Overview

overview

10

Static

static

10

8fdbd260ff...72.apk

android-9-x86

7

8fdbd260ff...72.apk

android-10-x64

7

8fdbd260ff...72.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    01/10/2024, 16:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8fdbd260ff78dfae55ee426bf591248c398051f22017d33c8ac56ebaf1177a72.apk

  • Size

    3.8MB

  • MD5

    92ccfac60e62f64d51f54ca06faa420f

  • SHA1

    9706a6aaa6613b2488a6c4376092cc0e482ee4b7

  • SHA256

    8fdbd260ff78dfae55ee426bf591248c398051f22017d33c8ac56ebaf1177a72

  • SHA512

    45af153d0c4e8c7eb4edd5a374e3f93f92901a9192dbff3ad8ce83b8a06d66dd57a0bf7713b1f1c2d3f8aef446cf9bd7cb2b358a468922ee7136bf178c36b0a8

  • SSDEEP

    98304:qJeZw3CCh6/D260/iuP2FmzpzB4TM0txB+ka4:qQVChqDsiuP2ozIfjk4

Score
7/10
bankercollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

Malware Config

Signatures

Processes

  • few.critical.match
    1⤵
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4964

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Event Triggered Execution

1
T1624

Broadcast Receivers

1
T1624.001

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Foreground Persistence

1
T1541

Input Injection

1
T1516

Virtualization/Sandbox Evasion

2
T1633

System Checks

2
T1633.001

Credential Access

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Information Discovery

2
T1426

System Network Configuration Discovery

1
T1422

System Network Connections Discovery

1
T1421

Lateral Movement

Collection

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Screen Capture

1
T1513

Command and Control

Exfiltration

Impact

Data Manipulation

1
T1641

Transmitted Data Manipulation

1
T1641.001

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-01.txt
    Filesize

    33B

    MD5

    d6c0bf70ca8cf5af5036c42880e8c555

    SHA1

    8c85f9d016f01855432aef042e66ba2a67fd6825

    SHA256

    3dca3120562c8be3f51910e258e40cd8f3d16f98a630f09811b07227c5ee9bd7

    SHA512

    3626bbc9d6b4e65e65830ae7c1e3d4adf7bbd5ee811f0b97ec49f6f9e4331ef429f5074fdb556db10382e3636d70f3f9512773fde77d4e6972cc7149ee377f2b

    Download Submit