2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
19-09-2024 02:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk
Size

3.6MB
MD5

39fa2c58237de702fc3458251f358cab
SHA1

16e4e5003046f5d07a0fb1eff0dad56d9ce53be3
SHA256

2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc
SHA512

023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126
SSDEEP

98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.systemservice

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ed91edcf28a95ec5378af4dff098c134

SHA1
4a9f69dc07d208393a04df9fec7342652eb92a53

SHA256
cda1885f95bcc288564c7f6c77167e1dcb6bd550d1ca81f8d76149ff3a3ae200

SHA512
d950ada5705d15bf51cf5efd499459ee8db5274fc9d5e48956128ee2de7ab305c5461bc321f7a25b6bc03050bf4d8e690a0c3df654bc7ec6816b818af94ae3f2

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
f1fc8ca07c94d14dc25d063a68258938

SHA1
5438ce867e2aaef488d2605d73abac5f920eae44

SHA256
0a07c56a97d8d5ab8e40fe81d788f49823d98dd7f5f0d447962845b97a450c8a

SHA512
f2f5078a7f27e15f9b9da40830f64db283732858d2577add8bdd7180ddf94eb6ebdd100ebcb87dc3e0f6147e7b340543bedad213cdb8592ae54c7cc216613f42

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fa2fbd92dfbdde1d358d4db4f3902132

SHA1
13bd75921662e54ad32af6922105504d0876432b

SHA256
3d8349bd7a07b19948242caf98d8942af9939e9ce894114272757bc1dc94d6e0

SHA512
71ec58994fac5705dd6bb159f63905de5767a282732f1918fc34304b51500819f91775ff3c7c3c5b5c76cbb9eb8036f91033a7dc49f739e91bc2afe04a5cb725

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2e94f57143b3de2d7e014de984507db2

SHA1
9d1f257c174ef89538f79d2503299370433727bc

SHA256
0708a36843ecccbb04bb0d21f6f42b546342a9cf1f46dbe878e17ea0b599fba7

SHA512
3b1ce17739c482939f2f297597a241379a1e40e0edd1afa22a76b68026b7703b9d52f24b1704daafac6c58d5e87a39a098edb2fcf3f72f24092a2cd5aa90dd43

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3fa501f05271d1e0ba2b9e582e0c083d

SHA1
0a0856fea30de2e84c05be12d64ec727771e5aa3

SHA256
f68e94da38a089c3bf01a62cf54850d6d7a4bc4daf74654945732299df34507d

SHA512
0bacb8d420be0e057ca0dfddfea1d2003766dc23e004c3da4773402a45713474cc945dacf621ae6ad8a602929022f591a37650b1705d9ef7e213852318230229

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7eb1dfc6dc1ce79dccdc60857340cae8

SHA1
2e52d1aabc734a90a51d75af8873920fc0ad54a5

SHA256
98b954bdd5d40910ebd555929595fdaf396351a947d5e2a80901f7f0af1161d1

SHA512
cffccbb382d02752aa2ff36d72113d12aeb65bef882e8460080446a9882a4df1b7464c3ba831943a71efb494c731727babfb797bad9b222808fdb5c99a571e97

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
09ed24a4bc56f3cf8905728a8db35ec6

SHA1
b95921e767441dad5957521063077b647148c825

SHA256
7e33875d578824fc76acd847897940e58bedb7c9dd681cb329726c7186a8f1b0

SHA512
697c07928b0d7146fe5c074585367dc50efafb6c4fe4c3ffd70f923cef0cbf10154bffea7349dc3d330471cd586ba78fde1d4d521e13223c2ade71acd5375cc3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
05032674e63f29a1252626ad7a8da275

SHA1
92496e43c2fc5fb2432ca83ddd3f4a2e1dda1dc6

SHA256
5796feed6ef355d4c46bb0a3d961e1ca5c8104705ced4ceaea29a40bcdee073e

SHA512
53d160e58263a330c9c8d218bfe70bc76c98b159f0f039ae49558ac8e5fb7a96513b538341de703a601549b9e3b698a225db62beaae00679c6814591553a012c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6abc0878d59af87078e36ed8777db59d

SHA1
fa0ed3e937f3d943dad5d82df9519bef5269a744

SHA256
3855b7ee13422ea348ab31bec2b35017a91492290c0c3047444f3919fc9e02ef

SHA512
7cdb978e1b1e24b12ed75ee3e0175dc0e3ad1d66a24b1a5f5c8e8fea18e3c3a309db6ea694bad5b6a477b1c775be59d7fd7548676d9ee21098dc35b849d906d1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8b6af1b0d5b25335b7d9ae4415fd66b4

SHA1
07f0e33b1e4347c8a7a46df5b2798181917c9ff8

SHA256
45d93d5bb210d47da774115034f72e6dbe4925ef2d85ade9de06463d23087ec5

SHA512
8436d3d76f8203b8bbc36db9bc27b0dc5e3242f1123b037d9c594dfb7399c79d738629f0f73a72586e0111c5bdcd7219b990007f8cb09214a6755ee19b12d639

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
33a2a6fadfadb09f2cecadf6b859e18d

SHA1
65344d391af9724b0aad458f2ce96ab8590734da

SHA256
064e128972cafeb29ac810e556f74d248d40a6e54b79728c9b558e992f08af1f

SHA512
2289336c95f9963305b1a540bed4c53699aa5e6dee5203f02385a0dfa62a4d28970b4eea92853afc1626fc4072e5d3dde7314117c5bb4a6e964edf724d9a16c7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9c9306f64df1045af0711ae1906dacf5

SHA1
fa670597fb475c644ae585b24194813610c2b2a8

SHA256
861d7362653fc42c8e7184aea832a3e3346c315157b0053a15ea35229a8eb9e9

SHA512
7ee39bdd6cf6e8405a27d936eeef1eb210ce909147fbad55421fbafe1f7df91e0ac7477fc60651676d84cedd9aa790971c306db4ea19c52e068f16dc490b80cf

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c507ba5f4033541bb6729e76c23dfaa9

SHA1
be2fbda4283d8bf126070b43e79fee36099e0adc

SHA256
cbfe6bfac0a2498ad6177c458616a85582a829b8b1527a7982e50d23e1fc4a83

SHA512
05e7dee0c0bc23d61a0d3f6db10b45a9111bd1e018dd9443341b057d0fd16a98f762da47733b40d889e9eafe0913e0d833bed83f8ff6e4f8bf48e32b3b08c5fc

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3203989368744419229tmp

Filesize
90B

MD5
052064a86e39a6ba990199c80bb997c4

SHA1
cb73781f1be82edc59e38134a4065a8255a4392e

SHA256
fcd7f7d0e47d7e342cde56f591affb4ee3853cac104305cce40fd2f14f267764

SHA512
9bdae72dfc2adedcec92d253395c5759adb01bb6e45ac4cb5910efb20e95eb2728271bd2a3a143c898f801eb839ce5c0564bfb50676e9caec04d1dd2021c2a9f

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5100313363391910240tmp

Filesize
554B

MD5
df0b49299c7efe346ac1f28884cce722

SHA1
07ba4d62611d446ec4192fe92ee9b34c02246d04

SHA256
8c7a17c26e16a8709d68334e7a6bfef147e2eed8ce81ecc96c0b1c3aaabc7cc4

SHA512
8ce0426ddd7afdad8dcb3970beadeb5053cccd208ba9422f7c588c8fc1920a9b4c976e8693e18ff2b4d4e0a762e496dd1253e6a80b5265ac500b7e4ff771c36d

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
fa46b8111c7ae916b2eb5478bf976b44

SHA1
0e2c4d8556f72d4518d0b232ebd7c21eee2a4a45

SHA256
21229585d351095f8216f902627b27188ba06f365c33ff20ff9a99ac43990208

SHA512
6284c5ee40564769b6ae5c41456672f10cf06d516a14ea73bda7c399d5a5114b41012dee03fd6e415081e7c034d8e02df6454efdfb6d2fae5fce4203e3c593a6

Download Submit