Analysis

  • max time kernel
    177s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    15-06-2024 00:31

General

  • Target

    f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk

  • Size

    1.9MB

  • MD5

    86dbd2103f1adcc0cac2ba67195934c1

  • SHA1

    aa60dddce70c02ce8f24059fda50790609ba9db8

  • SHA256

    f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96

  • SHA512

    657f389fa819fb1da5a2bc5c4ce59e4ed15a798fcfaf60d9b36c2af467b9e069c20d99cf59d3fcf305c437a97f961a2e281ddf9c38e1ac5325d7555d76768316

  • SSDEEP

    24576:PY1fyZ74f2X0f1EPHReYJO+zi1EZrmjZZs6Us/Kla9Xef2f8kPtB7L5+ZWXWm:PY1fwX0f1EPHReBExmzSSf5n7L8Zs

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

Processes

  • org.zzzz.aaa
    1⤵
    • Makes use of the framework's Accessibility service
    PID:4238

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/org.zzzz.aaa/files/profileInstalled
    Filesize

    24B

    MD5

    914017c1d417d858fcc6a5ec4b9cfdd2

    SHA1

    1ce6cbb99cd4e496d82e52035d11ff2c26020e3f

    SHA256

    f535b1b250d2e54752ec33d6e90dac1c67b332e3fbe34d7f2467af0f99f2df29

    SHA512

    96b963068a4fdc7cb9057d73cd01048e1b65b91956836b1047e2c89a4fe99a2a75715d4f2f113095ee5925511291c27066022a3b09d079a85660042eabda5893

  • /data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    9e2c34294f21ccbc886fd6a5202c1168

    SHA1

    bd3859d2b00d1a7a3bfda794bd5d0ab7efd0c2db

    SHA256

    4c2700a57ebfa96b09b0933467ed121b66b3097b2c1ac7d97752d02df4140aba

    SHA512

    32b97c9790dad5674994d8b761e386f512b1a6353278b88dc56d15362a1c1996b617d2a229c8fe39f6d07945011bbe4c981083bfc7e2d9a4e8f1995a0df50080

  • /data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
    Filesize

    1KB

    MD5

    f96ceabb66aab883a983b4f72c3d2a6b

    SHA1

    22e32340fce395896b6be18fefe785c7c6776465

    SHA256

    33c3fa925e56010b3b746bcecefa00e95a0d09188643df0ce2fad1128f97903e

    SHA512

    b4ddc7725651f9e1a9df9d62ecc46b477a90660c9ddf59e8a0947c2a4b404206b59b5bf54b147f9446d2d3cc085490023b70e8ee02e3ca1d0e424a3bedc926d3

  • /data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
    Filesize

    2KB

    MD5

    3b2e020b1c80719671ed49487bbc5f2e

    SHA1

    10eafa5cd7668ac6d4d061eb655a60d7de0cc8ee

    SHA256

    3bee8b76443591cc88c54ad6dd0557dce812e7f65ed194f497699e7521948489

    SHA512

    bab47400b2be97f098c8acc6ce904525b738dbadab9a32150b1b80dcd964bea28f1fc838fc09fc618579f250750502a83c184627094a5a88379859bcdf4de4ee