Overview

overview

10

Static

static

10

acb7e1b095...56.apk

android-9-x86

8

acb7e1b095...56.apk

android-10-x64

6

acb7e1b095...56.apk

android-11-x64

6

Analysis

  • max time kernel
    11s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    20-06-2024 22:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    acb7e1b095fa636c0491b484491a13b50974746e02fed40a395f1bc5775f3456.apk

  • Size

    2.5MB

  • MD5

    c515996562bdb5741dee25bb31ef0e04

  • SHA1

    04db93c064f7b0b1de9da12ddf08fc282c40f10a

  • SHA256

    acb7e1b095fa636c0491b484491a13b50974746e02fed40a395f1bc5775f3456

  • SHA512

    cb06b31467df8a4b3a27c111006f00326be12bc14bd79c1054a1d8065c07276d74321f91c6d42c05956051a2084b38a128ebde6be40b1bb6e82d804b9606db27

  • SSDEEP

    49152:IoxhlAv2sRoL2JmzGYNlTOCDDw0yQDh5+8ujDrgBMSwgg/ks:IqAv2sRoLtzXXN3wW+8ujD4MSbs

Score
6/10
discoveryevasionimpactpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.payuhafetafa.fewe
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries the mobile country code (MCC)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4439

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads