5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

Analysis

max time kernel
17s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
04-10-2024 02:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Size

3.6MB
MD5

d836feab9d4bf3c6cf086bdc14724c8b
SHA1

c837cf7b181679a0081165e5fe4aa0eb94f748f8
SHA256

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
SHA512

8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
SSDEEP

98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
a25b0fe1451fe0836ca5edd5492786f1

SHA1
e83162f11463d54bcaaeee009dadb10b2f697402

SHA256
8046bfb78c3835d819b1ef6799bbcd01dcea198aa6ada6a7f00edc7d88be6c20

SHA512
4c149d531e7d34c58e055252d78c5e118ada6b7d8c581c48cc647c372d5187b9275965671a9427075b088dd42dd6174f904d4a611d0fd63a777cc26931bdb402

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
15e44c61fe0dbad6f09caa7c1189245c

SHA1
d095484720e6cf3b4e28a2f18aa5547d5ecfa64f

SHA256
1cd5306a748328a1bfb14de0b14df612e2f299dbac0650a1c65539f614a87445

SHA512
9f8c3af93388dae8da144492ad79fd297dc69121eb9a99a2613fe7eaa4c85dc46ee27de8d849967d4654e9e5091a42e23d2769c57bbe4f13fe54494f6f7b91c6

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
512322b8bc582bd061215df019939186

SHA1
bf780733b390579ef3912ecccb8932dfca398d69

SHA256
eaab7c0394d0140854e51f55ff946f19d72109de820e4254a70e48b88b4bd895

SHA512
d970ab4bfeabbaaff0548ceba5dcf5997d56915bbfbf6c8cf0f2535746265c422edeb164bc2f74ba1f0d45f0677cc3d50a362b6d23d1fd841694c6dba887b68e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
057c78c9039d3a7bd04b4149f7a7cd20

SHA1
16f61cbe28d22fd4ba091355d4ea6c360cebcc81

SHA256
6642178e0a925db9bc8adeca115808ac9d04d79c437326a4a1ded8e29b339c95

SHA512
6f289906d3c060ac63c143634c51ef0b96ddbcc32c05cba096655a8428ae3d6628fa4f44ac0a91f4c74de9ea33e6bf0d1c0773cf20fca67030da68e50245c8e4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2d38ee05d663a93e7dd8196926522045

SHA1
e06424312742439a089ba0aed538637f85a85d4c

SHA256
42d4c1c98626f3cf47b2da3535f779a4ecb593393b90c2a93b3ed583925b0f93

SHA512
b493da83ce6051747cf7f917b2704ed668aad83eced49c60db443c0ba1c20417e5ef37e22d2fdbd4d8b5d82bab79f4ca6a03348e538c940b3dee498028a6c914

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a9b66579b184315fbe194487870a51cf

SHA1
57189ff67b04e6a164efe80075b3a198b059008c

SHA256
10cc987e4d1c16f79e1df9f7141bc95720ae34bae2794e0234e135af62ad8e25

SHA512
49d52b2b077305221b306369b782544e081934f5b414db422224bebc0159538efae4c0717758ee2a5851660f92703b31e719c675a5e7af2cc0687dba0327e970

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4512d4b76abb5e0aa90796ae1e90cb1a

SHA1
68032e62d9c4d17dba2ce0f6dfcd8349219ec2cc

SHA256
e33d997ce0b553d347db6746c148dc27ea07b67da8ee2b7901aa634bfc491b5b

SHA512
14bcc15f226b6574a46bd6662406f32b208f8b5ce6225fd44548f428885cd9ebc223dba12c4e92da444d61bc98230726097afadec9923f1aeb34e4de90ffee20

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
52fbea69b6d683e8bcc3a9a2952ad7a6

SHA1
35f8b852ba1cc85e9c3ef36901ae993de985f043

SHA256
131b163bedea294fcb0b71d02ab3f3ade0ee71645e4eb20bd6254ddb600266eb

SHA512
589d3543deed458777062a3c7074e514d8eed53cc2725bcb9e8c30c0a1dd89469f7b380ffa00777ccaa62a440c06f63c50a63d1c0042a93a8fb86df19f6ae621

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9b9b0ee3a1ce1ba9dc8ff64e916d34de

SHA1
a6a62325952b44907b4332d751dbeb206ea3dc9d

SHA256
9fc8a5571496e9eda4a4e19e9ca367ae6d6799f5b284b12674aadf24866c5b20

SHA512
bad668a67d772975ceeabbd2b9ae3bb97438ef76d34e5a1b887fcdb3e58c3a023078be3bba15720970f5a843873a5e39f75589a173955a7fb54d2b08686a3cbd

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
58fb25e3015cf606ee16639998ce7952

SHA1
96ed8bb0b8090f75f1bf6c13f7e9915c43cde715

SHA256
d52000e5775c9a566e98731811cbe0b2a9279a52426e8e56238e28e851ea884f

SHA512
7268a86ab69e5f0c65876a6e6bfed30f2705d994bb6e218b234664334b14b561b30bdba42a29ad3aa83b5b0552ce2571d0ccd79a5d3a9abbdc870384253d76e9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
92a10855dfe95236fe1686a163f8d19b

SHA1
73ed89af1c5915ccd37a8d761ca8a26e59df9b92

SHA256
5720916c8aa50fc6d8da9dbff29052cc0b15ad430c86c4cf9bfa728bfa4c6a31

SHA512
82bf5eb92bdad8a582cd89dd40f13f32d3982e3fb71078cca7120d64368746d347df81eafad485331cd0e30d2354eadd982a59c8401e8dffd494d06a80e671fa

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d41032cf9b8836197af7d07efcfbe13d

SHA1
e148adf6a0a8d906e0f3d6b1b74368e9e1301d36

SHA256
bfe52302cace3f5c66e0ccec2205ff2cd8f22e3ccb424b805be3f4ecdf5a18e1

SHA512
69704651c2cb2ff8a87889331edc44187692547714acb6d1def13e806b28c4bd4142aeac58ec92f11aa3b949643f3fe11ec65ada0ae86f6ea90bb22b8bb9b04a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
dd4727e4c0ebbe5c00e88d6f7d0a984e

SHA1
bb7d41cc7ca9bfb8b7d39bc47606ea13a851ccf2

SHA256
83c0bfbcaf2d6ed067faeafedb47dfa3d568e7ff9463a2a09543dd7368250820

SHA512
b3cdf101f1ce6afab17c88b12298a8cd26c1b75b8cf8bf8644c0e87326065bf4fe0dcf9ea2dc1b0052c5d29865451c053f714a21f17bf2a4a179d3a7acd1ef41

Download Submit
/data/data/com.systemservice/files/PersistedInstallation116922874529132589tmp

Filesize
90B

MD5
a51a9df9be90261a1660ef252ce76a92

SHA1
202ce82e0adf1b33e677f35170e76eb91c921fda

SHA256
1ed79791ef5f58597c8315a78b8a5a0f0256e5aa519b016265152bc49bb13b49

SHA512
7caa6ceab424e0bc2923e41658992338ab0430e73b75eb7e609f8cb6084907502f3226de27f045bf1705067620704ae06833521a750bf2a7cfcff6522151fc76

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2885347862832042463tmp

Filesize
556B

MD5
0d6f09aabf3e6c71626e760437bcc4d9

SHA1
a33fadb603c4442c1a7ff2e17f5b8f839436e7ed

SHA256
614f602846405cc9bf8043ab6c7c6400c4fa465d9a588e64121153eed465e9d8

SHA512
5ae4ef63493fc6586cf42ed0617498a991fcf9c9a1d56dfd35e44c00d3c9734bc2c403abc2120695cd7cb1d3f46fb2da4491d0e37dfa87e2823531fc15c5f3bf

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
e85d0c18e45bb6f622512ba43fe59211

SHA1
1bc19886847eb176e81d73988d706a078f8cd270

SHA256
57017c50aac33000e13e9cb36aff3d9e76ccc75701290ce9646cda3379de6e0c

SHA512
da0ed844bd807eb3d57e763739cd90bd305ed7142619a26cbf929d5b7d4056a8ac49588d20d46dac3b88ddf0a7f4d88587a54e467175fcaba496b9c066fe7c42

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads