Overview

overview

8

Static

static

6

02da04946c...18.apk

android-9-x86

8

02da04946c...18.apk

android-10-x64

8

02da04946c...18.apk

android-11-x64

8

PhoneGsmService.apk

android-9-x86

8

PhoneGsmService.apk

android-10-x64

8

PhoneGsmService.apk

android-11-x64

8

Analysis

  • max time kernel
    3s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    30/09/2024, 19:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PhoneGsmService.apk

  • Size

    332KB

  • MD5

    01a97a75af426381b0429113b58e8640

  • SHA1

    31d41a44fce67cb5d7f89be3bf7f7738809d90c0

  • SHA256

    8bbbd110a1330b215a61542bea03bb57aef775da90e9bb1ca23a30920f66016b

  • SHA512

    2430656d81eec233f432569f831e369fbe21074e25ff0c7581ebb3642fb1734b1fcb02be77be0f620f69b298817d10e4f50798424844ce1db10e1d6cbb8647f4

  • SSDEEP

    6144:emIna1xQ6yvMAuHLTaFPF+QduciTGPqqI6m3+PU0cIAmgkfo:exatyvMvva/+QQZTGPFDS+P3cI/gWo

Score
8/10
bankercollectiondiscoveryevasion

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection

Processes

  • com.phone.gsmcs.services
    1⤵
    • Checks if the Android device is rooted.
    • Queries account information for other applications stored on the device
    PID:4217

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads