5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

Analysis

max time kernel
3s
max time network
138s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21-09-2024 02:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Size

3.6MB
MD5

d836feab9d4bf3c6cf086bdc14724c8b
SHA1

c837cf7b181679a0081165e5fe4aa0eb94f748f8
SHA256

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
SHA512

8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
SSDEEP

98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Score

7^/10

banker discovery

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
PID:4964

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
bd5d185141ab23b4b8a17e6a17a6961f

SHA1
ae2e23c3055b768a80cbde3cc7a18fb54c9d1dd8

SHA256
b9f3711ebad0824619fa5d7693c3e462af2aa3233991fcb823a85d7f68e55658

SHA512
f6423f6176aec04b954d8b81f42e49b540253f1a0ae45bf38ad3351fcc2be849bc907c6f4b1d9be12f86f996b0a0ebd1d7c3e938e297dd8fbdc88a02f17079ed

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
22ff2cc8fdf9dca6b460c54e1bf935a5

SHA1
8f6802e2d7828de63a91698a25ef1c47199f57db

SHA256
7f2159fccebd061f9fc35138eb07de0aba851eec1f24c4a39d167cdbe7db1a5e

SHA512
3efb26f595feda3e245eef0fc6ba54d507e46104a924d33bc479d77f2afc8af35a1d11765994bd28fc5e9e1f4028b8ca451f0d95e50a05cf592f315674e3c07e

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit