Analysis
-
max time kernel
95s -
max time network
102s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
06-08-2024 08:44
Behavioral task
behavioral1
Sample
loader (2).apk
Resource
android-x64-arm64-20240624-en
General
-
Target
loader (2).apk
-
Size
4.6MB
-
MD5
73fb74ba9966fb90bfc236a07c09d811
-
SHA1
a0efc7e17e96fc358d6abf5fb4d256f33c7c3167
-
SHA256
4e36c337abad2290f2c4e262f6e8afb34f6f33b0c3af5f4c055bae2e09f18fb3
-
SHA512
a0c2ae2913960d2f8ef869668c7675960d01b050b77be206d95642f1e5c023d55fe628975cef863fd2da2ce1115438e41ca8b7b88f92f8ff5dde6010261deb04
-
SSDEEP
98304:f3rXB9X74RLSmEoyee+nNOmz5zBy2Tr0tQqeTmT:TXoROoE+NJztUGq
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
com.hose.nathandescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId com.hose.nathan -
Acquires the wake lock 1 IoCs
Processes:
com.hose.nathandescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.hose.nathan -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
com.hose.nathandescription ioc process Framework service call android.app.IActivityManager.setServiceForeground com.hose.nathan -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
com.hose.nathandescription ioc process Intent action android.settings.ACCESSIBILITY_SETTINGS com.hose.nathan -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.hose.nathandescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.hose.nathan
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13B
MD5de2c41a51ee9246eb1708f65b511add0
SHA12f442d634c8a18760a232c8829d4b5d74a52f074
SHA256ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab
SHA5127cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a
-
Filesize
21B
MD579e3ecb9a6ec0c04d8fcdad4a537738f
SHA13817d862a35434e764f80bba3d53bc47abcfb951
SHA2560f8a63db0e731c9d681e0cf08663f21033bd2aabf985d3d92e83c082df88dc3a
SHA5123efcf89faef098f100d1d953ffd4f45661e1ece4ed48f4ec864b0ed40f0bda8e911af704d5d19c3eb880e83f01e4ade49d4cdb1a2ac8119cb5cba75603bb025f
-
Filesize
466B
MD5f9c03fa00ed3aae2c1e590efec530d1e
SHA172fb60e8c6a1ca66b43bdc4c35ad825f2861e840
SHA256212140f06ad533d9105052eae813fe0024806b78c9af264806b5188d43ba41a2
SHA512f9c49f49c665aa19edc4f361904f2283057de6496e3afc154e4cc0f97571f12d49325fc7193012171c0a06401a700deb3f6b030dc8e12d2f72c976c68852daa5