5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
05-10-2024 02:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Size

3.6MB
MD5

d836feab9d4bf3c6cf086bdc14724c8b
SHA1

c837cf7b181679a0081165e5fe4aa0eb94f748f8
SHA256

5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
SHA512

8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
SSDEEP

98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
6716371db2d5f8a1ad582df133de69d1

SHA1
43cd906350e89bf7b49e64088a493f75508078b6

SHA256
ea5d5860833786599cd4bb50dce2503a3d492b5638c063a301f9a818eb8d99ad

SHA512
83820a0cf19b401e4e1d76739c5fcac5809adcf28a6269fa68111ea1c245cbd9c7716778d113de2ea4a245a65bb97e725aabfb6b0888c74c52609149ebfa2f83

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
dd6cff25dc4afda2bc8d1f01aab6b820

SHA1
0a2eaad74f4d5627dbabc0dea3603d2ccf153dbe

SHA256
5884fa13e8d10d5c01ab9f9a44f2547799f499c6ae7ca6674b9059f1c6b5e77a

SHA512
5ce1c983fd3d1ac72d456821ae944fbadc1a109a44d867a2ba6b085447d1637d7de7ef168fc19accd9eefeb2636870ec420d4222c2314099663a3e2546e83b3a

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8c5f7f90b24e1b7e3aa14d72a852aab7

SHA1
9b78c18b23a890c98d550ddfc8f84faf72619118

SHA256
1e6093e218bfb597c614faf8689af75abe264f4fbfcc77d05d01c5bca3f88490

SHA512
038aaf1d12e9b1e47dc2e4b532d8c109022910a1349d27ee5ec6102389138e4cdd58f6db4ab1815dc08f920a34ebb0541fe031f034f528d17e37d659a0183bca

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fce15ed6db4b1be4f16adcfdf9a71f31

SHA1
371efd87ecae28a6c2063e075822f5b9d9403109

SHA256
8407ef00f0f80dedc2e735efd52c21379b8316016760ac58e8b02ffb66b891bd

SHA512
77d9a5c756859906d2d65b5c82f6ac9c5c82fb9e11ddf622a7eed1d5b34b8d3e5ae147e39e55615e82ee04f35d8bf89383bc2934ea3bd0f47de0e3aa171adff1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7352e03dc3706db8d8b79b0215c1c258

SHA1
08488dff6de0098db2fc7f42b37db425733fb8a0

SHA256
605f4b1cb44635fd27127556303943546c7e980395051551cbc5da96e12a228f

SHA512
f40cc8d3f193ca9956e1d82dc7fd87da6610c29ec0f39434eeec58e0e6519c81ae78a97cfa821d3f485bff4743e50fc6c60999bccc1e5d086afd6659c5317b00

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f524f5fcb13e80c056d7e7f2c8c129b5

SHA1
edea3ae3aa3e378e3a147aa6c2661c26da0a4a26

SHA256
1af391208f7698aa53b59ac0f7a21815532ad5e16c39709e83031e61cfa2d773

SHA512
e44d62b878c9b1f5283836a8a644e2d339b9ff6e1ec96fd31fa00bdcedb84af899bca370948d7ac579612618e6850de974aedec9aec242599d11f6cfdcb36c88

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6f81c63d4f21c7ddd243d4d6c3392905

SHA1
b0305c54ab1f8dfa569800f8022da914be015cfa

SHA256
55d07a29f8e0a2db576f1be2b316efd0fe382a2e0a86373a89ab2104e1f8df8d

SHA512
c49d3bbefaa6f6c957bd0624456a5ee40a2954bc49fd97283abce2a88f7b4198aeb8c9192d58e922ea4cb010bd019d4fc431db1db2a515ef02ccc0326d6f6a10

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
5019622daa938eb56dcfa112fa477106

SHA1
2f7f7923c8401960fae88e3c9381fdd9e59e577a

SHA256
f04ec246d5b4320bbbbd86b13cbfa610b4b9a77ae72d5ce8e4fef4ff60c11c08

SHA512
4dd223e05c0819d3f427886c052f19c513b38efd0f899462ca9d6dc57ca71b9756719e5c6b3639a5f976393062e3bd1afa1245c081dd83f82d21ef5c339cecb7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
65a26ead5eb908aba03d43e4b1d0b37c

SHA1
70f3b098bbbed47fcce4e492480660e79d3ab824

SHA256
2ef19657aa7385a4f1d0b5377bb162244e702e2594ce78dc14d16395246fa661

SHA512
20fa00f444bc9b35befad3f7647471959067632ec4c50872a49bb4319e715964a69835bdbda5a76e2eff5ec646a9b429cf8a50d39468c5df6d3be09645abb1b1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
670cd04f4ed953da00394101655fd0be

SHA1
43a893969344ca70ed4ddcdcf08214332ecb48b0

SHA256
a772086d8c902e2ee60b4f645f5ed5d76e89bebaa07074ea0fafb2ba28d879fc

SHA512
c0982be633aeacb590bf59b0ac5b1b75f01ac0ecded4c923c7c9369c654dc2f44594c73122f8bbefff4212aa1508a29ea3a687a917ddcb12286ccdc981351f5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
76f0616f9731f9400bad2c4e44cf90f3

SHA1
cafac125021b9ab41ce5264cc3071582968a9707

SHA256
035455b8c2a79252ed099257c2e5bbe0e13a56b00564bf34871604a3a6b80992

SHA512
0cadd35aa20bc79379973bf7b7abd6e93f2de578acf470b38870672fb3306bfe02d3f82afcddd8c144ffdd58d7b4a971f9ec9b9393557f04cf0c807c5475255c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d640dd2c21666221d26ce1d729d6adb3

SHA1
318e546fd797d33c43cd528a189ee639a2c3f3d1

SHA256
eea54653e7affcc9661c0d17528f56a1d88de7de495afb4396e17cb820cc8a73

SHA512
3321c720418d5363b2a8f6ca447241b45b5a465ed99e6a551b3973f1f6355066cab4373b526b9ad620a7afcec7592abd0cabee45bda37266e91569e06e8921cb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
672ed39c6946cc9ce4daaa3f14a48a83

SHA1
80c812bff043a4cf2ce888e83eefdf448938f35a

SHA256
c5765aacc4cebfdc05ba4ff67035a01ddbf6cf28d5994e193281260a4b1127e3

SHA512
2764093ec4749337ee31a1a6647384886d77d00fd547d43d7d8feb1993ee38f9987d67d8e4d2b3d0b6abb56e28c14d3d45a610a1d90f30455809f85f8b8e0dde

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3994139724045589477tmp

Filesize
90B

MD5
1f8a2135779367208d05b8bec4408deb

SHA1
9e8ecbcb1cad8ca3342bbd357459aafd308b0145

SHA256
d2599fee343a4b00f8bf577b26fd1da2f71c0d4100a6b493e99327da3da0f7ba

SHA512
ff1f8afd2e356115d16bf488285ff7328bcb6c0914b1c6d21e04ec5c96dcf0198acb71b00db8635921dec034ae737b81f53e2fb46d39a3babb9fcdf89453666b

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4086234011651671277tmp

Filesize
557B

MD5
a0995c2ca5d4ec6d0d8cc270cc2e99c1

SHA1
e2d7c62a6cbba29daf6bf7e71cf13066c06198a8

SHA256
065d1eca2b054bbca91d990d122202f2de10adb88cb4728f48e51ca89922dc15

SHA512
bf94c1db92bae59cd14bb71ec5b265ef314c6fb5946cf9e00fb66b91ccff0ee27a6d7d1e7d22f854a5afffd6092b73e78e44f239ef8b0e22b62d1f4c9177547d

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
43d882b3730a263580f34d9aac7999e8

SHA1
c08c0c7e6876642bc0c65e178ed64f055550569f

SHA256
95af29b94a7e03075a28a53ee48d1434024549e9d19f98354247cabc99f98278

SHA512
144a76980d4bdf7e5cdea541345fa878202b0a99b879403f64f13a22acf95249568d7d5de29d7fe6771fae0568bceb3379ffd6480bf97d55008bccb18b0496ca

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads