Analysis
-
max time kernel
136s -
max time network
140s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
15-06-2024 00:24
Static task
static1
Behavioral task
behavioral1
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
-
Size
1.8MB
-
MD5
5720e211d0e78228824a03ca2c2a8950
-
SHA1
eff5054359e3a9d77cea1096011051c9ee43a2c5
-
SHA256
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2
-
SHA512
99feaf523dc70c98049356c30c66db44aecb6b9bc93d218c164a8759546503720240400b207f57208f2da7e66e8f8c555ff8ee7da19c418a4d6a3a1dc5778be3
-
SSDEEP
24576:KpY1jv6KIHSnmA4MIzyuZonM6lGbyeg3dp3ygn05Zm7jl3pff2VYhtsUymV2Yj7H:8Y1ju84T2uKMLbyeMpi53wTxveq
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileInstalledFilesize
24B
MD5931eda86af5ee95a365bcc39e1be658f
SHA11fd074781faf126601ba4a76a373d508092b6577
SHA256d30c3278f4277cabeff3bca98e3c37c468193af6a9a95d91de880047eefd971e
SHA512ee4a9506351d243be6135e7af9b76a4885e4f3f1008c0e0defa535d6b79462e619910f1533c0d4bdb8fd753e3ba0ba5609af0539cdfeb55d91dd310eb89c876c
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5e3e92561168cacc91135a1fae20ff219
SHA15e7fe6604a9e548cf39595148c570fc2bdaf0726
SHA2568ea714b5a9ed2a019d84e03417ff17ba340881b84d6467b0437924e37d712338
SHA512737cecc94d1cfbc3a3d205dc64fd2d4bafe875be97c73f58a9974d6e5f7ac91ff35916cf54a0d859e5fac37572fc5eb376c9a6a0680289d5317952a082c7df69
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5350c811c04f8a17d65d24ff8dc9ddab6
SHA168b473c16db5d0976ed2f9db106abb3edb3bd254
SHA256c1fdbaf61209609b6b5d1ac43d9a02512747c5632f2fb773915b920d60c9d131
SHA51234a844abdd348387454dca002b46951400ce83872ad242cf659e34546ed63e106ffebee318f39a572f7b9208fced8bbf6eb46985ba769d6699b54bc8d747ef17
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD5e876d9288f963e005535e6808698dc09
SHA19bf9a251ab53acbd5143bf33bc39e9964bd162d3
SHA2564379e51b01572c3a2e4091ed5e29acac06355226514dfea85a259b7d4cbd9693
SHA512ced8befe9bfddcd51e2610de9ff32924aeffff3c71d74b0b18868ad282ef8b403ab109795e74362788f549783e9741f19b9c4c99b008062fd2470d3a072ace2d