5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

Analysis

max time kernel
17s
max time network
144s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
22-09-2024 01:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Size

3.6MB
MD5

d836feab9d4bf3c6cf086bdc14724c8b
SHA1

c837cf7b181679a0081165e5fe4aa0eb94f748f8
SHA256

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
SHA512

8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
SSDEEP

98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4251

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
e4c49570aa537c470fdf9f32679f1185

SHA1
a67a211beb6eee25954ff4d22f0d655ff9c59e44

SHA256
ad6d0183f30ef2b806112ece2c4da233ba73e0bf23af880ac58ebb22672fb832

SHA512
b7aacfb38fde4503531eee9854d5e58ef32ac868dfabe800165ebca14a537cf31cc7d5112cbf52039a1c1d994b5e1b94a4b89563d984864dbbf82fa1e922a2f9

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
9d0770098dd444dfca8408c0c80e62e0

SHA1
aa24fb0a5fcfeb249cbd10ddf2c83e5a589c482e

SHA256
1c8a85daccd87e4d9641c9af209ed1517f925ebe21d8a4f70641bca1a7ba755f

SHA512
c5d6881221062abc13be05c7017f138d7089c2860a297fd5fbdee2fea1cffccc7286279fa27ecc7ace2f02025e40df3da3da31bee06d26376c365910294ad766

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
31e5e19394f699d9a7d4f8d888a42eb5

SHA1
cc2a001bf718fe7ff1d7aba31f96c2cf59ff7fa1

SHA256
928a648796b1236af188d32aff0baf003a3101ca2c50d195668516861a866c09

SHA512
a18f33c7a52ee26f2e9e3d65834f4cbf7e45323aa9dcf7d48e91019bfa2771621a511c80009a707e88fae702579a0b90c72ba873bbec7810a9752b3a65110872

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9d88c74b697c32633c2f41548f301187

SHA1
708102a9aed450fefc5e4b98caecba2a05189696

SHA256
9112ae18f2a89dc29fb93fb47149702b1f8545a5cd2f9613139f2860311af719

SHA512
23355d331869d86cb8422e7ec00b2b1217f43eedc76b0675c5cc0fb9fe0dbd3c067d80534e5fe14a9f38ec9bdb746a20cd9e38f69b7f853d2a02b54c91faf0b3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bf2ff738f0aa5d3f97b0f3cfccba3177

SHA1
d217f184cf2ded31064504f53186943e3d3d01ce

SHA256
d378a838d9f393fc43135c9f547673e1a20ca59f8183352ac93d06cc301f5bb0

SHA512
4d6ffd0ee94f91cbbb7b723553723e144360be9a67f2fc3c71c5f46a13739580dff64708cdd55edd8e9dd53a2e86003b072b519fb6a77d353c6142113c6d7f66

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dd7108e83b320431d2c921aef3188670

SHA1
035a148d6595fe899d1d570c1d07b5182fe6dda5

SHA256
8166f57bc871a31950a52da3b290f428c14e81d1e81907420d4b76621612259d

SHA512
e72e8d6f77304c0bff15afc120353a5ba0625a2dde8c8fe1dad6f0c0c7125cc6e8af1574ce792a9e7b4c348ade7d370d99a8d575cdf107ed98bc91b9ea5b63e3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d65a4fe4c05b818316de3126b8d9f2a6

SHA1
41e1814af943cf150b172cd43e48d25d9a39cde0

SHA256
6d4e1baa312cceb61425eaaa7e66701715231f7924c6882bce4addaf8b9b3772

SHA512
cb5915a4b7f16d42febe6b66e37eb8112ed25a045b11f4593d3e5331b725217b2af1d572664568d2b2e23ac0ca199879bf5968d18882035a01f6fcef7c96d470

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
55fb5d40b15ade29eaa712a4e1b2bcc0

SHA1
67ca2d96e70077489e8f18d115031f90a5792416

SHA256
fdc4baa57e2cb2d38b5b253d9ea99c280957117dd29a4c54a80b4e0331cbaa6f

SHA512
5f222c9567f98f6bcc005c8551fc40671df4344b2887399b6d4192715777acf63e2097922ec182468f846beea3ef9359221cbe760bbb0a1dd340014c3cfa8b22

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2414ee3be53747fcc191c7a081503cac

SHA1
1cf3f64a4e144441978956edbed474058e775d9f

SHA256
15521e30d9d4755089afb6a2a78c603b85b046103f1b1f249019ba9079d124da

SHA512
26178d8ae8e7ff311cbc9cfa0e956c4b41bb740258c766103a5b8cf881a0075f6100bbee3a4aa24c84410871a1f06ecc1ef1b0a2ff5bc5567588b73a3e2a621a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
662c7d8b0608f8f503c985fee9c616d9

SHA1
33745e8406874e19791c8dbe4a469439756e2fc1

SHA256
8cdaee2e10a052c511fc0e91e8417510327c91bee995d4716312aabeda2ca67e

SHA512
bbcd983b4e6c33be1bca5e9744421f45c95b1c533e4fcb82a33fb8ef30714478b7418ed441feab2fc0793b49737acf09b5f163c47f667146a16762b31cae29dd

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d4c6da9116806dd221e0a31cccd5a9c0

SHA1
d86818ef7df4409fdc77b64470ad60d4e4c3f10b

SHA256
a136b6dfe6021007731b91f95d1f7b6c2739ff8211f3912a1f829e3f1cea4830

SHA512
aa060559dc506fe46f389171ec099c403d49f1ec6a550185fd56697a60a3578f17c0bcda485ca07ffd0f156c6eab60d287f692399521e178da078529675febd6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
eb19476c92ce48903c0f026f263155d5

SHA1
82c4be82a5ff24968596b20f3f5076437087c7fe

SHA256
bd74a5a7f4bbbf497f9122c76d37cb034bf219d8986d2dd8bc7e3f027682a9a7

SHA512
c3b47db83d6c329de02acf3d86972960127494e00df4082f3792862a89b16c7ad97895b6bac5b4abfc6955f6a89b8f01391cf45915f5d324d0b1b8e8aa4087d4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
377aa803c327cbd2887bb5b1c18ded94

SHA1
421b0e4db24c2848f7591f67c1723d315eb50f49

SHA256
ff23d88ee7a58108155bc655127ac5aed8048a0413b351f6f00e585f495e203a

SHA512
1ce4373a2e249d86ab15106a6de0f5ea25c9a33518301b139c02810c28d8c22195ba71f1a8323667b0413dc7fa1fd67eb7eec3065a30c92a8514fcbb51d0cbc4

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5825424179914252691tmp

Filesize
557B

MD5
5284f8101367650d2a5bc0d7b2d0ded1

SHA1
8ae5b09e83e6e7e3f0e93492fae9dae542c246e7

SHA256
bb48bf81c4b9700c6fde33dad0b6e24ee50e5cb69edd3eed81892ca91ca440a1

SHA512
e35c81c247789e0dd3585361576d5a87b08b05e474e3a679302ce506fbfc2183056c4e88b68cf0135cf09ec9f939abdf0c74718eb02558ebc55aa82937699a98

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6832747156426405626tmp

Filesize
90B

MD5
027597639259b32f646877b4020b48e5

SHA1
72ab5851e420c8472d6533dd229677efc7ba9d21

SHA256
f4620f17af78df115a21984d048cb6eeced61a6e3c53eb50650d7ce9f6cead43

SHA512
683c481a5898d66c227f0f1d969c2b3da4310f6c7c4ea5d2a7fd72de21bf1b4818f64f3bb72d6034729b05b5a990494054addcee9affd1ecbf93e62d69baf366

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
3e5123c95a26a0e1780de7906ae4d6d4

SHA1
a904e9a938d31a845be5568dc6c71a493f48347f

SHA256
4e938b66a32e1f89542eea03be5ec5dae9c1fb8a07166344d6bde3bac7cb81cd

SHA512
fdd061c9f4441b91ab2958e39dd7a392fe349ff05341aab0d767003e9f1bee4166b7759fe9a48216d9fa383104f169fc147a5860a07f97dcf297199c1e8a920d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads