da435693eef56a630261db9552b3c1edcd5cfd7ee75bc141a75d6593b9d6ac59

Analysis

max time kernel
113s
max time network
119s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 21:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

keymapper-2.6.0.apk
Size

5.2MB
MD5

60a715d72821705e44b0e4da6bf6b477
SHA1

a041fdee1cee8f57db6fce0460a6af2fab072aa8
SHA256

da435693eef56a630261db9552b3c1edcd5cfd7ee75bc141a75d6593b9d6ac59
SHA512

e388ec947e0305d8384828ab287b081baaad9f488fdaff5b2a768beae9b81d3d2e0176c17cda2e1ea36cd90d1f81bcf936ae1edb42079b63e0c95fb3cb7b7f75
SSDEEP

49152:+cu5jgLBXkJ9xZyfCGTjSP4F0yEdCrslHtg5V7XaBuwV+cHZaGxETDvegDmKqmnm:05Us9xwfZF9EdCY9p5aGWT9n2ofrt+Ic

Score

8^/10

banker discovery evasion execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

io.github.sds100.keymapper

description ioc process

Framework service call android.app.IActivityManager.registerReceiver io.github.sds100.keymapper
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
evasion

User Evasion
T1628.002

Processes:

io.github.sds100.keymapper

description ioc process

Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS io.github.sds100.keymapper
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

io.github.sds100.keymapper

description ioc process

Framework service call android.app.job.IJobScheduler.schedule io.github.sds100.keymapper

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	io.github.sds100.keymapper

description	ioc	process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	io.github.sds100.keymapper

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	io.github.sds100.keymapper

io.github.sds100.keymapper
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Schedules tasks to execute at a specified time
PID:4261

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/io.github.sds100.keymapper/databases/key_map_database-journal

Filesize
512B

MD5
7968da13f2d149fe1aff39e2972b50e6

SHA1
97095b00f57595a1f94dcc5eaeedce9097a480c9

SHA256
54310853c56cd69bb506150b18d0302e3fb6453a2729e65202ff19a899d9dd4e

SHA512
d5ad1134ea818463c32f298c49309aec017e0a1b8bc465cc0b73f2c8c2941176ce0dcabb504cdf61e3bf861d1609938af9efa444631eca27566b12aecd975e20

Download Submit
/data/data/io.github.sds100.keymapper/databases/key_map_database-wal

Filesize
16KB

MD5
1bee66c2a38a6926beed45d0a4640bfe

SHA1
faf0409d29fd505f6c09a5d29666544f0cd7c24c

SHA256
a95e7b6d7a2412a53180bfc2987cccc5c225e767c849f85419d0ddf64be1938a

SHA512
f8fcf9dcabebac35ac1a9aa91371cfdb656f9925e1d663d09d7844abcf9e992f97f7c5d37e0cddf13148ef3cb0a486d344bcd74c8f86aefb21186fa485bc1df2

Download Submit
/data/data/io.github.sds100.keymapper/databases/key_map_database-wal

Filesize
44KB

MD5
82e63aaf6e8ec2a96efee6b08661a48a

SHA1
8b231eaec08386ceb4c57a14fb1fc7ee795d1551

SHA256
989cded278f23afda6aa398bea10d8f2f52b41b7f85e5d550d546c3f4962c08d

SHA512
df8ced56c7978226782bb2f990947b9490de646f8a46c73e64169fedbb4ffcbfd104250dfdca65b8276a2b8a7b68c3dce038bfd1f4cd660a20534f9b37bbcadc

Download Submit
/data/data/io.github.sds100.keymapper/databases/key_map_database-wal

Filesize
76KB

MD5
71fff12bd7802f141f222084bbdfe59b

SHA1
7edb266becde16a37d653035fe38b9ba0a220a00

SHA256
469b7cdea3aa2c5f0a822136eb8144629bf85ddbcfaf551a2f34baeb04c79f21

SHA512
330e17018a711723414d30c10c6f3a1c522f838a50194f3dd558e832fd72aea6a01f8fe266f8d58d3a0b58e15126e6458e1a578c8af702f3b85c3eb71460d782

Download Submit
/data/data/io.github.sds100.keymapper/databases/key_map_database-wal

Filesize
80KB

MD5
3bdd7b5671bb1ba14224a8f95f1481c5

SHA1
1be099adfe8e03b6dc7cad187623147854a3ef79

SHA256
42bd5b4376228d511bf07605779a8e9b3356beda906944b891458a5cbcf0e212

SHA512
ca9fdf2b5b624ef2a9f225945351dbfdd2f6b6efe9d31837696a5ba01805094cae9128e83782ff575e51b78c33e8b403908defeacfb504e346fbe20cc7902808

Download Submit
/data/data/io.github.sds100.keymapper/databases/key_map_database-wal

Filesize
169KB

MD5
940aef8450f103dc201409e05dffd320

SHA1
6010cbf7b67179e1f299f2517f5aa2e4c1f86825

SHA256
39751bd031331744aa77522719f26a4efda3ea550ef5da75499e847bee5fe7c9

SHA512
9ec0ede5b4435713e4f220356e7ef26f2ac553e6e03dbb6ce07f59367a80d60fad46ce73715232a58c071c4cf478457e40ab43e9622fec7eeb0fb938882764a3

Download Submit
/data/data/io.github.sds100.keymapper/files/datastore/preferences.preferences_pb.tmp

Filesize
38B

MD5
ca15f5a6e537d0a1de0cba97fd3a3fa2

SHA1
00b2e41d2a6a346d23ecf9bdd40f223056d08802

SHA256
5e03f5b35c1b6e3d53ef44fefa19a62f09344c3f6dc425f822e0a53248bf124f

SHA512
b31bda1c8ab9c6e8b986b4199a7fbbc6df3e229efd585794e6a68e588b220682a99a1bf519c5cd9df458a775bb9ca892cb81bf00fc47441f3be36cd4a7add103

Download Submit
/data/data/io.github.sds100.keymapper/files/datastore/preferences.preferences_pb.tmp

Filesize
86B

MD5
4e4c48326183e41bac86927d77b874f1

SHA1
888456e8aa3645c76495947206cc33a0d7d8b360

SHA256
366ccbfb5411bfb6b188044877a394fe8931733f2d008227ace02dbd1da7d367

SHA512
7ccc850f388734fcd737cf5096572690ea17cf69704675da15c9633ae03eb76211da11ca6e5f1049f54e1bc4c88896837a789152020115bad8818cd6185cb30e

Download Submit
/data/data/io.github.sds100.keymapper/files/datastore/preferences.preferences_pb.tmp

Filesize
135B

MD5
ee16000cf995285a9c0f6b6d02173dd3

SHA1
87ec1f6ffc7dd6490f652b193d6f03e3fe1607fa

SHA256
ee2480875bbde3089112eead38c77215c9370ef742f25ae387343af7ec4444c7

SHA512
9175297c37711aa9df18c2e09599c42321190b952e9d04a0b61c48b847306a66f4be3c6d6827276e10338afe72c1106841eb3e4ee4815abe32d66416074e5789

Download Submit
/data/data/io.github.sds100.keymapper/files/datastore/preferences.preferences_pb.tmp

Filesize
158B

MD5
f483513c2ea0f3580e4b8f396efa0a45

SHA1
10d85ef6bf84d40d8f967e83169fafd8ab97bbe1

SHA256
61783b6305b99bf2d9e498218d9c9787075bc43342cc0df73041429ed9d360af

SHA512
d0115785b8e3bccc7ac7a5066b2ebc6f97994a9eac41ef09b7489066cc36991380e641fa69de5ba4fdf52531403715e5fd5f958cafac02e8053f0a6a0c440c7b

Download Submit
/data/data/io.github.sds100.keymapper/files/datastore/preferences.preferences_pb.tmp

Filesize
200B

MD5
63ca5019393def0b2c3a0b7a71036270

SHA1
425c3794527b2ab22b2fc86068ef298dd0fcbf3c

SHA256
41e137f694ea76ed2504d6d6e2f0c6e1f53028a2a1122db33e92bed64db9382e

SHA512
3056b20032d2a6f044851aa66f3b711fb48b6c380a23415cbf65475078d0250344aaa577e1bd084627076ba9003c337c59a41cfc5dbd17a73612e6ebd1dad399

Download Submit
/data/data/io.github.sds100.keymapper/files/datastore/preferences.preferences_pb.tmp

Filesize
236B

MD5
61cee7b63561cfb7a20444d6b4811f8f

SHA1
551401affff8b80f84abbbf6ac211eb277d8120e

SHA256
28b26c957878884978b9fbd971976db6793f12b306e992bf67e6f100223f7226

SHA512
56a70e6c5d5fd96f375ed6810a92b6ba432c175e0d15ab6eca2c0ccdbd5687342c1c663efa5dcc43e8b9206b097737b6d0dae694ea92423c059f0654796723a6

Download Submit
/data/data/io.github.sds100.keymapper/files/profileInstalled

Filesize
24B

MD5
75d3154f9e9cd76013e03e19dcd9592e

SHA1
676650745a29b4c933fe1d096286b3613f674418

SHA256
e718b442c999c9c65ce0505cfc815a917d04c338425fa428a153e766055aef4a

SHA512
93e3384726673978487a0f0febb64ec5a340b56b2a9c622253138c7c2d26250169142415a70dd0bcfb5779f2198ec4958a8211534f3cec59abbac2b02da80e33

Download Submit
/data/data/io.github.sds100.keymapper/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
92bb44a26dc5591ee6cf0fab7212bcf0

SHA1
659ec517b251deeb80712fef42bd8564a42da7ee

SHA256
25f3867cc691ae21cd3f48b0bb3f87fff1dbd3afe3cbd2c11985d5d84001ce30

SHA512
9591587dc052760c5059decf3afc65603104c321d92214360b22f9709f89a58918d88a523ebd3805433b1c9f9528cb81a5baae44239842d6c380b3ad5a90c44c

Download Submit
/data/data/io.github.sds100.keymapper/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/io.github.sds100.keymapper/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
7e6307b008ad28f04ac7e1b3ab82f1e8

SHA1
8ad57f6f28e38f1e218f08dfc59c28bcfc51d4c6

SHA256
464e9039ea75b38e320346715e4c52af1da0588ddc16373af3e963211f5ed565

SHA512
aaff2f96fd75bd50ad76cabd7d5d178bca07d9320a018e84ad384194dbe53e5e20983179678c328a12c4cd07f4966e097fd1fb855749231b5fc7548b5c238e16

Download Submit
/data/data/io.github.sds100.keymapper/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/io.github.sds100.keymapper/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
476b028d90c83f03e90ce46d30c0ca8b

SHA1
fd604bae8b6ce273f507190e06f1134431997968

SHA256
fef9eb8c52093af0c3bd574fd90d0b8ac7c0d48207c89c1d616ff2c69de829a2

SHA512
95aea3d8e9923c6a1873ee25653258023607b7f395371db243dffc3502e217fdb1bef6d3f342bf91e09e289cbd70735a5ed4236890ae9476adcbac20f12921b1

Download Submit
/data/data/io.github.sds100.keymapper/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
fb26983ee36254f5566cdc192334c951

SHA1
df240703ed6808987cf1d19f25b39edcfde81ad2

SHA256
1b5278b1384a9b3d809be07406fe8a0d37a55e3c52abda46f14160cd18f3b0af

SHA512
b2249eadf2d4a63c8e1fa7398102ca6b1f1642233365368e37a0b456d013320db5170a888c6ad85c03b661b8ebe56f029424318a0feaf70151050f2802aed1b1

Download Submit
/data/misc/profiles/cur/0/io.github.sds100.keymapper/primary.prof

Filesize
1KB

MD5
759d465fbbe7c643f07fdcce50902d81

SHA1
50b53ab94cdfac7561f17ab0295c5587033a7324

SHA256
659e9e083e65e36536e992e4a11c9c59c89dfe2839438223c817c15309ce5dd0

SHA512
fe59ec7646db52f6fa1827f67abb7759dadb0cd73212ca8bf12d50c469b0b359a589c458d720631ffcc795ea4ae9f3cefe6774be56c7d6922be063c931b0b74b

Download Submit
/data/misc/profiles/cur/0/io.github.sds100.keymapper/primary.prof

Filesize
14KB

MD5
3989a4961aea94513636574e3b9a0570

SHA1
8eb8729ec9af453aafe33aca7390dc95b6ddf1df

SHA256
a5e940c98e6a0798377e50cc0002434234f0f2e2c4012683b86cf5be4fe684c2

SHA512
9d957dcae1b061bcb4990d06752535be717b993e7d41783c87d9aca121ad1170b99089fdfc78d41898fb3776bf2b4403c51ba3a3cce1c232c5699243cbed49af

Download Submit
/data/misc/profiles/cur/0/io.github.sds100.keymapper/primary.prof

Filesize
17KB

MD5
dde519df14b91dd41e6b9ffd731946de

SHA1
e09cdd3c7f42b65898ffb95f2f832d6822dc64c2

SHA256
3e831474933fccda6f25d952eb553d43f06c44372bfd2bc3f33caa9d867067f9

SHA512
d9e411ee89d932c623f7cff407112ada30e0e4cd3e91aedf9673c91572bda598f93d8f8cb7c1306675a0611e7d5173c35ee44c231ddf12d1edeb757ffdb851ff

Download Submit