Resubmissions
23-05-2024 07:38
240523-jgwxashg5y 723-05-2024 07:03
240523-hvttesha21 723-05-2024 06:23
240523-g5t2hagc61 722-05-2024 03:55
240522-ehay1abe3w 7Analysis
-
max time kernel
610s -
max time network
628s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
23-05-2024 06:23
Static task
static1
Behavioral task
behavioral1
Sample
CANARA BANK AADHAR KYC.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral2
Sample
CANARA BANK AADHAR KYC.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
CANARA BANK AADHAR KYC.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
CANARA BANK AADHAR KYC.apk
Resource
android-x86-arm-20240514-en
General
-
Target
CANARA BANK AADHAR KYC.apk
-
Size
5.1MB
-
MD5
d90a6ead45b6e5149c7c64217cca51ac
-
SHA1
47b658b064cf3fad14194dced9145ef33b2bf897
-
SHA256
afec45c1051376d3e8fc57ed5bbe33cb619ab71c88ee20920bb1384ee5c6ea54
-
SHA512
59ec7e7ecb83e0e29959ee74e278b4944b2bb2cba9107f159c93063464af2da92427b0391ba033a3c4caa3ba327032e2922d57f2ed507a513f1c0e44daace85f
-
SSDEEP
98304:XKMrJZC1oPBy7ESY173tT9dXKzr0kqqy7jtLtqHgwX3PmMLtuxMDyICcLcOT:aM7oETtTXEgkqrRt67kquIGE
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.my.newproject50n13description ioc process File opened for read /proc/cpuinfo com.my.newproject50n13 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.my.newproject50n13description ioc process File opened for read /proc/meminfo com.my.newproject50n13 -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
com.my.newproject50n13description ioc process Framework service call android.app.IActivityManager.setServiceForeground com.my.newproject50n13 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.my.newproject50n13description ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.my.newproject50n13