hxxps://github[.]com/evilthreads669966/EvilScreen/releases/download/1[.]0[.]1/evilscreen[.]apk

Resubmissions

28/04/2024, 04:47

240428-fe17fsgf71 7

28/04/2024, 04:44

240428-fc77zsgf4x 7

Analysis

max time kernel
19s
max time network
152s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
28/04/2024, 04:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/evilthreads669966/EvilScreen/releases/download/1.0.1/evilscreen.apk

Score

7^/10

collection discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://media/external/images/media	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
- Reads the content of photos stored on the user's device.
PID:5021

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Data from Local System

T1533

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.android.chrome/files/Download/.com.google.Chrome.kNtM6P

Filesize
1.5MB

MD5
146acbcd022c12a815a08aaf0015adb1

SHA1
e2fc3ee020f8748f3e64643a5610ea437711363f

SHA256
cb75ec0b53d09ddad5763d3d93aca271ecdcf5416220e1c12eec20a3b441e135

SHA512
8422143ec54997032838780a3223e01cdd233fc581d08f5e33eb1dbcfbf9de858e053a1926e7fda11c18dc7b0a0f718e7ad8dca9580bc449d29c0ba2b30a65cd

Download Submit
/storage/emulated/0/Android/data/com.android.chrome/files/Download/Unconfirmed 668578.crdownload

Filesize
1.7MB

MD5
61bfb2f5abc9bb58e807b7ecc512470e

SHA1
867ffe43d5a2f4105b4123aebe318852e0b1a398

SHA256
23362274f222e31ee97317f88c660e6e367aeebfb217e2659cc02da3f47ff5f5

SHA512
38396b7caa37f3fa875cad7a22823a8762806df53c2aba4badf733dd271b5e2d2c0a4a7f34c58ef8f76b2d3b1e7f64ed7908eeedea6dae6996be5978b32ce368

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads