Analysis
-
max time kernel
124s -
max time network
137s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
13-07-2024 22:01
Behavioral task
behavioral1
Sample
bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279.apk
-
Size
3.9MB
-
MD5
0ee55e7dda5ca16de0519b60096ba709
-
SHA1
aeec7b300857cc3682309cbe23da177c13464f70
-
SHA256
bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279
-
SHA512
15e8413422e177eecbfd4f5791efbdee7944f94a0022a4e72154df5598a17318895487dc30cb1aea37007b3195a69f132eed7b3a41a2bce09ffdca48ec4d34c2
-
SSDEEP
98304:Qo0LdGO0F97nRGgNfOBhymZR0H54Ph/de+vwlz4UXB+F:QdEM0ShRZIWRd9M4M+F
Malware Config
Signatures
-
Acquires the wake lock 1 IoCs
Processes:
com.actiniums.phenomenologiesdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.actiniums.phenomenologies -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
com.actiniums.phenomenologiesdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground com.actiniums.phenomenologies -
Performs UI accessibility actions on behalf of the user 1 TTPs 1 IoCs
Application may abuse the accessibility service to prevent their removal.
Processes:
com.actiniums.phenomenologiesioc process android.accessibilityservice.IAccessibilityServiceConnection.performGlobalAction com.actiniums.phenomenologies -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.actiniums.phenomenologiesdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.actiniums.phenomenologies