c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440

Analysis

max time kernel
48s
max time network
149s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
10-04-2024 14:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440.apk
Size

7.0MB
MD5

241b578fe963ad199fd5bdc0bb50f4ca
SHA1

3a9fe80e346356dd1b7a12765fc941f7d584d943
SHA256

c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440
SHA512

52e6d4a9164480af0f3c3d5e08d85d25054ccb2f6ac57bf7db7ea4f0c8b9a60a2829ac4e7310822e289fa8ee4d25d9b4146014681ef16cb404ed2a03cf2d5e62
SSDEEP

196608:p8/u+xgCR1D6Du6gUxL8wLszeEvf/QuN707b:aG+HD6yJUx9LnG70f

Score

7^/10

collection discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.systemgui

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.android.systemgui

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.android.systemgui

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.android.systemgui

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.android.systemgui

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.android.systemgui

Checks the presence of a debugger
evasion

com.android.systemgui
1⤵
- Checks memory information
- Makes use of the framework's foreground persistence service
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Requests enabling of the accessibility settings.
- Acquires the wake lock
PID:4471

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.android.systemgui/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.android.systemgui/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
f8321fdd39e2f1b740d24da004438e4a

SHA1
187708fc47f78788e6899019509e7c89a87f2a73

SHA256
0a589f3f48dc43acb09d4b3cba5251a224bea5ee914b91cdb1777c9d7d4d5883

SHA512
3aeeda37869a280a91cc5f0899fcc215f483c0e1692f078a4713637d786a12b98933c5d09b5a6c421a2f74b18c9c8af1237eaa9d087e51d3ee1037fc634ba69c

Download Submit
/data/data/com.android.systemgui/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.android.systemgui/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
1951805f3f07fb20fb0c04ff195e015a

SHA1
d93c8462c262840b19929bca777d7e7c279736bd

SHA256
bef4f9c4fd3e19bf04608fd36650406b75d2b1409bfb8e95d58ff201926303fd

SHA512
da2bc1902de8791430e26fb20bf0b919813de62b15d372b53ccccc133406d4fbc9b60c24b50f327a3fe773ac0a83061841a09b2d3421d665065aa76b2939fefa

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d0720838d35bce4eaf413d76561d636e

SHA1
8e520f34d6eb636495bf0f0c6ee476c3886cc71d

SHA256
a83a82fe708d6509e69f61592d6ec017ab7db7b7e1e763483d5ddff3c9583598

SHA512
f00f04ba9dc303d14e34a953624a02e808efdd5f1767e24fdc248a5a09bf0d933846874e5fe90621138a670cb962d1091e50bd472cc4c86822949c8a5e443437

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
aff94c85d178df8f1448692bdde2544e

SHA1
c832f3ce270da4cb23c6a02b66122b2382cd65c6

SHA256
366dc148274ebc8684235ce9e46b7cc1f388bbe0f16d9a6bb55f0137a090aa83

SHA512
c56a84b904e9c7e4c802754af917874bf54ae6eb97579a819bd0d932b5e26d10d0fda010576eae271ca701f527804386bbed548a0825f39eaa261ce5504e188b

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
688b48fe26083f089aa7f0c0dfcf8001

SHA1
34996c13357b5760a11c7fe1184574434b600b7a

SHA256
8e8b9deb5f84be821627c86196e343d628a64b3136a34a4dbb49e681208362cf

SHA512
3d82808b2d0c8b923f177315e113ecdab39dcc3f08b23b2e412545361cfa8074639dc128d4543679ce8a4b2d5a2fa3e9eedb87759189fe3790b94ff9f832c4d4

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1a949ef4821cb674860607bab3fc0474

SHA1
e390bdcd9fdd0607176dd6d13cec12d2ddf23930

SHA256
fb3a94ebaa25e1620eb1fcae755b1f47175e8070e1099ab5b30d68977508f2af

SHA512
d848ea4d565185015b6ff2dd8d1b0918179b9238c08a81bdf5227a36c416489986958519395ae19d5e0f04bff0305ca2e247013f080fafba0a878ca98e5aa5f9

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8f29a4e9d44306369670435b466c24c5

SHA1
60f5f11cd1c6aa893cc3e688443b9e1f610abf08

SHA256
f3eed9b3202388682cc28bfa8801d47cf878479ea570c3bfbf29f1216c4b2c90

SHA512
26065da184dbd10ac2b9eaaed83226cac53503e8e18062610d87d59c4cb1b8ced7fdf1f2e8ca2be6f0bc3010c6fff1278992eb851f98cd63a5e13e55b154df5d

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6294db357c4e70a2da3617a629c4ae28

SHA1
eb6905241d2a5037ce6b1ff3794a59c71f9edaa6

SHA256
319d897ea2531dda90ba88bfd570f0a271dbfab929edb16bca76ca0641153c3b

SHA512
f2534956e06cbd34673dd99790bc5ea8bf765b63bff368b678884e71d6c182aa11fa64bd785c635ff20e1ed3711cad1b238f8211f5dd2b69b91abe54077a7c79

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
4d3473e03f1aed30177120c0278dbdd4

SHA1
a6a202fa1261cf9ad92b6743c40989316751b6b3

SHA256
ba777df33a7baeefc933c81d32249a6d335e645707007208ca4d9147f40e0aae

SHA512
113595a6357b05e542e2454baf6647bf518e7e8e0a0fd71773a67e738b942fe806cc7003640082f8475a16f267cca9d333a1d22452217bccc891381d057b7bd4

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b801ccdd83465839e12bfa9fa0af5f3e

SHA1
71b314f639d25e8ea710bad57a502c1e036457a6

SHA256
632ec1810aff76db7b3ff7cba13bb9a8158acfe94b8dfe11979c83389894aa2c

SHA512
ca94e7c8a24cf939eac939baa2050da237db5cfcf0a40f914ffcf8bcb1d0213efc0e6e7a5f9b58170ae4053f1003489bdeee663c4ebb8185fd86f64afc3aa177

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ec6dd3e17ecd1d7a5bf1a3a6f86f728b

SHA1
025bc1334e5c06f8337d68e489e3d2ac6aba9cdc

SHA256
d9e35f295d1f48d84f2815e6c3088eff2d84e75c66c259af9634d47be550baa8

SHA512
58a2ca1e1d831673aa503a37b24811ce6ca334dc51a2b7bacf0d674665971f3a9bf0d63bcb85725044f3cae711981722d6b0495d823c65a5bf7a746716cd5202

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3ad5ffec87211f7e6e7d2e7e56a00f66

SHA1
31129d8d2578f33a6486b81e7686f03459ac373d

SHA256
6f06c4c0b5acc981767112deadcb24658f9099e783aca54a3ebc4c0a5a7e3119

SHA512
712c095296b67c098706027bd22403ca3e85402aabe6960632f93a411906cc1d6e3175827b3e33463314178e1944dc3da3c804857fae546e868d19e7ed8dcdf8

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ecb0d2ccabcb367dd03e3d8525427077

SHA1
a7501d44ba5b0cb9d7903a69cc1b2c1156393f09

SHA256
36fb2baa66fe81c00eb304206d70086c7278a44dcf0e605ac5cf02a6943a581f

SHA512
3e866a80b674eaf65b36bf79bf2153ea832aaa8a74d8069328f2b57491d80af64e3eac055cf061f56425a052a501400f8d37e22876d75f6fac2e90e22c1c5a1a

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
75f338f6b1cfcee69166b823c6778eae

SHA1
87205904d65c0f2c100c52a04c37c0e29191a08f

SHA256
9b605a8edd7a20a0c9a945c5d66a3f47d9c4bc0ff305e6d673f24b83c0fa8dbb

SHA512
eaed295af2740b5ee567fb6622d9d5d68b662d8b3576fcaebf44d3d3d04acd1e8edb58181619fa887d333d076d66cdda5416bd9e2805726499410fdf3d3f2a92

Download Submit
/data/data/com.android.systemgui/databases/prdownloader.db-journal

Filesize
512B

MD5
67b374fa51b79fe8e838a513a7e14ec8

SHA1
1623a3b5443b6b4b04efd44b825c5874c2434716

SHA256
da8a18e94f04890952b5e9fadc905379705e20a111fdd958a0ee7bfe4f4fd7a3

SHA512
ed6c9fae95a63e7aa83e6ede6bad96a6bd6d7eaf6599efe7d9c26de67048a686aabc9dc4a9cc8a84d7268c2a938ec14a595afd2ab7d9b817ccb1e3c58633bb1d

Download Submit
/data/data/com.android.systemgui/databases/prdownloader.db-wal

Filesize
28KB

MD5
a77d0877e850cfa7ed49afb02e0c7358

SHA1
7065a42266e0d8ef6c027f27dd9eebb5d18b9e2a

SHA256
6416a85da708c2524843a15bcefaad10033e70923c7e0a26683c09cb4c244c15

SHA512
7a981ad134ed845c0295ada7bdcc9da5d47ca3453d0853c4c4d6127cdcac82316afb86ee3a47a1c81182e2af76320904bbf2c57d018759dfc37e4848850ed3c2

Download Submit
/data/data/com.android.systemgui/databases/user_database-journal

Filesize
512B

MD5
3c0538e422354c092c7f6497b7d16ddf

SHA1
6cbdaea4dbb05c718272119120ca738e8ce54686

SHA256
a26408c0917830c2f35a17f7684fe6b7149c812ec655068efdced0fc370ce1fc

SHA512
f0d508278ffa2b998ecde6d3d36af5defaf1036d61e3ef6d7c7168231c8941bb17e63e5be3d4e5350d29f590255df1d5fcd1906ebd3bb3e7032f8d5da5b7efe3

Download Submit
/data/data/com.android.systemgui/databases/user_database-wal

Filesize
16KB

MD5
5d6bd546bff98a464b6cb67f7e6e3e6e

SHA1
77a75f8896528f8c63bbfd0e4950965ba02f66b9

SHA256
ad62a4ddad08ed3370d0e1579cfe1953babf56a44ca8b724559b83e73ceed427

SHA512
3cf8e25ffe5afe273cbfbc0fb41f39a30e56c4e828ef0433faf3e99dd18612a5e1f437957aed5bdef767bf2854bd6e3d00b64973fcb7de8c6d565ac3716efa7c

Download Submit
/data/data/com.android.systemgui/databases/user_database-wal

Filesize
152KB

MD5
911782b73ec3fbc2c3fba7a6cbfc57ec

SHA1
4d75b5665a2b5573bec0e7f166584e5e3e874ce4

SHA256
919b141ce61ef3b84df9dbf9abc27dbb7a38228ba9ce2b9f9b3afda296e00d2f

SHA512
27f3d50a85f264ff835230217232b1c75660201faa9a3905e2830fdae4388b5f4286a4ed3be7b1739519afe80a416ce559054a1ed71c1e9b6e60cf4112ceda84

Download Submit
/data/data/com.android.systemgui/databases/user_database-wal

Filesize
173KB

MD5
33dff8de592a5032683c8df3a54afad7

SHA1
9669c6abd0a3bde7124b695a326bd87fd66c799d

SHA256
eb850a93f7ea41ddf3f13cdbfd5c5cd963371961331ec1395eddd2e05c66e7c8

SHA512
a8a3708e78f7bef37e2beeedb00ec23884c8781386fdb276223c7802b7af8e25972afe9663434cfd3142e42898fbb7f3e03a0dd40d10b7b49cfa6bb21b84bea7

Download Submit
/data/data/com.android.systemgui/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66169C5C03C100011177004CE1713F6C.temp

Filesize
360B

MD5
44c2e94588272a141c9b3255401604de

SHA1
676ff1d646d0a0eec0f0b9a95a6a079a73344e72

SHA256
478f10b585dd9d3fb868f1b9c0e4583631c02aac7eabb642bf9ce9c0d1e97c8a

SHA512
fce2a66903e0e44bcfe35ff24ba7424d803068b82e70e27826e8f72b48b426c570573cf672983993a3b1ab36224172038ec5aa14c9a10048cdd387fd61d0bf1f

Download Submit
/data/data/com.android.systemgui/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66169C5C03C100011177004CE1713F6C.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.android.systemgui/files/.com.google.firebase.crashlytics/report-persistence/sessions/66169C5C03C100011177004CE1713F6C/report

Filesize
738B

MD5
7206fe852de2c7034a342aae86f576df

SHA1
e0514b2a887f6e53d851d6a845da095157019509

SHA256
92f231dfb43c925a2251d8eb2723c7e2ddc7d655087a04e45cc4606b4990c526

SHA512
05b075d35983654021ae061a821cb9456b69ece783684a648983e89179ed28ec3c5439be9901f03d8f00b4598b1cf1a9def6a7c87915b094e798e5db0e863e01

Download Submit
/data/data/com.android.systemgui/files/PersistedInstallation2773175046651300966tmp

Filesize
90B

MD5
967196d9ee1b2ad630b54e3e2620d732

SHA1
fbfea29c275b230beff4ca0191b3de259d0ac01b

SHA256
c92bc3c05f44f4ff3a5ef9a6b714548fb704255b0b6ccd8f99499c645fad907f

SHA512
fde0907a8ccca94a76cdbce96e9d493f01b3fbcbbc54fb38510e68b5292acce2a31ae04d5658184901189bc93be375efe6e29e02a5216ae13a2242cf786cfc05

Download Submit
/data/data/com.android.systemgui/files/PersistedInstallation7364650858393944495tmp

Filesize
114B

MD5
e85c892fc7e98c0559563e8eae7201c1

SHA1
1cc783e99119e7a3e3eab026c7aa9fda30172dca

SHA256
73e2799ef11d3e652ac62809cf0d57f38903b542a389e7979eddc671c7debdf1

SHA512
85bb3c9ecc84c9de744f7223b2f1deb71d916472ed10bacdf7e304fb3ad5b5c3ef68343097582359b88d8881e84d00a1748979ed65e21b2e67d13e14ce0b295e

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
d110394056145998bbfebe9f67f59c5f

SHA1
afcd45ca19313152294ac4cc0b9ca56b8dd0bc58

SHA256
b8ed55fae80fde5dce7c3be1f60df872d1cca9a655c5a51b0111cdb762841f42

SHA512
ab179a552015e26fc0feafc2a86d15aecde942059daf54db8798c30a53e4a79c6f4081be1c2b9a9891f0caf0bc8d0aaa6a425c5de9270b4a0194c43fe8fdf5dd

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
2c19ed325bd7d76358287185e912153e

SHA1
4dcbeb231af1273e57223ef5424f93862902ad26

SHA256
ebb00042e3327018395e1a4e64c9bb0f2482bdd424c67322b9b722b54595b188

SHA512
80290633722c4193d418d6541aacb22e2cf762234f1600821726b594ed96a07e78c3ea9cb9c71fa243580a33350b7264e6326c24b72ee87373149b6affa7c0b5

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
e51d79e62da7543cce14712983452ae0

SHA1
fe520edc988a54890d83514b0f84c20801f9a65a

SHA256
e4151db1ab6a6f08f7c1e5d9fbf3d92280dd054f3b35d158221e69f9f58b02d9

SHA512
c41e37d3b7fb5ef0dde0b32fb85a605e143303d94a1ccfc7966bf47559df2d0d0bbf06036799f9fe24ebd2b8843656752682c29ea774a4e744e671bea020bcbe

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-wal

Filesize
221KB

MD5
41c8ffc293f04aca436c6b9bee3eaba1

SHA1
c8d3108fefa44b23f433f0d7f85cf730ff7ee8c4

SHA256
2f865eb8ba997eb8835df1479a3e301685d963b401a73ceaf6446fc317aeba63

SHA512
493d04f2d452ebefb534d6fa8f891dc177c39018c813d4ec1867591383e503326edc8dd2898978fd97ae774a0ca16285182d6ce1db51fac485bffff89e77c7d1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads