Analysis
-
max time kernel
46s -
max time network
147s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
29-04-2024 05:07
Behavioral task
behavioral1
Sample
Gta.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
Gta.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
Gta.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
Gta.apk
-
Size
720KB
-
MD5
6b4a2a223eadda8e24b39456dfc51e71
-
SHA1
ad4cf20ad940ea309fbe8688407c4e4790ef2f3d
-
SHA256
1e7db2759852e04e2cbe3b68e7490489f561b46cd693e2fceb4a61c15a732b9d
-
SHA512
7d0585d3423b1e6a4f3f96201267debd05f36b720040c51e740dc1cc819c9458ac674b6bea402261956408a08d0503a39c8354f1e816141c8005c155bea0986e
-
SSDEEP
12288:/btZ7ieCoVBaUt+aLMwyJH9xwBZMIg4z/usT3cgtN0Fj2C6M6Rq21lgxStWD2t:/5cIVsaKZ9xwoIg4z/HT3SFjJ6MGNWLk
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.semi.translatordescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.semi.translator -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.semi.translatordescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.semi.translator
Processes
-
com.semi.translator1⤵
- Makes use of the framework's Accessibility service
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/Config/sys/apps/log/log-MjAyNC0wNC0yOQ== .txtFilesize
24B
MD529c9a7f7fd7bfc854dcea30683ef40a1
SHA164edc693130136957bd9053b5eee651912df6b9a
SHA2564e732bb8a01846ab7501f5847889eeb8b359acbc3ce5fc71d53a47d2a9ae0b6e
SHA51285285cef04719745b3bd622d158a8b718ee4d8c9e8ca29bb2e2891cf9547d48dc0c1b7430f90c53da8a478c2e36dd77e0910c7c5b668ba160fcfda6e31033900