Overview

overview

10

Static

static

10

b44418f7d4...56.apk

android-9-x86

8

b44418f7d4...56.apk

android-10-x64

8

b44418f7d4...56.apk

android-11-x64

8

Analysis

  • max time kernel
    153s
  • max time network
    143s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    30-04-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b44418f7d4ed2879ec9e3ea38ff483226b98547920df33ec59589cd92dd26556.apk

  • Size

    760KB

  • MD5

    e22b4b25203e833480be0b3216563d29

  • SHA1

    8c457e5565e468e383135de6c917e1e209043dff

  • SHA256

    b44418f7d4ed2879ec9e3ea38ff483226b98547920df33ec59589cd92dd26556

  • SHA512

    e7cadb690bb51a073b660e4ed929ed368bcab2767fb91b1e9266da4faa93f0f4dac056bd28901a9793cdc810406f32c4aef977af928df092cde6e5f1d4e9b139

  • SSDEEP

    12288:ykYArmga1a8LdecdOcc0Ft5WmpYshXZPbGwidNpgDP:ykYia1a6ecRc0Ft5WmD9idNpGP

Score
8/10
bankerdiscoveryevasionimpactpersistenceprivilege_escalation

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Tries to add a device administrator. 2 TTPs 1 IoCs
    privilege_escalationimpact

Processes

  • cmf0.c3b5bm90zq.patch
    1⤵
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Tries to add a device administrator.
    PID:4373

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads