Overview

overview

10

Static

static

10

2b8a6d34d9...49.apk

android-9-x86

7

2b8a6d34d9...49.apk

android-10-x64

7

2b8a6d34d9...49.apk

android-11-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    05/10/2024, 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b8a6d34d908965378d5a7012aba96a36db7e6fef7ec4c667a7c7d170695d049.apk

  • Size

    760KB

  • MD5

    0f19720451c65275fe385bb7cb7b1450

  • SHA1

    c19a8af4bca2b36da6ede50c53f3ab31ed8e54cc

  • SHA256

    2b8a6d34d908965378d5a7012aba96a36db7e6fef7ec4c667a7c7d170695d049

  • SHA512

    0c16af56000e815187b71a4723554fc27b89e0cd1fd3e0662b14fc8a1f74a05f3a7a03556e905571f1f46059f183a315dfd937864a24666fe38439ab92cc910a

  • SSDEEP

    12288:Hl/Asa1a8LdeZ9lUP87IEe5WmpYshXZPbGwidNpgt:Hlfa1a6eZMP2IEe5WmD9idNpq

Score
7/10
bankerdiscoveryevasionpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • cmf0.c3b5bm90zq.patch
    1⤵
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5073

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads