8b48c12522aad0a2125e71a08403e1c6590295de30a12b97e9c2404caba03d69

Analysis

max time kernel
179s
max time network
142s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
17-05-2024 18:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

31c1ae3e642515ca64656620f075e3ffd3258e9f.apk
Size

98KB
MD5

2ba22b1922de68634d7729175c29bf55
SHA1

31c1ae3e642515ca64656620f075e3ffd3258e9f
SHA256

8b48c12522aad0a2125e71a08403e1c6590295de30a12b97e9c2404caba03d69
SHA512

42bef73a04c222311754002ae412ff277b39f9cae26b73cffd1f0d765d3adfdcce761caba93f4a31ee1f767bb5ebfa7da55fe8ffe5b0b155c467d438b400de8d
SSDEEP

3072:qfpK46Ft0qPtsxaQCb2SuT6mKOzJv7L0wH:qfk4feAyZJmKOzJjL0o

Score

8^/10

evasion persistence stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4558	package.name.suffix

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	package.name.suffix

Requests dangerous framework permissions 4 IoCs

description	ioc
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

package.name.suffix
1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's foreground persistence service
PID:4558

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/.apk.apk

Filesize
75KB

MD5
a1a86552141bda3b9713014780192a11

SHA1
134b53eb8b772f752ae4019b5f9b660c780e7773

SHA256
a16ff645695e230b9188b80829c021c44d2a80a2bb904dac2f6e96d981943502

SHA512
deb8b634f3724d52edf65875ab5e11c01b1406a684d9b57e87de11b0918f78a17fcde0a9dcfc4b08709ebc3851327670bf792fefae523cd972c5fc7318aa54c2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads