a0b17ad3193e1397dd56581a75b0d61f986e5d4ac58f393b2d9c4bd5f2065b3d

Analysis

max time kernel
175s
max time network
152s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
12-06-2024 14:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0b17ad3193e1397dd56581a75b0d61f986e5d4ac58f393b2d9c4bd5f2065b3d.apk
Size

2.0MB
MD5

44ae44a37435b2d773f464978f7d6014
SHA1

980a5d682855624c1e9a648d19080ebe1aa03a2c
SHA256

a0b17ad3193e1397dd56581a75b0d61f986e5d4ac58f393b2d9c4bd5f2065b3d
SHA512

8060eb68e97c4a32406ffcb040bf1fd8b68ae0d40751f18bc9c28f251f3ee42b8256137a76ccddbae10efc6b12ebf31673fe555bf3ba1d44dad69841dba32156
SSDEEP

49152:aY1N+RjKP2gMaDKzL1G0pujYvUJenSH0ks:4RSVKzL16Uvzss

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

T1516

T1513

T1417.001

T1417.002

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:5114

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
e1d06466a6389d8cd6fe41d1ad8b06f8

SHA1
bacc55f3513b5f86e3e9eff872d7b088f54c49f2

SHA256
5114d5ab85fe71c9934f29c7ebfeefd7fe7e2bb6c1804d9942d875b8bc4ef4a0

SHA512
59dbb35e3e00db018211af38252bf940dd8060e64b4de6830917afc56d5d4b2d430e6fd5aefb425f54c2d05d80bb6be59e5c29b502392cc7b0d4b23b1164c6a4

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
f9b897a387665072b3a4ac70a27149d4

SHA1
ea81458ec0805a49b918670689e3b68b0fee40de

SHA256
be7d8400035528ec8033d7b41fc062c7d7f8390d9e142016e9f54eadd37c26e4

SHA512
3aab61505baa8e3bd55dd733d03e67dfbadc9a5cb0bdbfedcd4e2dcba30a527bdb1e1f5794370ff5f0f4e9f993954b4144e4bea972eca92db14aea649dc0f416

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
fc2dd91999a4738081038b9e8b968131

SHA1
2dc1d95421f4a02f8aa319dfd834802121ce773f

SHA256
4c5094084345cca53f7207446630b9859532b255a3a6e37475440fb6bdd263dd

SHA512
9bcf8d84bd7e33335bb8a2fdcc7fec25ceccc3ac506e9cca59a5c71fb018bbb35d37a2ce927cd6ea082c6a23a98fee42c87dbde09ed9dcdc4846c432c4479360

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
8367586d5c7b23b5b3b9c54f85faf1b2

SHA1
3f3c14172dc1e9fd127aa8e6a44ccb7066461b67

SHA256
bcfb33c57999834ee5970c081359bd7c92834a20a7743615dde03a2d8c93bdd1

SHA512
46015cf6ee514af294fea67ce8a61abca1961666bfb7971f98a75a0246f664597bfbf9058921cfcf8de886f24d779cef723b7c97d4df1a87f96be9400641b1b4

Download Submit