7f462387a033f6bc4956c1d7d93ded7989594370f5b43864a98452872bd1410a

Analysis

max time kernel
132s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7f462387a033f6bc4956c1d7d93ded7989594370f5b43864a98452872bd1410a.apk
Size

2.2MB
MD5

f27c853c9837498a21cdd0df6f13a3da
SHA1

a03e8ce1eb3a07d48f078c1d20b2fc65d62e136c
SHA256

7f462387a033f6bc4956c1d7d93ded7989594370f5b43864a98452872bd1410a
SHA512

4667453f4d5286247761a56bdbc0096ebb50802def4d620a584435e861d4192c5e2f6ca5282f7425ff924415152712a2e5dad6a991974d5b4315928b5a9c5428
SSDEEP

24576:pAFClMQsICbjS4Nt+L12nkNPbCnsV57AmOIw15Ki8MjvNjiXJmcI4HwkAdFMpdH1:aFClMQvb4mxqoPCya5R8M7RuQaQ+sjC

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

T1516

T1513

T1417.001

T1417.002

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4326

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
8c929a21995a39db75a8e6a71b8b1e6b

SHA1
84719358d27171ae8bd0abb4dde09beaa9717b65

SHA256
ba6f7f895170dfa72c41eb24ebafc36ca9ec9a89fd03356b697de597ed7cd23a

SHA512
0405313db7bf7640d767f9a209bb6fe6cf87360e6a00d8131cf2c214fd87034200b81d7bab3f959f11191c009d72840769a3901219e250b39742d5ddf118fbf4

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
579f2ee83221dc8eb6b46d45d75524a4

SHA1
915e175be0ffb9f258faceade190369ff5255ff4

SHA256
650ef30492c79396e0c26403822f216e0f19a87140966cf2c8e7f449001264c1

SHA512
59fe3338e751ca822b7d3c05b1f2d4f32839644d7d562fa64a3972a50399112ad74229b8995df19418c232dabc326373d7090b14bc87f0d2391c09fd12341a5e

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
c5410007912e083bffefd5b76e40224d

SHA1
1d43645fd076f75df13f430b5441d028778fbfa0

SHA256
cb770f333013f854842d25c5b29b8ad849d7a3b2352244d29814e2e2c3f678dd

SHA512
10d320eeed77d581b088966c620a3b9d45b2249782988469857ef42a352bbc2d183a18adefcb79725b58bb9d24e63e0096d32ebc8c6612e96ff32712b9ea43b9

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
cd3365aefae0b2920a5b10f33d3b90f2

SHA1
ce33563e19f85ef8f952182da2d606bbf364b47c

SHA256
a9f681cdf74ae3d09d290b1328452cb15e48e7f4b9df96646ddf992a4c6a389b

SHA512
a4654c29f30fee01807189c7ed2571bbac1c4ed94ef6324964fbf6da5180162cd1646c31b8a636ab63fbabc437f8cd814d23b3043c3fea8d9bcafee5dd43907a

Download Submit