ce7e96453d0085eb1b41dd88d5cec1469693edf01ede55ae91c150bb673b7554

Analysis

max time kernel
120s
max time network
136s
platform
android_x64
resource
android-x64-arm64-20240506-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
submitted
11/05/2024, 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ce7e96453d0085eb1b41dd88d5cec1469693edf01ede55ae91c150bb673b7554.apk
Size

2.1MB
MD5

b3ec4a29581fd5fdc8df403ffca6cf61
SHA1

e3ccc2d215a959ae9b23a7fabcef6b13372f3174
SHA256

ce7e96453d0085eb1b41dd88d5cec1469693edf01ede55ae91c150bb673b7554
SHA512

1e99e50cc58c9a273040aadc62c9eab6ef2012cdc3b19e7fac7ff54853c625a2e009ac53c8c91d4b0a0e525eb902918113e33b2548a043b38ec35fd39f122cfa
SSDEEP

24576:9SFClMQD0Wqu4tjgFsIxin4aoTo+J5jxtkUuQ0Rjs1aU1Vohl16iTbb3:gFClMQD8tjgFNTo+P/aRjjD

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4944

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
7239ff48abc27e02a4ad65d8d5931925

SHA1
8cf404878361d486316c13ecec7c79a0f4bf3021

SHA256
b8f6b5d6e9a609ad8d25a702ad660baa5fe8bca9d95b90d0f6ad2d7a34542bac

SHA512
3c8fb5a1d44737a7273e2fd915bfb65d475748d1574049f38d257211a97c8a404e08e4561a05d1144480e98bb77b32f668d354c22bcaff98cc7960d43bd113b5

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
4a74a79434c343d21f7cff7b29e9d5bb

SHA1
956ff588e6fa69dfca327d5b643c771a40ef289c

SHA256
79df26fc938f888a9127967705a52b8b71c53c0501b744b2f6e9467918a1cf94

SHA512
d5f20e6c1ce210a5e66c3fa65d9fe088cfdeb67c5fb6b2f98854c83c82d930d3f78d7e4c64cc093a6bc67e753aef6d0e3ef6a55f6a782981a19d401db0433f4f

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
663876f1bf2393d8c5ff125bb11efce3

SHA1
510f1a75c9b2160ba61013af6be5499b9947ec81

SHA256
676095640c7eb0d0e2828a0d48c9c4f5789eb67e92c850f368efce7a8eceaba6

SHA512
a6fb44893cca76bc6dbd55a5a89f4e0e39dfd764f173dbcdbbfc5083aaeba5fec93e5ac4decc293d439f30ac4e28a8cfef060aa45381413d922087cee5101ee9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads