Analysis
-
max time kernel
179s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
25-07-2024 22:01
Behavioral task
behavioral1
Sample
22a60955bc2861bfdb3980ee41f207f078e5ec1ddb10bfc47131de101d76f423.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
22a60955bc2861bfdb3980ee41f207f078e5ec1ddb10bfc47131de101d76f423.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
22a60955bc2861bfdb3980ee41f207f078e5ec1ddb10bfc47131de101d76f423.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
22a60955bc2861bfdb3980ee41f207f078e5ec1ddb10bfc47131de101d76f423.apk
-
Size
773KB
-
MD5
bf3bd1f0d07c7944c254a3c0cf1cc9bb
-
SHA1
71addce19d0dd19c288ab908397d65600130d320
-
SHA256
22a60955bc2861bfdb3980ee41f207f078e5ec1ddb10bfc47131de101d76f423
-
SHA512
bf4e65a606040abc09aa3df11f091329db783655429e3e6cc826d1d7c249808bdb6a5e0c49baf4daa0fd38509cdffeafd804cd9196a1396884c936f1e2a36680
-
SSDEEP
12288:tp6J6sgRwLz4A0A5Ct35WmpYshXZPbGwidNpgBY:KJ6sbLz4FAYt35WmD9idNpR
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 2 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch