058de750a4a2402104e4bd22179f8432050c98ea88b5bfec2f065f6dc2a950f9

Analysis

max time kernel
179s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
17-05-2024 18:18

Target

058de750a4a2402104e4bd22179f8432050c98ea88b5bfec2f065f6dc2a950f9.apk
Size

1.7MB
MD5

355be1a192a99533fe8a429f8670cdf2
SHA1

a1db1705447533a02a1f90d8bc4e1a1a4eb5d832
SHA256

058de750a4a2402104e4bd22179f8432050c98ea88b5bfec2f065f6dc2a950f9
SHA512

c71d382164c7f39e1c8f4e4a1ff9bf802a8a289ea81791119a46d0f08b34fc893520da227947e2f5a2e7fc2bf3e25d0cdcd000501262f6bd2f1eb0ef14b1e124
SSDEEP

49152:/12xwG4bZ7Fh0a+AjtI/gyrMvZSXiKeW7G6QaQR6VTfNG:t2xsZZhx9jyCo/HSIb7M

Score

8^/10

Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

Input Injection

Screen Capture

Keylogging

GUI Input Capture

Processes:

gover.may.murder

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	gover.may.murder

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

gover.may.murder

description ioc process

Framework API call javax.crypto.Cipher.doFinal gover.may.murder