Analysis
-
max time kernel
177s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
15-06-2024 00:31
Static task
static1
Behavioral task
behavioral1
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96.apk
-
Size
1.9MB
-
MD5
86dbd2103f1adcc0cac2ba67195934c1
-
SHA1
aa60dddce70c02ce8f24059fda50790609ba9db8
-
SHA256
f70b50fd873fcf6ad84ac9dbb405eae7a905ef0c14917a561504cb07f34a7e96
-
SHA512
657f389fa819fb1da5a2bc5c4ce59e4ed15a798fcfaf60d9b36c2af467b9e069c20d99cf59d3fcf305c437a97f961a2e281ddf9c38e1ac5325d7555d76768316
-
SSDEEP
24576:PY1fyZ74f2X0f1EPHReYJO+zi1EZrmjZZs6Us/Kla9Xef2f8kPtB7L5+ZWXWm:PY1fwX0f1EPHReBExmzSSf5n7L8Zs
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
org.zzzz.aaadescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId org.zzzz.aaa Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText org.zzzz.aaa
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD52894a2e124144efbe8087be48609ef96
SHA1e3a4fe48b4f7befd1b6bb59bf784e59d241d78bd
SHA25608b01e6d81962897daf7d152dba085239de208769c829a7ab63f9c3fd11f2fa9
SHA51224a2e66549a790a8a8e7f531f59ef90ff038d08ec2eac3e3c08da53f41272be5af5f88087c21847936ecabc74c2cfd5a93b90bc8f1e193e94112238a9586eaad
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
1KB
MD5f96ceabb66aab883a983b4f72c3d2a6b
SHA122e32340fce395896b6be18fefe785c7c6776465
SHA25633c3fa925e56010b3b746bcecefa00e95a0d09188643df0ce2fad1128f97903e
SHA512b4ddc7725651f9e1a9df9d62ecc46b477a90660c9ddf59e8a0947c2a4b404206b59b5bf54b147f9446d2d3cc085490023b70e8ee02e3ca1d0e424a3bedc926d3
-
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.profFilesize
2KB
MD58733f1475bd4be765ada8ec7c004aa11
SHA16aa53db39b4d65ae8e27c6899f5e35da4a7ec88d
SHA2565b0a9a5ec377f49dee2b34339e622c7af98181788a518fa097d9ab439a25312b
SHA5124db92faa3e4578f20c7068d58b426612637bf7e4c1df8427747f009085affb5cea74c824047f0fb1b83ff6b2485ecb31340460c099d320165487e72f62237485