cb6cf5ffa406dbea2cf137e97a3fdd6c04ef42fe76e09bf2f4cc837fd57a5c69

Analysis

max time kernel
168s
max time network
154s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26/07/2024, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cb6cf5ffa406dbea2cf137e97a3fdd6c04ef42fe76e09bf2f4cc837fd57a5c69.apk
Size

1.8MB
MD5

8aa766c6e7aaa0a078238bebcaa472a4
SHA1

de41223d38b5e0ec19936a57b1c8b1c84bc7edab
SHA256

cb6cf5ffa406dbea2cf137e97a3fdd6c04ef42fe76e09bf2f4cc837fd57a5c69
SHA512

cc66d69a6fce08933b30addfd2ed3d152dd24906aee835509452417aa32db1a66a973bb5f2ab2e096661dd0720a406bd1b88fc92cb0ca3b72acbe1c2806ea577
SSDEEP

24576:hY13cthBl8h0tcnyxrDXiXXMQvy96healOeX2rW6aI/jS1tCpFrwo0P5h1ioM0WA:hY1chjYQxrDyMQvy9OB0a2rW69vfZBQx

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4322

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled

Filesize
24B

MD5
60c6da14feb422370a640ccd099546bf

SHA1
ce07d40c0f1b77cdf70258155f590f4ffc4d4472

SHA256
71cd512edf771dc94b5d4741bc2242589a65590177a897de9fa1677b19d6aa96

SHA512
69387412ef6403866a4b7cc9e02f7e4b30c7ae46921796c899943376c4e4fb84d5d7d68c7c15ce2bd6e09e99554aef86386a780f68b49934f33d77201b295d12

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
a34065d493bbfd34375e675b88c781d8

SHA1
f2bcbafb034be640a92224c483b4f5e7ff5910be

SHA256
d3697e9e4dfd130a950504be859c13b52a0fd1c883d8429d7369a4f4b4bc069e

SHA512
01e317162c77bd36e430b22b0de8b044ad994ac451a1d0d96c8b9c103c8b66705d831cb46ffac2810ddbd84fd787eb6a798072922712b1410631bd676f94370c

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
2cd751a7b817ef4d4d7e2790425da3ae

SHA1
dd349244cb77a0ab9a5c4226b07c1a6335e8537f

SHA256
2e67456be60f73035ca6ac55e99a1138e2804c43f6d9feff9fc363363f7c8623

SHA512
8fdb21d7a837d72fe890ae7516e191bc5bfed66ab48be0ff35a8903a19928af37de03284722d08cb0a8f00f0a239ab768e3856b9f8432ebae9c124ea067e4e05

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
f0a6cee355daffe240029d5aac326db1

SHA1
8968499f2cb545e733385f164c8d79cc17036e70

SHA256
0f51983ce351e868a9edcaf9fa633cc38ac502db432dfd85388a377b67d25f25

SHA512
d2bf7b76404624b975d201d07d79ef7698e235bcd21d1548d0056981f0751c084a2edd0c64a91580442668885b7a535d0f5b3f6eb2063f2b89ed3181c513ab30

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads