Analysis
-
max time kernel
179s -
max time network
140s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
07-08-2024 15:21
Behavioral task
behavioral1
Sample
7296ee350b9b49c00a9f5fdf972d8940e651201e9badef15d2f800b8344aef46.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
7296ee350b9b49c00a9f5fdf972d8940e651201e9badef15d2f800b8344aef46.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
7296ee350b9b49c00a9f5fdf972d8940e651201e9badef15d2f800b8344aef46.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
7296ee350b9b49c00a9f5fdf972d8940e651201e9badef15d2f800b8344aef46.apk
-
Size
3.9MB
-
MD5
023d23eab042dc54c4fe9237885d3ec8
-
SHA1
eae8be7fa545aa57ecf6fd3f6914d14039b9d107
-
SHA256
7296ee350b9b49c00a9f5fdf972d8940e651201e9badef15d2f800b8344aef46
-
SHA512
ddc786793aeefc4efd0c936959a051aeca8e5c19eb4fefa02fa46a6b8899e1d6165e912feeb2e68ef300ccab9c369755bebfd2824b62f34ce9e443053640f2f4
-
SSDEEP
98304:gSCol6K60YEJkf89G6gOmzezBiTK0tdaTCQ:grxEJxgJzbpE
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
dg.items.trenddescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId dg.items.trend -
Acquires the wake lock 1 IoCs
Processes:
dg.items.trenddescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock dg.items.trend -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
dg.items.trenddescription ioc process Framework service call android.app.IActivityManager.setServiceForeground dg.items.trend -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
dg.items.trenddescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo dg.items.trend -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
dg.items.trenddescription ioc process Framework service call android.app.IActivityManager.registerReceiver dg.items.trend -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
dg.items.trenddescription ioc process Framework service call android.app.job.IJobScheduler.schedule dg.items.trend
Processes
-
dg.items.trend1⤵
- Makes use of the framework's Accessibility service
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
PID:5057
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
25B
MD5dd0fadce39692684e17de7983b5eeb41
SHA11e75ad3b165628a6188cf6ff0def2a88a4b06e04
SHA2564a62907018224e1d555fa84527ee092c94d259f4890826730a59285d43a6d05b
SHA512841e946ff545169a403b90da0374bca37f057b0414d389967ca6582e511946f0b920fed96770e4a767f69eea990939a5f4b34e208512e049b790aeee9c700604