Overview

overview

10

Static

static

10

f062fbbd5f...ea.apk

android-9-x86

6

f062fbbd5f...ea.apk

android-10-x64

6

f062fbbd5f...ea.apk

android-11-x64

6

Analysis

  • max time kernel
    125s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    19-07-2024 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea.apk

  • Size

    3.7MB

  • MD5

    05e92d583b6aeb03d4b32b69621a031f

  • SHA1

    4980438ef73b6d7638fa642e4e7e2915e814bda1

  • SHA256

    f062fbbd5f8f13fc2055f2395510160aad665250edb0777d84ed290470858bea

  • SHA512

    0d6e28ed4d01736b904dce1b2050f2c55939e81ff55b7bda982321200c1fd114b5ce5e6cdfe2a98bdcfec89014f7de04d1646b8758dc024b3dc1065f904c1ed8

  • SSDEEP

    98304:mUM/iZqMh7w2sEIdqGJM3CQxY0Mu4KXKpTX5zKeloXjH9ks0LgZ:fMM7wVE4wCkV4keloXj90Le

Score
6/10
evasionimpactpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Performs UI accessibility actions on behalf of the user 1 TTPs 1 IoCs

    Application may abuse the accessibility service to prevent their removal.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.midshipman.unshrewish
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Performs UI accessibility actions on behalf of the user
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4993

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads