5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

Analysis

max time kernel
18s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
04-10-2024 02:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Size

3.6MB
MD5

d836feab9d4bf3c6cf086bdc14724c8b
SHA1

c837cf7b181679a0081165e5fe4aa0eb94f748f8
SHA256

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
SHA512

8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
SSDEEP

98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5051

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
a57dce5481758918c4636b77f4720402

SHA1
a88fbc31380ccbf069465bae674bdab6e4830347

SHA256
69013b29e8f7d7b51c92e725da0ae8e4d874ca097493d58a80e3b864180f694d

SHA512
53d1dd168734db74ceeecec59f69ac7aa1799536034f85f584e3c23946d3afc2ab78ed66578583aea046376df334a4a52f06a6c0a82a6d3a420dd0f8241c01c7

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
37a9ed844690de55bfeabbe9f7d18340

SHA1
daf774b52c6379556a80ead6e098a54672368686

SHA256
b9ddab1bf58e122cca7c30139a32f65d0d64f202fb74ccf286d537210b1862e2

SHA512
d93890950310cf022cf11a71a42c7ed0c7943b3b646a56cd3dff35a68a9abe60ba50a9931e3bfce1fe7f9bc845747170abc088e70aa94f16dc13aa1e5444b924

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
dc7117a3a3fd534ee9d2e0ae7b8d20b6

SHA1
ed512c72fd6ec4fad942b4a516aeab30ab6fe58b

SHA256
2e4e6243f680a6264a418d23bc6e6f9577403c22497dcba27ef14cbdb4df46d8

SHA512
53267784c97a6a295c5ac26e923f7d757ff32b322f4dd5b5ef41138f625056afc7bfa7d8408f4c529f2e77211b11c42a6a5f75f35f3ceab7b250740ae14a5602

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
f700e2b75f14742b06934f96ad667177

SHA1
c354a28c1bdc528ca929dd51d624832487c3c0d0

SHA256
3d6c2b773ef10dd1e7b8008eb0da239b0d5092555e531c630004c74466ae25bd

SHA512
e1a7b066fe3a3dcdf360ddbc0ff3d5d93871f05295590408a867239e361f99a3539cf1dab618db571b5c637f1c0dda59476f0fb909ba3b5ea1de81323df793d1

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c425ddabb9b118f1fb251a6189c4dfba

SHA1
86c564e1ce5dc050f4af6f563d8dc98b7e2c2b7d

SHA256
14bc0e7a9a67770f0501995d17e053a63fdc3793c73b4a8659dbdb08ff4aabb9

SHA512
8a47c648c359034fcd0b689346f03110ead0e710aba45858ea608339da79902a5d244d17f90f2b27beb50b8844ae55671dceb64e4c3aa506777110fbca5663e7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3a63595a31f0f256de8572d479b41cd9

SHA1
58ab3713783f58c507d08341a70af88ec6c65d83

SHA256
0696f58172ee80e7f81f95c085af4acf1c2d15b3423b70a9c4ac996e6afdbe88

SHA512
b29804bc0a5440e47c89667d3a3314d5659a28f1a634ad6bbb30ffc535d7d3c289e39e9748bc2b74f7cdc33f607693a459df4d4548561b135e8588559ead33b1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ef0d4f54c6be24b36c4e139b626d4c86

SHA1
0bbd6b62d112376d3635de04e8be53443335a29e

SHA256
b674f803d28111e40ac5afde0c4c35bde4e761dc94399f690428684e417dbf96

SHA512
9134fd5693531d1f54471f6bcb47edd89b333746951132a80d08009dac3ee842431062aede18312f0880b6978d25459a8268844b19d3021de9225d4fa32608c3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
23645a3ea4f81527a8eeb7ed1144d332

SHA1
1f150a47573bbbaf24ea0e413d786a949c5f89b3

SHA256
db869840f70127d454a792331357fc06ad561952b3f25329f64a317e14499fcb

SHA512
b86badbd6a1fca7c47321572506b91754e2888cfd93508fcf1ec62470a58a6a5c2a6b5da39719c1df3fe13d8134809d41e6938200b1c8b02ee64bb765b4af05e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f871ff700510a56a54fdd56bc41b7541

SHA1
481548c8bc3254a00f497140278597b915460c48

SHA256
ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

SHA512
12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
605177428862e395e62e6770159942cc

SHA1
6881921a194c7fa67c82e1944861ebd3f1256124

SHA256
4125c28fa5c6e42cd792bf166fe735966bc3739733b697e80ba7140afa032455

SHA512
2a4187993f9db543b47eb860ccda443b6d68a98a65dc9f3dc9b3d613926af8d76e320d7a792e1ae105827348422bf0bfc580b799b58e37d53b97207e2eb8b842

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6ac54b8213dfc587e66c0ee016dda0ba

SHA1
725d89ed12a969f916a09aa0ca43918e652d57f7

SHA256
818958d430c8cadbfdcb5e8ccafb5f1fe9cf875cc6185893a7256aa0ec9714a1

SHA512
2ba5cb1cb540af54a59ca9df5193a3ff3c7ddc71b38dee5d896aea2544709c44e84664e7cae121e91069c28ef298912b584dfffbcaa9903a9e086308f695d8c1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
9f5c40c623d970cb913a7e81e06c2538

SHA1
85a419d1ec0776411306f1a4f2d0646887c5be0b

SHA256
f548ecbe246289ba1b06570502138bdfe26745166082a5c243d5de0aee7a199a

SHA512
5e0e58d78348f8cb3f8d9b6191510e305c0d175d7f6466538cffba21fd3a10db2148aad20efec0002fff931023a8c493de996ffd5f29ee313e735c7319274b5b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
af3a8a8ab02e3fd8b1a5e98233cbcab3

SHA1
38e0ccc39de75e2c377dd330dedc3ea9f93faef1

SHA256
ee07744cdb4b8e6d824bc73672d7b187ed55125d0031787307fe4150463fddf6

SHA512
ac84aad4b13992ea2b29fd2d489999b3845aa56e758b96993a2db00adcc8ac92f6d86befcfb7054ad529f9cab45099cb16bdf5f4340ebc6ae695ae1d0a61282c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e7c7a23806121377c38218654f7b5317

SHA1
5bc45bd2fdca549cdd1ca7aedde2288afb044f20

SHA256
c56f71572eb6c5e39b1360a476397ae61f434d300bf7bf32bf654cc92162b540

SHA512
c2db995b06f02f3d5a16460f87d3ae1e45901cbb7685553f7d244613e46d95e6bcd39a529a9587b901bd8d9f64ae216f9c101b377cd0ab8eb35677d99b2c71db

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
00dfc3fffc70cacc0b3f216d11da7deb

SHA1
890b5ba8dfca259c6b533369ab16f061eebd6771

SHA256
99757f614ba310a97e8eb857779833f4c4bea3a28a4ea81033ceba232be4b922

SHA512
eeb759cd3c38e24a7541e940155fb4335c287c3e07527c4ff7042c8732e90e7f9248e5c44b2e5df85bc0f08cd98ebb8d47e2fe3da731504c7299a1e7d4793a41

Download Submit
/data/data/com.systemservice/files/PersistedInstallation1009264202380585667tmp

Filesize
90B

MD5
254b9649a0ac3d475da142e92738546b

SHA1
8db93728fc0aff47e5f92451e9c1e9644666d20d

SHA256
d077563380381e7f2503c43804de7e5856d28ab132ceec51141f9d98673496dd

SHA512
55f701ffaaa92a981093775d771433a1c23d0ffe920e89bfcbfc619dbe1905c9f896b47f4b35eccbec92a42b7cf1bb121ebfcb7dd8b2b1cc174015335bfedd22

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7333668548633906312tmp

Filesize
556B

MD5
fb24ed49db4ef413c9f28bc5ddc41230

SHA1
b7039317f0607f7ee916afca4828ff6595f2a11b

SHA256
2cb4d06f166fb4e35d529578c5bea076eaad27ceebff1f777a3f7f6d9f9baa18

SHA512
b247e5336a44d6ebec1610b96214172877991db5631ff9c83679747b911803053e3965992f53abdca4d20f9323a38190b41982241a8e66ab4b9cae0adc618f50

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
a1034683560227d5df088bd9082943d6

SHA1
e884daa09fb569ffb58be45277623daf29ed23ab

SHA256
ff23f5733adcf8cf5ddebb1124c055737f23d5bc751e0c5e54606b819d8ae10c

SHA512
de3e3b2b4f4582e7f91ab7d4eb7a3ba0b0636504f96004cf2041cec9e43b2beaecfb7ffd77cc566ed4c0b5134a32a421e6b4d300256ed564cd59f0d5b92fac93

Download Submit