8f5e217c3f0b851c992dd53d2b1d5dca67f9a800e31be642168a0cca59fcc67c

Analysis

max time kernel
175s
max time network
135s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
23-05-2024 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8f5e217c3f0b851c992dd53d2b1d5dca67f9a800e31be642168a0cca59fcc67c.apk
Size

1.9MB
MD5

bcb21fd950a595d6d55c28c2a55de6d9
SHA1

c5f228e10b8d95574b05be845adc25a7fe23b3fa
SHA256

8f5e217c3f0b851c992dd53d2b1d5dca67f9a800e31be642168a0cca59fcc67c
SHA512

6053e42199e1a60926c73246388d3fbfb70edd97f201f38c114583f3a69b5426b16e134c974cd45b8c172a13136598a6172a8ffa7c8e435402fc4dc183af276a
SSDEEP

24576:tY1eMNik15tH0tY62oTGes2PfZ543XQowakBjiMope7ufc7V1jf8cauHRO1W0RKQ:tY157tHnOpPR5agJxBeMo6Z1aR

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

T1516

T1513

T1417.001

T1417.002

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:5116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
dfc0ca1429a587f2d4113fed9653ce29

SHA1
d414df2db609939ad36955e3ec88ce8b1e0b6bd4

SHA256
464ad1fb8544c730201ffb6fa1415770b15dd0fb1cf5c9435287487a37f0aa9d

SHA512
45a6e434be46e2bf24af1ec5d967d70414fa5ce6bdb6d300c66b056da393083dc8d4f5933beb99d53f48d8b857d9ff5b834a99e5da32ab61faa7c93cb344cc83

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
fbc31b25fe8936eac3c3e4665cb3d518

SHA1
2a5a88cccdcf8d48f86ec129ecc6364b5084aed8

SHA256
744495bf5799bd99795187333fb6b20abc2de7729160ede8e769f73d628616a0

SHA512
e9f50d40eb59d168de916ff080ca662eea2e3ccaff95e134902771c2d27ddfad4f808605682718b4384f074a0f4a9f6ed6d5409ab99a04839b5a1772a0aaee39

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
80b860cd51c06ec51cb88e81f5502ef7

SHA1
6477b76c320c9d935b43bdd7823a82e6088b1b6a

SHA256
d7bda263d7bff2be34821b360aee1498c1aca9aa213c7601ca33a1dd4ecb5f97

SHA512
c616c3cdba4e18f30961590009520f2faa89a356a0dacd71e2a22a41e8173e3f38963a909315e6a7760404c7c669ad678d315eedbfd40a8133019e1cbe4959f5

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
42ef1a1c029c8246d61ea524a03f30b1

SHA1
bf22842859898a85ac379efaac343f5036b3d1da

SHA256
8f46b9e07d11be00805d749bcf110c61d055cf0c4d05fd1ecfbb9188200be37a

SHA512
dfff9824feda278dde66ce0976b2c7d92f3c81a1816371c3c6b7f4f746cf2fd04072b7fce9eb9686e00e70b462fa86f9ed9da631bc29bad670e209491baee92e

Download Submit