Analysis
-
max time kernel
159s -
max time network
142s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
17-04-2024 22:00
Behavioral task
behavioral1
Sample
46c4692cc21ab9efd8968e62eba409e946f1469c85fdd3a0efc8ff4c0a7c5a62.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
46c4692cc21ab9efd8968e62eba409e946f1469c85fdd3a0efc8ff4c0a7c5a62.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
46c4692cc21ab9efd8968e62eba409e946f1469c85fdd3a0efc8ff4c0a7c5a62.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
46c4692cc21ab9efd8968e62eba409e946f1469c85fdd3a0efc8ff4c0a7c5a62.apk
-
Size
764KB
-
MD5
89aaa304c5c4c966329d6bb083311d07
-
SHA1
4d5454fce70893d2b9ff72e196c5ac3114f9be6d
-
SHA256
46c4692cc21ab9efd8968e62eba409e946f1469c85fdd3a0efc8ff4c0a7c5a62
-
SHA512
0c7e238e9ffb2c8d46c01e316089da59be7c156246df04127a2935cf6357320d4d5574557b25a8449ff55606099fb51712845653be6ebc601343bdde116eeaa6
-
SSDEEP
12288:cdCMva1a8LVehS0MA5Btp5WmpYshXZPbGwidNpglF1:c5a1aKeh7Mktp5WmD9idNpa
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 1 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch