Analysis
-
max time kernel
136s -
max time network
154s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15-06-2024 00:24
Static task
static1
Behavioral task
behavioral1
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
-
Size
1.8MB
-
MD5
5720e211d0e78228824a03ca2c2a8950
-
SHA1
eff5054359e3a9d77cea1096011051c9ee43a2c5
-
SHA256
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2
-
SHA512
99feaf523dc70c98049356c30c66db44aecb6b9bc93d218c164a8759546503720240400b207f57208f2da7e66e8f8c555ff8ee7da19c418a4d6a3a1dc5778be3
-
SSDEEP
24576:KpY1jv6KIHSnmA4MIzyuZonM6lGbyeg3dp3ygn05Zm7jl3pff2VYhtsUymV2Yj7H:8Y1ju84T2uKMLbyeMpi53wTxveq
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileInstalledFilesize
24B
MD56aff557a82a347ab35160afad246cba4
SHA15a1e4e83915f30b24c10f74f0ecb20e2ed3dd10d
SHA256f522eb72000da8e7b02b87f1352692ef7552c78e1693dd4adaf0b65fd343f1ab
SHA512ce604c1847fa380ed443b0c4e1341dba8a9eda2da06755002a3fd22a6361ca96f41e3bc1c076203ef3a28b44d6855917f54631b740ac696d85c1816b7b02b3f5
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD53b9efe99bd6f7bd0f1bc95a2c35ac10e
SHA142064411c64030fd96d04a560025d3aa11e6f59e
SHA256b6b72d27d28015de4c5fa50e75866e303f05df790910203cd5df8cbefce23610
SHA5127f19abd60e98c7a48e08a9db0e643db3b56e9913e1f23091527201dad461ebffde7f38bebd7e166f3489da8ff056bc4ee9bdc33c5e58ad0f3d027707fefb0ceb
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5350c811c04f8a17d65d24ff8dc9ddab6
SHA168b473c16db5d0976ed2f9db106abb3edb3bd254
SHA256c1fdbaf61209609b6b5d1ac43d9a02512747c5632f2fb773915b920d60c9d131
SHA51234a844abdd348387454dca002b46951400ce83872ad242cf659e34546ed63e106ffebee318f39a572f7b9208fced8bbf6eb46985ba769d6699b54bc8d747ef17
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD5c4f01481ff6245ec3661ac2bf22134fe
SHA14a68618a41cf05924be8f0c4f2b1ee9b6562bca2
SHA2566238ddb4262463d1e200808061446fdb4aa96c3f1032203791e9d96d18186d8b
SHA5129b74df34a6f410a56009a3417eceb16c26de8cefec8dc33965c14a5c6d731bd3f1f56c7c48023fced03c3cd9635cd0fadaf178e265a914af36561de0f810881a