cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa

Analysis

max time kernel
179s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
29/05/2024, 22:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa.apk
Size

1.8MB
MD5

bd2e8f5ce8dab4916781ec91cbdcaf61
SHA1

375f6c054131333695a353d619072c62a536ae62
SHA256

cdb7235f19c32970b1cc04e8bb369abeff3c7cc5a2fdef33a4bc77b3d323fbaa
SHA512

bc60981e297ce7d336d3373341d80e1dca82bdfb520832074d1d2363b1a254747e8af9bbefd8fdc254be88ea4b3636b0b26184d826a95bb28ea5fd88b868fef2
SSDEEP

49152:3Y1LTqI9aYgRJnifbOKsLDM1fjftrolQZd5aiJu:093gR0fbOKyebtUlabu

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4624

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
793346d3cb518566933f11044b0b8c19

SHA1
0e75ba4947d0208c838f05bfaca4c2d5c83732ab

SHA256
420e9b3d98d36580af24271dcdd32f8728aed72fc8b7fedf612e2dad528cd52a

SHA512
4f0e33f18dde7990d17b577c189a2b3aed7ea15ad2b25865170a39b2a1935590ff16f9854e4b7a625974c3e5ab15aec2cce60dce4e9e6e5496cf3af01f88dea5

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
f735e05f33962c5ba131bc1b85194930

SHA1
8d32823c50f5f4317f7bd1bbb600fae92cb974c2

SHA256
83d83c17328db78ff23eb4b74c16ace4b6832b259352e071736ffb472b8198e7

SHA512
2ed66671baac88a21c268d099c7de15506ba614ecbcfc1bb7cc930ae5fc5ca919fabfb4a85a0d22c9d5657ffd98d27841cb95813911b2d27ef1e590789cb2040

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
f9eca42cdd77d21c4524c6fc5029a385

SHA1
e3766f2a61dfd7d8d1262072fd2d9b32fcdad028

SHA256
b742dae01125d32d2ae49374b1c9a0f9cca709e8de4c1aec57c12a3e492fbbad

SHA512
b1edaa78517e557509257093c12ea2f11435fc1ed00ac6bb188ae7688b7ba5c112efd5a100e4508d6dee1dc07a89555ecc0af5412269ad11c88e4c5e24a6096b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads