71980d14fbcfcf3894768307025b2ea69318ec8c0a42da50e0f6bb08697d7dd4

Analysis

max time kernel
177s
max time network
133s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
09-07-2024 08:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

junk.apk
Size

5.4MB
MD5

38b1bb4df8ae2e9af5b02a9bb203a3e7
SHA1

bdb483dba40c04d3c1487aadf81a8bf89c305b70
SHA256

71980d14fbcfcf3894768307025b2ea69318ec8c0a42da50e0f6bb08697d7dd4
SHA512

46cd3aac789ad54572a75ab75c05764eb30d716744c92d874d3de1b083e82dcd8e4e26ca138c58a7b4889198824c95e6857174acb89f250ec43f1c10f0d34315
SSDEEP

98304:hIVAJbkWuOP87gLCrhdSEjpjiI0AsS9mmDVufWB/d8OCJimDkAICughWtyQi5JI:hIVi/s/FmI0FS9dVMa6Tko3UghtQi5JI

Score

6^/10

evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.hr.add

com.hr.add
1⤵
- Makes use of the framework's foreground persistence service
PID:4352

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.hr.add/files/profileInstalled

Filesize
24B

MD5
73d0cf491a54e9381010a5498b3c892a

SHA1
b7c3112a3f7ba673fbee53b9eac49261e8e51199

SHA256
11c70c5ff040750e22d0101fd8505ce4cd94825a2807eb0eaca5786159a88c5f

SHA512
b583fe737b5f2b44e634ba9e8aa05b891199112231a0642500723004dbf0ddcf4b5c06db327e776f626aa002420b91cbaaaea5537b6ce06fe8882ef492c3aff2

Download Submit
/data/data/com.hr.add/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
80c4b682ecd4537f6ec015908e637f89

SHA1
a8bc920325eb5289b55c4c9b1cec05b42ad1e686

SHA256
dcda3a441c414766868467337d3022c9e128f4b9edce796c23bb822566fb5a3d

SHA512
dbbecda96cb1a3f2e76c4e3e08fead1b7a5dc207e55a596a1b0f3650ff99d2d71de94c5a301703b2102152271237f2a444fb03664d6b087e5aab234bf54bc435

Download Submit
/data/misc/profiles/cur/0/com.hr.add/primary.prof

Filesize
1KB

MD5
434073db766ce6105f159cb79737a0f7

SHA1
aba8196ae46a891114e100802dfed96b73995a7f

SHA256
cc2868d22e523d0bb0cccca7bf21bffa7ff8474e8ef30bce0e71a90c300b8290

SHA512
36fec26078662b475e6759b79aaeb81fcd6f8166e0b9dbbb1280ddcae8d3442328bd103e6105b3c667a44b87596557c4abdfc45a1f9c3925c7e10261d81e022a

Download Submit
/data/misc/profiles/cur/0/com.hr.add/primary.prof

Filesize
4KB

MD5
144986e907d425466110f8a921be15e9

SHA1
8a5082722345bf5f2a7dbd7648902f2d8046c16f

SHA256
b82efbe3f2ae9636fc8ef2cfb2472a45ac311aa511d382c27cf64d7e2e1aa1b1

SHA512
c38c9325db60560281fb10e09436ea07302f0c86156d6f69b7175d3568407c10945e28bd9733c79861c58e53a57f7ddb934b740d0eed244ee754ec0e0e847f5f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads