Overview

overview

10

Static

static

10

loader (2).apk

android-11-x64

7

Analysis

  • max time kernel
    273s
  • max time network
    275s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    06-08-2024 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    loader (2).apk

  • Size

    4.6MB

  • MD5

    73fb74ba9966fb90bfc236a07c09d811

  • SHA1

    a0efc7e17e96fc358d6abf5fb4d256f33c7c3167

  • SHA256

    4e36c337abad2290f2c4e262f6e8afb34f6f33b0c3af5f4c055bae2e09f18fb3

  • SHA512

    a0c2ae2913960d2f8ef869668c7675960d01b050b77be206d95642f1e5c023d55fe628975cef863fd2da2ce1115438e41ca8b7b88f92f8ff5dde6010261deb04

  • SSDEEP

    98304:f3rXB9X74RLSmEoyee+nNOmz5zBy2Tr0tQqeTmT:TXoROoE+NJztUGq

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • com.hose.nathan
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Schedules tasks to execute at a specified time
    PID:4456

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-06.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-06.txt
    Filesize

    21B

    MD5

    79e3ecb9a6ec0c04d8fcdad4a537738f

    SHA1

    3817d862a35434e764f80bba3d53bc47abcfb951

    SHA256

    0f8a63db0e731c9d681e0cf08663f21033bd2aabf985d3d92e83c082df88dc3a

    SHA512

    3efcf89faef098f100d1d953ffd4f45661e1ece4ed48f4ec864b0ed40f0bda8e911af704d5d19c3eb880e83f01e4ade49d4cdb1a2ac8119cb5cba75603bb025f

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-08-06.txt
    Filesize

    57B

    MD5

    e3ac49f4e5ddf558b13d05ca357af3a4

    SHA1

    12d8c8e12f501efb76531490027ccf02f13d5794

    SHA256

    350a68242e812b5510bfa3b51dbd74f3cac9fc1d0d7176c1ded82ba40b507dfe

    SHA512

    7b7ff925826cee3c7580979d0a72d4fc0c06d51b3f4c40bfaa68d7a5fa5cf8b7e1dc8d19689dca7d4f8a583c1938a1034057b0f7430e4f36681671ba5ef9d220

    Download Submit