a0b17ad3193e1397dd56581a75b0d61f986e5d4ac58f393b2d9c4bd5f2065b3d

Analysis

max time kernel
176s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240611.1-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
submitted
12-06-2024 14:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0b17ad3193e1397dd56581a75b0d61f986e5d4ac58f393b2d9c4bd5f2065b3d.apk
Size

2.0MB
MD5

44ae44a37435b2d773f464978f7d6014
SHA1

980a5d682855624c1e9a648d19080ebe1aa03a2c
SHA256

a0b17ad3193e1397dd56581a75b0d61f986e5d4ac58f393b2d9c4bd5f2065b3d
SHA512

8060eb68e97c4a32406ffcb040bf1fd8b68ae0d40751f18bc9c28f251f3ee42b8256137a76ccddbae10efc6b12ebf31673fe555bf3ba1d44dad69841dba32156
SSDEEP

49152:aY1N+RjKP2gMaDKzL1G0pujYvUJenSH0ks:4RSVKzL16Uvzss

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

T1516

T1513

T1417.001

T1417.002

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4174

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
18afc1b66c88fd61f9b4777dca5c8f34

SHA1
6035abdb1680330a37b7e0284111c219d79ea9e4

SHA256
a4bcb0d9b4591de0cf463f40c0af7246bbae95a3f5dad54835c4c9e7a1fccaf4

SHA512
edfe9a9fddfa9c5e0c4696458b7369fa11dce302afad605b8dcd486509c04ab4540260ed4bdc79edaf6c887498f22683a869ec509feb1d22b6467a86e644766e

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
4add075a539837f287687e41d4ce1bc0

SHA1
79a784e4d7d3e9c40560390af1178cdf317e3e70

SHA256
eea4f85e33a0c19788b70b00938cbcf68806d6c96e7a80b866873a9e07f0b20f

SHA512
bf73c9963ec426295c872226bc999d4e6cdd3318a2ab74cc55770e38947c95bc256204a78e0b739dff9615d443378b7111a3775d1bd0e4f1a651e4410f72e420

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
fc2dd91999a4738081038b9e8b968131

SHA1
2dc1d95421f4a02f8aa319dfd834802121ce773f

SHA256
4c5094084345cca53f7207446630b9859532b255a3a6e37475440fb6bdd263dd

SHA512
9bcf8d84bd7e33335bb8a2fdcc7fec25ceccc3ac506e9cca59a5c71fb018bbb35d37a2ce927cd6ea082c6a23a98fee42c87dbde09ed9dcdc4846c432c4479360

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
8ccd0029ff420dd0bfef10ac2a7134a1

SHA1
5754c169e0df4a4e0613c55a35c19a75930620e8

SHA256
0535eb0f8b2afacd265b2d2436f2d5ea4cacb8f884e9d9191dfe32b356b440dd

SHA512
1eafb0bb5972f46f6207e86bafd7af6d8560695e1a4d5f237ee520b09ad6e9460ce6162fccdca55e4effd633ceea201d2b2cba1b48b5315e83c20c11fe4acac4

Download Submit