Analysis
-
max time kernel
177s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240611.1-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system -
submitted
15-06-2024 00:31
Static task
static1
Behavioral task
behavioral1
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
-
Size
1.9MB
-
MD5
86dbd2103f1adcc0cac2ba67195934c1
-
SHA1
aa60dddce70c02ce8f24059fda50790609ba9db8
-
SHA256
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96
-
SHA512
657f389fa819fb1da5a2bc5c4ce59e4ed15a798fcfaf60d9b36c2af467b9e069c20d99cf59d3fcf305c437a97f961a2e281ddf9c38e1ac5325d7555d76768316
-
SSDEEP
24576:PY1fyZ74f2X0f1EPHReYJO+zi1EZrmjZZs6Us/Kla9Xef2f8kPtB7L5+ZWXWm:PY1fwX0f1EPHReBExmzSSf5n7L8Zs
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileInstalledFilesize
24B
MD5914017c1d417d858fcc6a5ec4b9cfdd2
SHA11ce6cbb99cd4e496d82e52035d11ff2c26020e3f
SHA256f535b1b250d2e54752ec33d6e90dac1c67b332e3fbe34d7f2467af0f99f2df29
SHA51296b963068a4fdc7cb9057d73cd01048e1b65b91956836b1047e2c89a4fe99a2a75715d4f2f113095ee5925511291c27066022a3b09d079a85660042eabda5893
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD59e2c34294f21ccbc886fd6a5202c1168
SHA1bd3859d2b00d1a7a3bfda794bd5d0ab7efd0c2db
SHA2564c2700a57ebfa96b09b0933467ed121b66b3097b2c1ac7d97752d02df4140aba
SHA51232b97c9790dad5674994d8b761e386f512b1a6353278b88dc56d15362a1c1996b617d2a229c8fe39f6d07945011bbe4c981083bfc7e2d9a4e8f1995a0df50080
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5f96ceabb66aab883a983b4f72c3d2a6b
SHA122e32340fce395896b6be18fefe785c7c6776465
SHA25633c3fa925e56010b3b746bcecefa00e95a0d09188643df0ce2fad1128f97903e
SHA512b4ddc7725651f9e1a9df9d62ecc46b477a90660c9ddf59e8a0947c2a4b404206b59b5bf54b147f9446d2d3cc085490023b70e8ee02e3ca1d0e424a3bedc926d3
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD53b2e020b1c80719671ed49487bbc5f2e
SHA110eafa5cd7668ac6d4d061eb655a60d7de0cc8ee
SHA2563bee8b76443591cc88c54ad6dd0557dce812e7f65ed194f497699e7521948489
SHA512bab47400b2be97f098c8acc6ce904525b738dbadab9a32150b1b80dcd964bea28f1fc838fc09fc618579f250750502a83c184627094a5a88379859bcdf4de4ee