cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa

Analysis

max time kernel
179s
max time network
132s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
29-05-2024 22:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa.apk
Size

1.8MB
MD5

bd2e8f5ce8dab4916781ec91cbdcaf61
SHA1

375f6c054131333695a353d619072c62a536ae62
SHA256

cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa
SHA512

bc60981e297ce7d336d3373341d80e1dca82bdfb520832074d1d2363b1a254747e8af9bbefd8fdc254be88ea4b3636b0b26184d826a95bb28ea5fd88b868fef2
SSDEEP

49152:3Y1LTqI9aYgRJnifbOKsLDM1fjftrolQZd5aiJu:093gR0fbOKyebtUlabu

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:5088

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled

Filesize
24B

MD5
ef5d83574fd1cdfa192be7bfc063403d

SHA1
f7418f5fe1a69d75ef4db795834b0a6a9ba573be

SHA256
a00e87b6f9ad36addad41684f95feebb2fae3f7caaf301dd711164ecb7e310a0

SHA512
773696a20841096af16686cfb423e9d0f88625a8a7b0d75abbe7be600f39cc0eb45940ff16a388ed3e3670d6f05d195617731240afadff06fe1f2aebcb662c8c

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
ef49d84fa6edfa209f8eb791c41bbe19

SHA1
b91f48105519a51dbc1952abdb0ac30fe02a72ab

SHA256
31bfe413e1ccbc2d058b6a9001376426e69c26b5e6c8245b401ce0b01f174221

SHA512
181eebc78f0921acd0c9a29bb7f4906031975e3c573a0a85661fe92ca92588be8fab470fc3b5ca7f83340bf6b0a003c1e421cf16bd47bf6b234a6cf6d9057127

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
f735e05f33962c5ba131bc1b85194930

SHA1
8d32823c50f5f4317f7bd1bbb600fae92cb974c2

SHA256
83d83c17328db78ff23eb4b74c16ace4b6832b259352e071736ffb472b8198e7

SHA512
2ed66671baac88a21c268d099c7de15506ba614ecbcfc1bb7cc930ae5fc5ca919fabfb4a85a0d22c9d5657ffd98d27841cb95813911b2d27ef1e590789cb2040

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
cf24b01c56561019a6066784d67c22d4

SHA1
395333e60a276137d85205d97cf86abaf60b186e

SHA256
b1897df222fc082f70ea5ac053ffdb252d22aa3868ca10008bdbfe4680750128

SHA512
716d6e879cde5af2884dab2d41892d19ea9230ef92de89fc3f5c044ffe597897690557de5849bc60e42bb78e5475170df2776d9b951dda0c92b5ac76cd4863c4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads