7595b511485ac2b6eb4091a17cb0ddb9c4a0a1327d9e4195b25a0c0fe2fe941a

Analysis

max time kernel
129s
max time network
140s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
30/05/2024, 22:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7595b511485ac2b6eb4091a17cb0ddb9c4a0a1327d9e4195b25a0c0fe2fe941a.apk
Size

1.7MB
MD5

390763c8f408de32d79e5bac0f7a3d2b
SHA1

f9054b3e90583ac53e7ec346dbfb9ecf88d8e5cc
SHA256

7595b511485ac2b6eb4091a17cb0ddb9c4a0a1327d9e4195b25a0c0fe2fe941a
SHA512

60a656a046ac889cdf4c630774841e5ab51ae432b7205afb1ec15e2c926b9804fdd5acbad53eb8454181d30778d98d02b50db8865d5eb37980cd33516a5d2268
SSDEEP

24576:PTY1iE434eDetkJ1LVySGwrDXVIdn0qEYE8VOnjzF771G0uzX5t5qZv81r+EgS:PTY1i5skJ144/qEYEwCfuDJ1N

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled

Filesize
24B

MD5
6ad3a6acf72ad5a95978c59e0ef5febf

SHA1
2dd97847fd10e2c76a20c7b9c6cfb3e98ca0cc4a

SHA256
dbe750e6307abc4782b8b5712ed03c9c58eec49bc08e8102b71af9018d765ca1

SHA512
0f5166d78740dea2a13c6a798218eb0508c56614c7aa59dc510b1da74f4db6280e282d85914c7782757675a54b10c12984f7ce85d890048257b0abdcd3b00a3c

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
5f3f5f753e5900dcdb81d62c726df2d9

SHA1
e2a156a5151d8e50ff3bcc246969f34d178481db

SHA256
4b03435d8359ca3100794520a71cc3336767c8fe01afa3fea79280872b47d2ca

SHA512
0f5f7c9a39402df6bc64174d508d2f420af1a69e228d67ee3eb9699d37a38618a019692df1389a3c4bd73ff3171a6229ac5fe2bf6d456f7a6cd4865344b598e9

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
5094b01be596982704b2a6e0caca8e14

SHA1
04340638fabdd1bccbcbbbc79d63425fbd9d24fb

SHA256
c0b92b907c16a8cefe4c1e3ede1077177336151f04c7d7397459a4ab7873afb3

SHA512
0726d59e672cdba2aeff3b77110125acc2a6f79b4b1f7dc3eb8be849be7baa7757b62d1b3899305ae0ec3460aac63427a5e080f134e6ff4136cb7e55deb2618d

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
1cbe04fd522c9bc4f32cdb52c0dee31a

SHA1
7be0e7bd92599431aadc5cb703f563fc3fc105ba

SHA256
5d0200f5bc9adfeee46244f6d8377bee44cd08c97105e5889fee2a8942019358

SHA512
bfc14a0b882bc77ce4b64ff0b59015b1cb638f8e74a64ad62f8015ab537bb551eec854550322e6c954e804aff30defde7773f35b15f116cc14d5a1ef89dbb565

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads