Analysis
-
max time kernel
148s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
09-06-2024 06:56
Static task
static1
Behavioral task
behavioral1
Sample
indus.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
indus.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
indus.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
indus.apk
-
Size
8.3MB
-
MD5
29ddf80eed11d404f1be5d8a2e147935
-
SHA1
ab6715ba58ad31c81bbbc04403c1151d5246ecae
-
SHA256
2abd77540e0f6e59c1a36d0b6a4db50570d98d3037ee592458dda38d19da30b1
-
SHA512
f826dacad0cbf7b30753f98e4ac7bd50962e90f10d6f4e3fa42e0b65edd6b7a3151ef044a5812b3cd8d193d5e03fa835c6022b93ef711a5fb7998c27b61952af
-
SSDEEP
196608:O+08YxPBpzZzo8zY2jHm4jgGPNyDLP0XpVOfL:10nzZzooLPPQDLPB
Malware Config
Signatures
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.bank.lead.owzlmjgmgy -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground com.bank.lead.owzlmjgmgy -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bank.lead.owzlmjgmgy -
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
description ioc Process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS com.bank.lead.owzlmjgmgy -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.bank.lead.owzlmjgmgy
Processes
-
com.bank.lead.owzlmjgmgy1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4267
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
MD58a0b2b04b07e6478a619431402c2974d
SHA1826bf6899330504b46ecb984a7edd151f502ba39
SHA2561d6bce8e5847b1af393e15c098c8500d1ae9d042ee31eed11980e28fb05439e3
SHA51263d5506d74e3c6a0873428c1bf4be76ebb3cd81f43a2d890659fd84b7ef2cd0d68762413491b9f637b66b54b31376aae367740a8fc6517bcb6bef1f6692970c4
-
Filesize
90B
MD5fd21c6b3504bb9c8015b3476497eaca9
SHA1a65dd4d7746b47c9319456e5cf7943cd0e84e50c
SHA256edb6bbad7bc1fa218e355642d4ffac5e5c130f0c45d28866de58f29afa508305
SHA51217fe050066759dcecec34ac183ddb5c4453b5fc8cb00e1f9d75751ab60003932369a5817e656ab752df4eff7bbc55289e96640e994ba7831b2a2eb56aeb5aaac
-
Filesize
569B
MD5c39637f16b408d221809000ab91e4b5f
SHA109b990919db69ed7a026a971716951a8bdf1fd2d
SHA256a44d426c941ad3a40888d8cfc3a096516b46b0aeb6158a7e36db5dd59bbd83a6
SHA5121b36e93e08a02d3b10eab078d3059531f8790a89beabe8a5f63cfba96c1d51a9f3a7769a24742d5e7f56c73762cd5e3fed200aacfdfd95fcc6d92f47e837bf5f
-
Filesize
24B
MD52965041205c68f845b5480c1d83c71f9
SHA19b76dc3cd12a4653f28181002f391857cc03450b
SHA25669f2dcada54bd6264e6b2268328dfdef58789225d3031cbccddd6921740c6008
SHA512f9b64f1b1dc4928b54905e9bd2491539b4005276e1423c6f8f35228f846a1f2721d9ec41fae7232069fd88b4d0d9164d68280982f15fbcc1fa4d26350a98bcfb
-
Filesize
8B
MD50fb03bc8110f2b2bc31b239f3e4ad360
SHA161121ca07a7ce0b54e792fc4333b6330eaf8eee5
SHA25601956d875fa5999defc4a108b0696fc82b9deb2f797dd27cec6c84c29ff9b1a7
SHA512ca6f12cd02f81f64ec7c8153a3311d89ac0bd3c118121f0df3f3fa458f5d51147e8fb0c9821e3aa02d2bef867f39793ea589e961b39c1e2e4bd155c197084ee6
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5db8b352b7021b1957c9e5d4b7860b8a2
SHA108ed7098305fc5a7440dcae2eda5c5e426fce107
SHA256702232129cf621da23d13121419c66712cfe8bed3e05abfbf359b682b9c6a642
SHA512e24eeec38ff933186a2995d169114b3e5f532e8ac0c4b200acb23c5cbddd1e1a4d3b5cf7fab846309a5fbe2e8049f621f21e62a9ed21592fd1d1e82a44a99468
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
108KB
MD51c8a206ba1fa744be8c013665593f6bd
SHA1e4c1d3299977ee3821208e3e16b0e8948035019b
SHA256c75ae8c049f80a2797eb586ce883b41967535d00c26911aa940594c8c2a313be
SHA512fb44860b74c386b1a21a33d32ec71c3ba7a79c3e78b390b05d031ade26ee77192231434dec71d8fec0da361725a7cecccc8f66504aad73da4c1c378e213376af
-
Filesize
16KB
MD5d13f505a19aaf193b0645bf90a54cf46
SHA114410f903b53ea7cc94e4aee2edeef63a32e111f
SHA25602ae332891fc915711fdad8e979c275202aad3623446b7b5604dc8e22e09c87b
SHA512ad201611029dae8345cb8027d2eaa40fb9111895e66cff37e58c71175a3357343ef5e0c22479d82940bfbab167a073da7f04566f173dd43dee2d66b33d0dc29e
-
Filesize
1KB
MD55c05bd6f582fa8e0d8941ecc17b3b9e8
SHA19c4a94f749b426ec8bcd7cd7839346ec9d8539ad
SHA2567e6b7519acc6d815be103dc093959ed8ef1858da80a939c14ff16c28b2975681
SHA5120ba3b8363db59daecb0a0cd91c22c37fc1b5ab629121591d5abd26eac70ad123e18775e90c3cedd853b18a5d30ee906d7e1f1eea36ae301800400ebf1ccb7efb
-
Filesize
9KB
MD526e81ce28d2d0954b77b690bff04baec
SHA13a10f56ddf5e15a3ecbeea85981cd4b2b732162d
SHA256d2334eaa3f9b768f69a7dafd40673053a156e94e93353ccf8d39ad58cad30597
SHA512022df4bf23d7eba874f7baa99e0e15a8271432d4ccecb578d510b3bce7c35d8036b31ef35a5e1f91b58608f640d7405751e29a1594038d8f96fb1b9d97448602