Analysis
-
max time kernel
136s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
15-06-2024 00:24
Static task
static1
Behavioral task
behavioral1
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2.apk
-
Size
1.8MB
-
MD5
5720e211d0e78228824a03ca2c2a8950
-
SHA1
eff5054359e3a9d77cea1096011051c9ee43a2c5
-
SHA256
3a84ca08bce61750bcbac1d1d899d96da3ab150d1d03982c0ea84f55a2c819d2
-
SHA512
99feaf523dc70c98049356c30c66db44aecb6b9bc93d218c164a8759546503720240400b207f57208f2da7e66e8f8c555ff8ee7da19c418a4d6a3a1dc5778be3
-
SSDEEP
24576:KpY1jv6KIHSnmA4MIzyuZonM6lGbyeg3dp3ygn05Zm7jl3pff2VYhtsUymV2Yj7H:8Y1ju84T2uKMLbyeMpi53wTxveq
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD536cc73d77475820cc86004bf6667f2b3
SHA1afbb93e3c57bce78485c6a2479b7c9829fbb2a5b
SHA25660ff3745cc5c9d4ce4c699607bbc559b9ee4ec4c796cd9bfd71e938234d91174
SHA512c69121b2da253d232babed6727cb52a34fa62c75c8cc74ac7b7549fd40f4909b96645c60c129fc13fd971d6687b9785ae5305bec2dd667f7e2ee770ac4630a84
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5350c811c04f8a17d65d24ff8dc9ddab6
SHA168b473c16db5d0976ed2f9db106abb3edb3bd254
SHA256c1fdbaf61209609b6b5d1ac43d9a02512747c5632f2fb773915b920d60c9d131
SHA51234a844abdd348387454dca002b46951400ce83872ad242cf659e34546ed63e106ffebee318f39a572f7b9208fced8bbf6eb46985ba769d6699b54bc8d747ef17
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD57bbf7901e3f06431bc44d34c73c1d26b
SHA1d2fdfab95204c888b88658b3d55c38461fe7ddf0
SHA256a3e7309edaf6bed981fb8015f5d7bfe0c5ef6c5ac51619872ffea30f5f56e2f4
SHA5122aaca9a1e2569bb2898c9eac1f2a6e15fea00e235c7420525f0700d3fc5d687a051d70cd9ab8ceb6ee467d9e733c05153d165617face849915ddd4a9d9737ef3