6a775c7d85f5caa06e9e8a09aca77bedf597f953c1bc0309e53f29a1097d7afe

Analysis

max time kernel
178s
max time network
180s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
20-05-2024 20:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

15be150e6bc0434a9fc865eefe840990d57fb63cb078c19abc45f79adf587f3b.apk
Size

765KB
MD5

f348eaec5ad5c7fa51b0d0abb6d50cea
SHA1

a3d32e31451414db26b224e1f4900c5bb7d5350d
SHA256

15be150e6bc0434a9fc865eefe840990d57fb63cb078c19abc45f79adf587f3b
SHA512

d5c9c1140634c3af8562dd7001eadd12852b84235c02570e7bc2d8bff74b2beb7b0059a229a3a5db2caab9584cd67e7fb0d9e5eb42ef733394bec4ad97b80ce5
SSDEEP

12288:9BBZRvSaqKGkMzIlO5WmpYshXZPbGwidNpga:nBZR7qKXMzIlO5WmD9idNpd

Score

8^/10

banker discovery evasion persistence stealth trojan

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Removes its main activity from the application launcher 1 TTPs 1 IoCs
stealth trojan evasion

T1628.001

Processes:

cmf0.c3b5bm90zq.patch

pid process

4216 cmf0.c3b5bm90zq.patch
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

T1541

Processes:

cmf0.c3b5bm90zq.patch

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

cmf0.c3b5bm90zq.patch

description ioc process

Framework service call android.app.IActivityManager.registerReceiver cmf0.c3b5bm90zq.patch
Requests enabling of the accessibility settings. 1 IoCs

Processes:

cmf0.c3b5bm90zq.patch

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch

pid	process
4216	cmf0.c3b5bm90zq.patch

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	cmf0.c3b5bm90zq.patch

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	cmf0.c3b5bm90zq.patch

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	cmf0.c3b5bm90zq.patch

cmf0.c3b5bm90zq.patch
1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Requests enabling of the accessibility settings.
PID:4216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/GroupMe/config20-05-2024.log
Filesize
52B

MD5
23f8a84c02cadceb6fefd2aed268d9d9

SHA1
b4098f652b165bffe042bf8610dd53e385a7b71a

SHA256
79610bf68e25fc282dc89bbc604fc618ef60557156d3416369e131d34e74bd75

SHA512
e3e2907f70f60c3901e79f590278679c2f8df2bb00d96303950d513d4a99f4791e9e24d5fe40661ac247dd7609ce1bc0ffd84ff5a2dc9ddeaabf03660c1f7cb5

Download Submit
/storage/emulated/0/GroupMe/config20-05-2024.log
Filesize
57B

MD5
c3033097a704a34e5a27d81caeebe2d4

SHA1
0560ca9ed0aaa5dcea2a3d97e216ecfa06830db4

SHA256
5e36b97ea92ebdf64b2bfc977c63ce35d618494212d153407d43187ee6541da1

SHA512
b2135ff6cbe5a294dcb0fcffd28e00d384b045cc00e7f0ce9b1c5510c710df917647a698da0fdc49e504e28bfcf5f16052e0338afadf23527de5a2a498c05534

Download Submit
/storage/emulated/0/GroupMe/config20-05-2024.log
Filesize
61B

MD5
2bd2322352980802f95b55d9f8bfe2ad

SHA1
2c31e237c7c997e7fe934b2ac3c1beb9fcc54c71

SHA256
e61dc3832f1059ca8ec389c8033b75fef6d2ee066da4841c732c5054f8637b9d

SHA512
e3b76212e02ec3e3882ba26d2237902c3e41d66db444d93e2ef54166ae9d93151bd9a50243dd5befdc2460b8286d0d70d49c84e378928c283ca7cc5e1d263f2b

Download Submit
/storage/emulated/0/GroupMe/config20-05-2024.log
Filesize
63B

MD5
ed63b5e206598e2bba05fa2dcf56172d

SHA1
a4ad0a7b00aaaebc7c303f4eba669b3dbcb614f9

SHA256
42df9801c4b40b72e78765e8435d020c6cb4228bce26acdc15cca09a3df4682a

SHA512
3cabbcb3c5172df683c129a57cdbef43b35c6e32f27c98136ee7099866edec26322eddcec32497cba7f98941f1e894f67356289c715a49e2f75ee2ac5c8ae0be

Download Submit
/storage/emulated/0/GroupMe/config20-05-2024.log
Filesize
219B

MD5
d0fb24fb310967c59d7ed0b0e3c9022c

SHA1
c53d517e105f314f5f06581d64a7b0fcb0c01992

SHA256
299c9c8e6482fdaa5d51e557df3ce23e1743cc81da7d503d2ea9acabe2d1016c

SHA512
b17c4952353285ebf0198eb6f6ee2b7156c96a0283908559a08bc6332dfe8a8c2ec54269fd529cc4f06376a0061e51b6ca5306be893b2158614c17ac0146641d

Download Submit
/storage/emulated/0/GroupMe/config20-05-2024.log
Filesize
262B

MD5
4237207587d0364fa5ab61ae8b2e26bb

SHA1
97fcc69e7fdfc678e0452c6310bf3d3b8300d23c

SHA256
a57a15927baa117879f60733224511329d2f188033209f2624d8660cd354aa74

SHA512
f529cc1bb48f4f8aaa6600d2a773e2211c73a1e89974aea30629b028861bc3842af7997eef8b86ec865e4244500cc1da0b23a5aa0419ebd694ff8e817002130c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads