cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa

Analysis

max time kernel
120s
max time network
155s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
29/05/2024, 22:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa.apk
Size

1.8MB
MD5

bd2e8f5ce8dab4916781ec91cbdcaf61
SHA1

375f6c054131333695a353d619072c62a536ae62
SHA256

cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa
SHA512

bc60981e297ce7d336d3373341d80e1dca82bdfb520832074d1d2363b1a254747e8af9bbefd8fdc254be88ea4b3636b0b26184d826a95bb28ea5fd88b868fef2
SSDEEP

49152:3Y1LTqI9aYgRJnifbOKsLDM1fjftrolQZd5aiJu:093gR0fbOKyebtUlabu

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4316

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled

Filesize
24B

MD5
4daf1dd7cb12e982bf4d364dfa256bc8

SHA1
2f112eea33ea7073826a5b98a6571e48275fc9c3

SHA256
b0e7b377dbcf72969cfad21414b35f82fde1b62789d837aad3870912b4bd4ec6

SHA512
063e6ff2aa16edb48c5ca362a04ba0a85559c71bd643d63171b073a9b98091c8be0154977f839aaf8e6ce72fb17a3a4f3a5e30adf22d6d2ac8141d4937631cd3

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
9941c29480c414a276faf847af42d71b

SHA1
02cf4bc31d4ea4d3a23e1a54bcce99a318d02ae9

SHA256
61308a89b952b209c7844d25dd1a29be7d5e8992f10834a90662030233c6f059

SHA512
653ef6486a783677e11c8f7287133f1975a5ddb73741ab32e7e5bb2169b3483da57bedd951d2e4c1d03c520e133701af22cfca896c8bf93e1dd25ec2c1c8a65d

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
f735e05f33962c5ba131bc1b85194930

SHA1
8d32823c50f5f4317f7bd1bbb600fae92cb974c2

SHA256
83d83c17328db78ff23eb4b74c16ace4b6832b259352e071736ffb472b8198e7

SHA512
2ed66671baac88a21c268d099c7de15506ba614ecbcfc1bb7cc930ae5fc5ca919fabfb4a85a0d22c9d5657ffd98d27841cb95813911b2d27ef1e590789cb2040

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
115206ca7c233d7ac439737b9347e57e

SHA1
0a94fcca70b83c0e26db74a66bfb898361b65585

SHA256
730def33dce6dd5764829d3ee8c2dfc8558e4cd56c93e4905ee27d9937733672

SHA512
83895d60327666a9c0ef931422f8871173661b87bc9832d3cfba627bb1674b49be6f6d3dc5e875c2204fd092b969bf15ae603848cee9f69a97872bb569d42834

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads