7595b511485ac2b6eb4091a17cb0ddb9c4a0a1327d9e4195b25a0c0fe2fe941a

Analysis

max time kernel
129s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
30/05/2024, 22:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7595b511485ac2b6eb4091a17cb0ddb9c4a0a1327d9e4195b25a0c0fe2fe941a.apk
Size

1.7MB
MD5

390763c8f408de32d79e5bac0f7a3d2b
SHA1

f9054b3e90583ac53e7ec346dbfb9ecf88d8e5cc
SHA256

7595b511485ac2b6eb4091a17cb0ddb9c4a0a1327d9e4195b25a0c0fe2fe941a
SHA512

60a656a046ac889cdf4c630774841e5ab51ae432b7205afb1ec15e2c926b9804fdd5acbad53eb8454181d30778d98d02b50db8865d5eb37980cd33516a5d2268
SSDEEP

24576:PTY1iE434eDetkJ1LVySGwrDXVIdn0qEYE8VOnjzF771G0uzX5t5qZv81r+EgS:PTY1i5skJ144/qEYEwCfuDJ1N

Score

8^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4627

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
7d1f83d6a7f88cb1e37a2ee7324d1e86

SHA1
8d0dfcc6412dfaa94222957bf002e209b5918638

SHA256
5501335b23c82d24d8872f6bad81bf70dc30681b199ca33e804e88a79aabe093

SHA512
201b8af46b480cfdfe066213b174b21275525166cd094c8e712719b1fc3b0b3546177927ed9a5b318c1c3d92c209a2e7813bb275e284ba676768cfcd93a42cf0

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
5094b01be596982704b2a6e0caca8e14

SHA1
04340638fabdd1bccbcbbbc79d63425fbd9d24fb

SHA256
c0b92b907c16a8cefe4c1e3ede1077177336151f04c7d7397459a4ab7873afb3

SHA512
0726d59e672cdba2aeff3b77110125acc2a6f79b4b1f7dc3eb8be849be7baa7757b62d1b3899305ae0ec3460aac63427a5e080f134e6ff4136cb7e55deb2618d

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
324e207ba4b83ad82e19dc01e18e2348

SHA1
b889d2e568374f1b48396f8d80b05dfeb2ffe47e

SHA256
028c328a81f156c08b829d6b7e7b0bb6fe9d5cf7cde008197d87f3110dbc70bf

SHA512
b3f4a587d99164f8c104e2a97c246ab23be94c4c58fc6de54d152f7b48e562136ce6862ba507f0330993ffdc1e5a92f2deb22061d85c8a36818ade73d236d6c3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads