Analysis
-
max time kernel
168s -
max time network
188s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
14-06-2024 23:49
Static task
static1
Behavioral task
behavioral1
Sample
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2.apk
-
Size
1.7MB
-
MD5
94e7a194c2e4f64cc1a137292200e387
-
SHA1
3fdd153cff45e7daffe4a1d022948d68ea3bc661
-
SHA256
f425f0797379cf627c28da00b54e981d61f6b58e638c872bdcd19914f58144f2
-
SHA512
409462a773907b9008c173f00c196aa6e14db84dcc78c9fa541855d302e963349fd18df840961c793988424dfe78acabd716ce45f6c86bcc33bff90b96d1ffae
-
SSDEEP
24576:1Y1hdoMIHGBaMgphYpe3gJzaZ6f9DXzbkLn07evIzjH0RorNEBs8U7aNOG:1Y1huGBFgphakQRbT7evKbytx
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileInstalledFilesize
24B
MD59cc04692d7716e6cebca1741dde88c79
SHA1e23bd240359a863832f84e8b16384b9fe719efde
SHA2563adca9b705aa28c01a96e15b195cb80bf2f5892e9a7f74b85fd701beaf02b3d1
SHA51211a9ba1b3f243654c51150915390f2a76e62b5a5b229ce52322547ee81f8c9586e50f4c3dc05f6b77c8ec1f6d948ff5d37236f122ee7385d2091bbdf38a13651
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5caffe8477c8fe78fd858fc582414b3a7
SHA1ac989f102de547324384d7f4eda3bfba6c33bada
SHA256ab19a45d1bb6a76b03b02b83de833f2793cd3f80eefecca0d65fada4ac10dee5
SHA512b4b40c245da16723d730c6ddf2e8d6f4eefa0242f7a08b27c47299f60e47c5863e14dc83883ea43bab74caadb915f92632dc305a3335cbe55213260dcb087b50
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5e019191dbadb50b27cb053e64dc32f44
SHA11719052d22f642fcb09e1925b604e7068084d653
SHA2561356dcf2407df2b3183cb9e8b54d277bc4c690d0838f8724b28aee5b68b47ae6
SHA512f9172c1ea3b4875c93ba62c3cefc0220a4deeebfc4435f02913c8a5a92ffacd681242f22b40663532de43d6b7aa3a225d8af8935c57a1d23aff0160d9c792aaa
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD52cc5c6b4eeb492357a32c6914a7077cb
SHA1aaf00093681ee0a8443db0429d64d7746911408e
SHA256e23dee0b9f8564bbb9e9fda7eeda16a6b03b23e23d3b0d513cab43c2c9d119a8
SHA512ed24eb37b1f72ada4842c6003cdf8019066ba8ce9f464780a296a1f71b2932e39c9096b418d0730bee9028ba204e188fc5d082ebaeaaacf016d26cbbf0c3eb03