⤵
  PID:4296

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads