6de4ce17446b2bf3835f02adf285fb0069f0da7a6b97d0dee788c05e66462c04

Analysis

max time kernel
11s
max time network
152s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
14-09-2024 16:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

HKKBDN.apk
Size

1.9MB
MD5

78ac548c918fb937886b3be2223ea4de
SHA1

c5ec09641021174b621ac47a9c7eccf6f620c180
SHA256

6de4ce17446b2bf3835f02adf285fb0069f0da7a6b97d0dee788c05e66462c04
SHA512

c25ac169cfa79d0a73002776a7913eb94b30b6be08b0158b187afd046d8fec5bfd0712dbbba2ced04786200281334b803914bccd047c3f0e29f557d447723302
SSDEEP

24576:cfBS4YCUAluy0WtQnzws4zuIjkf+10ZXpBc1BBP3sjQddthrflGe/RGatFg95UZr:0BSj4bSzwfDkfW0EpzRAe/RxFg958r

Score

6^/10

evasion persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.example.dat.a8andoserverx

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.example.dat.a8andoserverx

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

Processes:

com.example.dat.a8andoserverx

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.example.dat.a8andoserverx

com.example.dat.a8andoserverx
1⤵
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
PID:4506

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads