Analysis
-
max time kernel
176s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15-06-2024 00:31
Static task
static1
Behavioral task
behavioral1
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
-
Size
1.9MB
-
MD5
86dbd2103f1adcc0cac2ba67195934c1
-
SHA1
aa60dddce70c02ce8f24059fda50790609ba9db8
-
SHA256
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96
-
SHA512
657f389fa819fb1da5a2bc5c4ce59e4ed15a798fcfaf60d9b36c2af467b9e069c20d99cf59d3fcf305c437a97f961a2e281ddf9c38e1ac5325d7555d76768316
-
SSDEEP
24576:PY1fyZ74f2X0f1EPHReYJO+zi1EZrmjZZs6Us/Kla9Xef2f8kPtB7L5+ZWXWm:PY1fwX0f1EPHReBExmzSSf5n7L8Zs
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileInstalledFilesize
24B
MD58cab954c557ae1112299b4d6df49bbee
SHA1343adf39580e50189252dc9d52ae32a7ba3a24ce
SHA2567ab8f8a6c2c423ad10e5c470123f1f902fffed6f9043ef4c76d6d01551eb5772
SHA512dc1b9e3e7c02dd6ac30501bb38357003f9950a8b2c8e5518e71f8c9c4303ed9d71367f52e2a554df713ae1433804ae905881997a6f8df111ec4f3b0022e5f6db
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD59acff04ceb85dfd5ce45736933d0f1ed
SHA1db0a4ab6defb332486f2e21e2723ab8aa089125f
SHA256067dbc3c849e75a973bd18f3678ef711d6656a79e9508181167ca89e3bfefb93
SHA5120d0bd3123d86fc2116f0b73b0410dba707155eb6bc54a49f11af513d85e4e5687bd8ddd8757defa5ce08db82f7a42032e8e4611578ea9c1c3183ee3cd111ee3b
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5f96ceabb66aab883a983b4f72c3d2a6b
SHA122e32340fce395896b6be18fefe785c7c6776465
SHA25633c3fa925e56010b3b746bcecefa00e95a0d09188643df0ce2fad1128f97903e
SHA512b4ddc7725651f9e1a9df9d62ecc46b477a90660c9ddf59e8a0947c2a4b404206b59b5bf54b147f9446d2d3cc085490023b70e8ee02e3ca1d0e424a3bedc926d3
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD5eb62c98ce90825d3c50853d24984261a
SHA1778a9cfe21d13189dd77205657ce456112ed8c8e
SHA256f5a62e18433453ede5c4083aa9577f95fcfa4795a1ae9eca539b01d4adfa4687
SHA512f29394225cab5bfc370102634294039b0069c0244f1e4c28d4efaa1c0f906a925c135808a330088f4c68fe44101ca8bcaf192651b9d07c0283e24ea755b4bd9c