Overview

overview

7

Static

static

6

doublelocker.apk

android-9-x86

7

doublelocker.apk

android-10-x64

7

doublelocker.apk

android-11-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    09-10-2024 04:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doublelocker.apk

  • Size

    359KB

  • MD5

    85cfbd81ff6729927c968fbbb2d1d84d

  • SHA1

    01d962f809ae061d1895cf71db9eeb07900929b8

  • SHA256

    79e602a062d05fbb1409afc16e6d41ac0645576b2b5c1899dc93e6852c30a71f

  • SHA512

    26b24f7ee92e1185aa9f1160582c60cde8a814732dc3d293085eb0bf14fa48efe47f182d40d2bdb06f83f62e505ef542d5a042f2d2fc037811d70eb3c5865c86

  • SSDEEP

    6144:y4qHaAiB3RywInnBfnn3wy+bl/i2PNSlotYLAynYa9Bv1Mcq:y96AG3RyFnnBfnAy+bFzNSqtYLAyYa9a

Score
7/10
collectioncredential_accessdiscoveryevasionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Performs UI accessibility actions on behalf of the user 1 TTPs 64 IoCs

    Application may abuse the accessibility service to prevent their removal.

    evasion
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • owd.qusutsqfdo.mbpepvxhxly
    1⤵
    • Makes use of the framework's Accessibility service
    • Performs UI accessibility actions on behalf of the user
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5064

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/owd.qusutsqfdo.mbpepvxhxly/databases/init.db
    Filesize

    24KB

    MD5

    7b66de8889349a7603c3b834b6ad2395

    SHA1

    99b3bc77cf46409d5070055ed32e6d79f89720ca

    SHA256

    23caf1932ff56b122789f557fe2247188b0483cfc49e93e1bd08f60fdfcd6ddc

    SHA512

    59aa963b090e544bcf42c3ff09c138f1f301d42fc2fb21d27446d41306de877f8dcccea9b957a2d37401fab0d8f3aeede6d09ac087e6fbc528748adc43792ec7

    Download Submit

  • /data/data/owd.qusutsqfdo.mbpepvxhxly/databases/init.db-journal
    Filesize

    512B

    MD5

    7050a6949bf2c18ab6c7e62289585497

    SHA1

    19d6b3a2c2ef4ff241fbe02f90fc78b530953844

    SHA256

    1c71362177b00ee7087b53c9e9897836b15f53cb3f54b69c4a8ceef816488c1c

    SHA512

    9ae598ed2d42bb247969b27c92fd1c6b5f394d5754df0ab761769219a832af5a0215c363ebe200545d0cf531ea06f5cc8f8f65c89c50392d0c8f4ccefba74ac7

    Download Submit

  • /data/data/owd.qusutsqfdo.mbpepvxhxly/databases/init.db-journal
    Filesize

    8KB

    MD5

    29824e97b730948ce84a1b06a04b223f

    SHA1

    1a9b3d9dd9a31b09693254906eda65ca9fd78a1c

    SHA256

    be633a2e43080699df178331218d98f2b684be00910f7645d64fc66418fabc10

    SHA512

    88b396c5e59a5791987beeaef0a5d65973dffe51df7659ec3ade6b93a2aa533c2f1c3bd67910dd6246b9345d7cf0b4e9f0f0a507766c624dde9b6dfd3fccc7b8

    Download Submit

  • /data/data/owd.qusutsqfdo.mbpepvxhxly/databases/init.db-journal
    Filesize

    8KB

    MD5

    e551b89a286363fde9ad3366692991b1

    SHA1

    f3bdf72c66cdd8f4f7f08c727e1affd7a7ca6a90

    SHA256

    ce3e0593fededd762547635a010e84cea42164b5cdbcf4c62d9ecc3d1f9da62f

    SHA512

    60098af2e8dcfa5f6161f19b46da7e3f018f5666966c21d2c620ef58df6a212481c973f26bad08c1554d740ba5d24a8eea0611c64b710a9669fea5dfc74725a0

    Download Submit