cb6cf5ffa406dbea2cf137e97a3fdd6c04ef42fe76e09bf2f4cc837fd57a5c69

Analysis

max time kernel
168s
max time network
154s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
26/07/2024, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cb6cf5ffa406dbea2cf137e97a3fdd6c04ef42fe76e09bf2f4cc837fd57a5c69.apk
Size

1.8MB
MD5

8aa766c6e7aaa0a078238bebcaa472a4
SHA1

de41223d38b5e0ec19936a57b1c8b1c84bc7edab
SHA256

cb6cf5ffa406dbea2cf137e97a3fdd6c04ef42fe76e09bf2f4cc837fd57a5c69
SHA512

cc66d69a6fce08933b30addfd2ed3d152dd24906aee835509452417aa32db1a66a973bb5f2ab2e096661dd0720a406bd1b88fc92cb0ca3b72acbe1c2806ea577
SSDEEP

24576:hY13cthBl8h0tcnyxrDXiXXMQvy96healOeX2rW6aI/jS1tCpFrwo0P5h1ioM0WA:hY1chjYQxrDyMQvy9OB0a2rW69vfZBQx

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Input Injection

T1516

Screen Capture

T1513

Keylogging

T1417.001

GUI Input Capture

T1417.002

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4966

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Input Injection

T1516

Credential Access

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Discovery

Lateral Movement

Collection

Input Capture

T1417

GUI Input Capture

T1417.002

Keylogging

T1417.001

Screen Capture

T1513

Command and Control

Exfiltration

Impact

Input Injection

T1516

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled

Filesize
24B

MD5
0fbcedf7eb852bbd04a881790de1b6ca

SHA1
bd6ca33c2a1f3270f21758c8dd4625862150109a

SHA256
bc3e72570745364fd906368609d9d106a9e82619e3cd094d8064b984c3579840

SHA512
2c7dce924b4b1e588de4ecbe7ebd8276a5dbd0bd1b8489d1cec473f2bc151feca9ecc857bfc8aadb263cf3ddf20c1088d0bfec086709d60cb6d933c7ba48e03c

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
79a78a889ac77185d6d86e152133b69d

SHA1
6c8472cb2fcdd8291030588f496009dd72f40630

SHA256
87521035189e06ef0559aa87befce60a0a6fed099af035b71b862888d13e184b

SHA512
2f6d860028ac371e03c81adbf3ef5bb38881d24b37e378a4b0fdeb7f76da9dc581f1b7ad704fcbdae383735303dafe4024ae036c787fd20607d75c341e83fd91

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
1KB

MD5
2cd751a7b817ef4d4d7e2790425da3ae

SHA1
dd349244cb77a0ab9a5c4226b07c1a6335e8537f

SHA256
2e67456be60f73035ca6ac55e99a1138e2804c43f6d9feff9fc363363f7c8623

SHA512
8fdb21d7a837d72fe890ae7516e191bc5bfed66ab48be0ff35a8903a19928af37de03284722d08cb0a8f00f0a239ab768e3856b9f8432ebae9c124ea067e4e05

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof

Filesize
2KB

MD5
628eec03f780840f2def04d5163fa664

SHA1
f7b5e1bd127121567d3d6310e85b13155f0ce7f2

SHA256
4cb7ad8d400c83416a4a2cb90f39875927d6f61b0c07721a5ef6696a5879cb4f

SHA512
9841e4dfecb1b8ab61eae445967674eda2450aa4eb53b85f1c7209c917209d9022647846d630d623490173057e15ed345c3fcd036403aae931ad3df926d3a9e3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads