abfbe0a094d8601da53cc5a1f6605bea08274790a43324f891a980a0d78981f0

Analysis

max time kernel
3s
max time network
39s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 20:53

Target

Victim_1.0.apk
Size

6.4MB
MD5

99d7ca57067e2e849d46a2f45d954ed8
SHA1

40d9cb4b63d4d158f9552a86bd4ea73734e2c9ea
SHA256

abfbe0a094d8601da53cc5a1f6605bea08274790a43324f891a980a0d78981f0
SHA512

e42dd6fc6188815a0448eb7142cc8364eb6bfafa5e5138a09ac4457a817594c0b40c7d34068a9f4d25fc6132db15c863bccf625e0b5b6317f14112697ef8e226
SSDEEP

98304:TKgMZWQrzM1tGP+Srhgi11l+94hXo7iHtc0BxO7du4n+ddn6bKhaTlU7o7Bk8UoB:GxM109R14yeiNjxvn/eU87doU

Score

8^/10

Requests accessing notifications (often used to intercept notifications before users become aware). 1 TTPs 1 IoCs
collection credential_access

T1517

Processes:

com.my.victim

description ioc process

Intent action android.settings.ACTION_NOTIFICATION_LISTENER_SETTINGS com.my.victim
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
collection

T1409

Processes:

com.my.victim

description ioc process

Framework service call android.accounts.IAccountManager.getAccounts com.my.victim
Reads the contacts stored on the device. 1 TTPs 1 IoCs
collection

T1636.003

Processes:

com.my.victim

description ioc process

URI accessed for read content://com.android.contacts/data/phones com.my.victim
Reads the content of the SMS messages. 1 TTPs 1 IoCs
collection

T1636.004

Processes:

com.my.victim

description ioc process

URI accessed for read content://sms/ com.my.victim
Reads the content of the call log. 1 TTPs 1 IoCs
collection

T1636.002

Processes:

com.my.victim

description ioc process

URI accessed for read content://call_log/calls com.my.victim
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.my.victim

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.my.victim

description	ioc	process
Intent action	android.settings.ACTION_NOTIFICATION_LISTENER_SETTINGS	com.my.victim

description	ioc	process
Framework service call	android.accounts.IAccountManager.getAccounts	com.my.victim

description	ioc	process
URI accessed for read	content://com.android.contacts/data/phones	com.my.victim

description	ioc	process
URI accessed for read	content://sms/	com.my.victim

description	ioc	process
URI accessed for read	content://call_log/calls	com.my.victim

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.my.victim

/data/data/com.my.victim/app_sslcache/hayam-239f3-default-rtdb.firebaseio.com.443
Filesize
8KB

MD5
1befae9a1f0d05b01c76c2704be4e752

SHA1
49c421c3c87e9e93e4094a4270973890707aa8e5

SHA256
f04ab03943d298d446971d164a351d33b8493ad6b8bd1c085d0e5a2f074c3ab2

SHA512
9e97efc2f3ad4d6a789f3ff15f04f7c151372d85eb9b1ebbadd51a25e84db336d39d514e75a687469a3e5a725d55738f11e7a763ebea09e3dba976c81cf3fb7e

Download Submit