Analysis

  • max time kernel
    124s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    13-07-2024 22:01

General

  • Target

    bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279.apk

  • Size

    3.9MB

  • MD5

    0ee55e7dda5ca16de0519b60096ba709

  • SHA1

    aeec7b300857cc3682309cbe23da177c13464f70

  • SHA256

    bfbdf0a2190cc3568dd07f50be86a681035fb6371c2e3b056db6cbf2a9b35279

  • SHA512

    15e8413422e177eecbfd4f5791efbdee7944f94a0022a4e72154df5598a17318895487dc30cb1aea37007b3195a69f132eed7b3a41a2bce09ffdca48ec4d34c2

  • SSDEEP

    98304:Qo0LdGO0F97nRGgNfOBhymZR0H54Ph/de+vwlz4UXB+F:QdEM0ShRZIWRd9M4M+F

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

  • Performs UI accessibility actions on behalf of the user 1 TTPs 1 IoCs

    Application may abuse the accessibility service to prevent their removal.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

Processes

  • com.actiniums.phenomenologies
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Performs UI accessibility actions on behalf of the user
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4203

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads