7af7345e3aaefd36eebd58b9db18b480f61dc50ce15ecdaad9f9895fa266e1a2

Analysis

max time kernel
174s
max time network
133s
platform
android_x64
resource
android-33-x64-arm64-20240611.1-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240611.1-enlocale:en-usos:android-13-x64system
submitted
15-06-2024 14:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Standoff123.apk
Size

857KB
MD5

48b9c6baac4cd5348b1d4c4baf90c90b
SHA1

dc153759069d38b25770221c9022a79838067d7c
SHA256

7af7345e3aaefd36eebd58b9db18b480f61dc50ce15ecdaad9f9895fa266e1a2
SHA512

2040de4a3508b2e91e5d30b7da7f55f5152e72c48d273131bc6c80d04862c7ed26b9680d045d79cdef3c9c41f8c8b031eab7a4c3fe3b75184d1cc3499cc8f6f0
SSDEEP

12288:SaR92J6sgRMLz7dpM+fAfT+Kc90ky5WmpYshXZPbGwidNpgQ:biJ6s9Lz7dplYfT+Ks0r5WmD9idNpj

Score

7^/10

banker discovery evasion impact persistence privilege_escalation

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
evasion persistence

T1541

Processes:

cmf0.c3b5bm90zq.patch

description ioc process

Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch
Requests enabling of the accessibility settings. 1 IoCs

Processes:

cmf0.c3b5bm90zq.patch

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch
Tries to add a device administrator. 2 TTPs 1 IoCs
privilege_escalation impact

T1626.001

T1640

Processes:

cmf0.c3b5bm90zq.patch

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch

description	ioc	process
Framework service call	android.app.IActivityManager.setServiceForeground	cmf0.c3b5bm90zq.patch

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	cmf0.c3b5bm90zq.patch

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	cmf0.c3b5bm90zq.patch

cmf0.c3b5bm90zq.patch
1⤵
- Makes use of the framework's foreground persistence service
- Requests enabling of the accessibility settings.
- Tries to add a device administrator.
PID:4234

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/AxelBolt.net/config15-06-2024.log
Filesize
39B

MD5
b10526c010ae2567fc24576699660359

SHA1
a886284b17f5f0a69499aa8514399d663633846c

SHA256
19af508c72da4439c23d37531ae5204229cd8f69d0e099b6d3dc548af4e0cd4f

SHA512
e7ecdf394b9800ff00284dc1e15633f509d5e1fb81104ba6ef1894d2b469563b03099f39d7871a974f8ccb758f38760fac31253a026bab9c2febd3a4562abc96

Download Submit
/storage/emulated/0/AxelBolt.net/config15-06-2024.log
Filesize
61B

MD5
32c153e4cf742631e6b519f0fd9e25b5

SHA1
d4ebfb102940362537fc05d1b95c6fd0f7708c7e

SHA256
dcca8a5976b71190065f929e8adf393b32ea9925f107e8bac03b6ceacdb923e1

SHA512
7df7f49978b02d5a7951ac3bd531e8c89795fbc6f1f3f41d6dd14add4fd58a08e0b3700100e81ed08f9cb23dcdde525dab2cf2f001fdce7a7c3458be3f978768

Download Submit
/storage/emulated/0/AxelBolt.net/config15-06-2024.log
Filesize
85B

MD5
e18552e5905187b44bb7e5d961add1e4

SHA1
4e09d6ef0779cdff7134518b97eb9424ff1e1a85

SHA256
5d43c19734390596133d64e3f59a4d7ae11348b2372c66052a136bd662d40fae

SHA512
1e55077255d41a2006c95e3764e5c5b7fb8d0354602d9a6b8f047a58c9207256633eaa3fdb1491449bbe3fda5147586a2ef4966228f71d27ac2bf6b9eb30be0c

Download Submit
/storage/emulated/0/AxelBolt.net/config15-06-2024.log
Filesize
61B

MD5
2276fb65b740b90147717e4036c11c7a

SHA1
447358e0fcd9c1d201e400a6bb02e0b0be924af8

SHA256
753658f8c917c5e53f101c5a34be556be184c00789e1dfa91d1ad8508461d74e

SHA512
2c9942cd8a1a6c78eee3b43a3ff8d1d21b0355efcaddd47185c993f22a6ef7aa44bf0d528af7e71d176cca9301f76979ce3fcfaf575fc87d1ecbae97fc577748

Download Submit
/storage/emulated/0/AxelBolt.net/config15-06-2024.log
Filesize
76B

MD5
d435766589e1d570c96aa3fcc7c09d7d

SHA1
57df31c03eb89ee3adbaccccf6f4eded217e7981

SHA256
fcc6757d345e863456f79c647975e5b1aa751aa1685dad1a2309ccf0933cf56e

SHA512
0a35bf9cf4ffd1300149b7d2fe930888ceaaea0e794772110e79d0ae27b6de4f24eccb35b38b91d32f14b198574ecd4f6e6c30ae0953d711347e93b9af138a69

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads