Analysis
-
max time kernel
163s -
max time network
132s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
14-06-2024 23:49
Static task
static1
Behavioral task
behavioral1
Sample
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
-
Size
1.7MB
-
MD5
94e7a194c2e4f64cc1a137292200e387
-
SHA1
3fdd153cff45e7daffe4a1d022948d68ea3bc661
-
SHA256
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2
-
SHA512
409462a773907b9008c173f00c196aa6e14db84dcc78c9fa541855d302e963349fd18df840961c793988424dfe78acabd716ce45f6c86bcc33bff90b96d1ffae
-
SSDEEP
24576:1Y1hdoMIHGBaMgphYpe3gJzaZ6f9DXzbkLn07evIzjH0RorNEBs8U7aNOG:1Y1huGBFgphakQRbT7evKbytx
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileInstalledFilesize
24B
MD53a40017b697a413f11bbc6cfddf14427
SHA1c2a1c88bf749438e9456eef195a20f738268f445
SHA256a4c3e5e71f5d1f49fad3f32150d449530a8d10053ea239268a9965035a24b9f1
SHA512d8eb4e387436015043d5b137429cac54d85bd419eeb9231b172ce8ad24a7f612b6873f55ff672928f21549425f54f99af281d9f960c6bf118392d6116c161fca
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5e2e2374537bfab6b427b5582b815fb0d
SHA178f6e09dd70780445fc3c27ecde682958d3ce821
SHA2561a352f3a9e6453ca9e9d76475beb106ae2d3b97c030f2b48a6e65f860ec29b5b
SHA5122146117be73c0ca9c80cc5b846f5ce64f134a8ba577a344949e2f82e86210afe4e6e8d540f387c9b13ecc2231930bd9167bc209b577b09495057234e52f5a1c3
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5e019191dbadb50b27cb053e64dc32f44
SHA11719052d22f642fcb09e1925b604e7068084d653
SHA2561356dcf2407df2b3183cb9e8b54d277bc4c690d0838f8724b28aee5b68b47ae6
SHA512f9172c1ea3b4875c93ba62c3cefc0220a4deeebfc4435f02913c8a5a92ffacd681242f22b40663532de43d6b7aa3a225d8af8935c57a1d23aff0160d9c792aaa
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD587fa637f3469a4afba0aa66266e26e63
SHA1412f1ac750f8d1a6ae3e6edd4017a9f1a1cb10d4
SHA25662669acd0c109e09e5da3ff1c0cbbf574322da7b63a70160284c645af095c38c
SHA512c8919a0867a94a9ed63e61c0103e93440ff665280eb7c8275a55e0bfb0a31ace07fde04976d4e356d7407fc833e937a033f9a6021b5587d4da83f9fae08c2bc6