Analysis
-
max time kernel
149s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
16-04-2024 22:00
Behavioral task
behavioral1
Sample
1ae5a4d05533ec92728e18c4a581aa2242463216f582021d547ccc30cf321ce1.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
1ae5a4d05533ec92728e18c4a581aa2242463216f582021d547ccc30cf321ce1.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
1ae5a4d05533ec92728e18c4a581aa2242463216f582021d547ccc30cf321ce1.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
1ae5a4d05533ec92728e18c4a581aa2242463216f582021d547ccc30cf321ce1.apk
-
Size
744KB
-
MD5
080532f5b557453a4625fd58094c0489
-
SHA1
794789af286c4fb0c27f21c0d4b20b868dca35ba
-
SHA256
1ae5a4d05533ec92728e18c4a581aa2242463216f582021d547ccc30cf321ce1
-
SHA512
65be02d25670750624fda58988987cee562ee19cfd70c0b4cb76a54e445ff0120f944ccda89dd799b9ea767c3b399a8f9f2c0dab5d8a45683bc88aad2fcdc872
-
SSDEEP
12288:usZmRGkBX0yh2+x6FQV/ISRkC8xLl8gJP1jAjD6Lr:usZmJSywW6KJISRkCul8gJPijm
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 1 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch