Overview

overview

10

Static

static

10

d7c5e8c441...a1.apk

android-9-x86

6

d7c5e8c441...a1.apk

android-10-x64

6

d7c5e8c441...a1.apk

android-11-x64

7

Analysis

  • max time kernel
    124s
  • max time network
    149s
  • platform
    android_x86
  • resource
    android-x86-arm-20240611.1-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240611.1-enlocale:en-usos:android-9-x86system
  • submitted
    17-06-2024 00:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d7c5e8c441821d3e07cfcea3bce04772f792d02b55095cee29ed49e1eb1450a1.apk

  • Size

    3.9MB

  • MD5

    d0117b530c6c8b5f88f72f2b74b39e68

  • SHA1

    3608c4f0aeb06d6953e04e7c03c1a999f766313c

  • SHA256

    d7c5e8c441821d3e07cfcea3bce04772f792d02b55095cee29ed49e1eb1450a1

  • SHA512

    3be294f5feb98f5dd323ad3359e8338902fb7af0414c5da0d5655adc16e55ca1d5e3bcec244265df8eeeb7d98309e7888e23408ada9220ae35f79f4f7eeb0c5a

  • SSDEEP

    98304:Vy2qCtPkJFy11penf504Iz+U7SsV4YgBJ2w/jZY2r7EJCO:YfCtaycf5zIz34YgBJjdY0EJCO

Score
6/10
evasionimpactpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Performs UI accessibility actions on behalf of the user 1 TTPs 1 IoCs

    Application may abuse the accessibility service to prevent their removal.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.reseal.ziganka
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Performs UI accessibility actions on behalf of the user
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4174

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads