afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084 | Triage

Analysis

max time kernel
14s
max time network
159s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
10/04/2024, 13:26

Sharing

Report Analysis Logs

General

Target

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084.apk
Size

392KB
MD5

a48254acb25d81307d4ebb99e187f5c5
SHA1

7ee14f38b953e57c3b29d91fc6a683e90ab888a3
SHA256

afcbf339d1c0a6174f93425cd1b8ba50979132856f0c333865a62d7c6e8a3084
SHA512

d56b8a5f8323af21bc8032e9485481b1f88853e080f0443455800a4d356b1fbbcf55df7e144f97c747142860677b309a899e005e59b5ad0e16f70a1ece854d8a
SSDEEP

12288:MNr4QELGqdn0xx/7xKNR9+SwMZlyIrnv5i0/Gr:Q02x8M3wRBs

Score

8^/10

evasion privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

pid	Process
4440	com.photo.android

Tries to add a device administrator. 1 TTPs 1 IoCs

privilege_escalation

Device Administrator Permissions

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.photo.android

com.photo.android
1⤵
- Removes its main activity from the application launcher
- Tries to add a device administrator.
PID:4440

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads