032e60ff6efa035a8490710ec133d1924425f9d8a0219a75a91011e6207d48f5

Resubmissions

09/10/2024, 18:21

241009-wzbeja1dmq 8

09/10/2024, 18:16

241009-wwsjmsvgmb 8

Analysis

max time kernel
177s
max time network
608s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
09/10/2024, 18:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

psbmobile.apk
Size

111.4MB
MD5

8828f8690be3b802dcd998c0ce83eb4c
SHA1

2f4ae01348690b35838fd8ea73475724867b9ed9
SHA256

032e60ff6efa035a8490710ec133d1924425f9d8a0219a75a91011e6207d48f5
SHA512

c58fcaddac4fe5fa2ee142d41b54cb993f7cc78ef51ebded9d4d6250ecaff878af57a517f58859edad4570aa0606bbb01f712c127af41a0b4bbf107b6c7bdea4
SSDEEP

3145728:KYlp1LllGNTxw73EcMdeWh1cJ51BHgexoAFra3p:K4lg0UxbPW51BHLoAWp

Score

8^/10

banker collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 9 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	logo.com.mbanking
/data/local/su	logo.com.mbanking
/data/local/bin/su	logo.com.mbanking
/data/local/xbin/su	logo.com.mbanking
/system/bin/su	logo.com.mbanking
/system/xbin/su	logo.com.mbanking
/sbin/su	logo.com.mbanking
/system/bin/failsafe/su	logo.com.mbanking
/system/sd/xbin/su	logo.com.mbanking

Checks Android system properties for emulator presence. 1 TTPs 4 IoCs

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.product.name	logo.com.mbanking
Accessed system property	key: ro.bootloader	logo.com.mbanking
Accessed system property	key: ro.bootmode	logo.com.mbanking
Accessed system property	key: ro.product.device	logo.com.mbanking

Checks known Qemu files. 1 TTPs 2 IoCs

Checks for known Qemu files that exist on Android virtual device images.

evasion

System Checks

T1633.001

ioc	Process
/sys/qemu_trace	logo.com.mbanking
/system/lib/libc_malloc_debug_qemu.so	logo.com.mbanking

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	logo.com.mbanking
/dev/qemu_pipe	logo.com.mbanking

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	logo.com.mbanking

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	logo.com.mbanking

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests cell location 2 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery evasion

Location Tracking

T1430

Geofencing

T1627.001

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	logo.com.mbanking

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	logo.com.mbanking

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	logo.com.mbanking

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	logo.com.mbanking

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	logo.com.mbanking

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	logo.com.mbanking

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	logo.com.mbanking

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	logo.com.mbanking

logo.com.mbanking
1⤵
- Checks if the Android device is rooted.
- Checks Android system properties for emulator presence.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Requests cell location
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4526

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/logo.com.mbanking/cprocsp/etc/config64.ini

Filesize
39KB

MD5
8a3ad9b1e72409274e00bc4f25c2e562

SHA1
dd69ec6bbe17955ae264d246ebba442683b5f1e7

SHA256
11395f5b997083e8bc99ae9a24b8a3b99aad1036ecdaec04d7bd03c208afef8f

SHA512
9548dd938fe57680b05c6fa42b0e8bdff40357f3bc312f4bddc613498cb8a77b35e388dba3b04451da6811ef19f095f13198b97c9b794d59d56c6f913f006553

Download Submit
/data/data/logo.com.mbanking/cprocsp/etc/license.ini

Filesize
270B

MD5
807e745951cc92a2dde180600847a03f

SHA1
966b5293f8003fb4db2668e569ef11f5181bbd53

SHA256
9cfe2a906520350f459f48be96b08d2f6e81c772665b79a6162ebc64daa75bd1

SHA512
cd9ab218e007d0f8615ee55801e6dcc4918f8bbf1fbc6fccba588d2f4af57c86924c0c524fcde5a78b040200d90fd4f590b73a78b149c0f769737882055a7372

Download Submit
/data/data/logo.com.mbanking/databases/caches

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/logo.com.mbanking/databases/caches-journal

Filesize
512B

MD5
29f274f0370f1392316a861937981e18

SHA1
82ab4bab817353dd7390c7ede4502ee9bd365dd2

SHA256
fb8ff33229bd0883f07d44ba0be11c3ca4b26a4cff8df74a1efed11dfcdc04e7

SHA512
bc75335dd13c24eb168d2b18a42636615db3d460f2b785bd08d833e3e26cf76b55753264e4ef41c01dd97d3f8b659214db5c68a0804c3464ac3490de8a298b49

Download Submit
/data/data/logo.com.mbanking/databases/caches-wal

Filesize
16KB

MD5
81ae704f3a950e57b9234028bd3fbc46

SHA1
9310df513a93a38487a6978160b34cfe963d58fa

SHA256
c47bcce74aa3b6153e51e37c409d98768da92275d6567d489d7280e4d781ea7a

SHA512
d45b0efabe82c84be09d1dee7d2b757a0297eb20d79bda16d3b9a3d9b75f1ecccb937e7b8df7a3dd5197e87fefc9116c817a1c5c70d25f3dc83b5f4ea636d4db

Download Submit
/data/data/logo.com.mbanking/databases/caches-wal

Filesize
60KB

MD5
03eb0518191abdff135214f2284773c8

SHA1
fbf8d2dc4f8789f690aaae9cc3562323d62e88ab

SHA256
29e80460aacd9ab5dc430c5b9266986a2584fa70830d3ad5282f74e7e798d28d

SHA512
b5e63290cdcc7e37510d7b81821768774d20f3202a157e7fb5569f6ecae8ab96505b0ab0f47bef549fef45ea567af60a2bb3e9cd3e58a059332c50d0746b29be

Download Submit
/data/data/logo.com.mbanking/databases/caches-wal

Filesize
68KB

MD5
2bae3cabf19a2d5b8320b5a66142f154

SHA1
9a22ebcb0450d3189c904439058e868e26f0288e

SHA256
cf8cc91100670e463240d2a9ba46a2212ddd6e98386ede8d8955adccc370fa7c

SHA512
c57aec70b96613fa01a5d04aed238694d066fb164c1fa3dfea040531f0a6631dd27110da7d6471718a0c7d11928cd2d2efca7f6b6afbac351af88dadba126df9

Download Submit
/data/data/logo.com.mbanking/databases/com.google.android.datatransport.events

Filesize
32KB

MD5
7daa8bf70cba1177c0aaa35143f5ff54

SHA1
4ddb8e3e373296808fd5a3832a454ea9c0c60b0a

SHA256
f02ded6053bd0f124da16cdf40849fb201797ddfac5536ab36e1feceb21564a3

SHA512
7178eae8e99b2f8b571bd333a3c6916bd088c96dc2c6d5b074ac388e58a345de6a82daceb39994019cbdc5c2d4065912eb0c52787ec50d9e1f746ba92bcee22f

Download Submit
/data/data/logo.com.mbanking/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
97ef99031a2ec6cc0f2c628a42b7fe56

SHA1
6e585bbafbbe4a510ffdc17efada4ca59e478dfa

SHA256
dd28660ea356a2c193e66ecdc8148ab7c7d375025bde7b9fa387cf3b37efabe7

SHA512
1860deaa3dfe0254fd160381e9cd83993a4982c6fe071302f4a98d8a1cdfd25ef30fb31e753152493f356c64e8e1fb1d0eefadf9d2c2bd9f81d148f8d5fc37cf

Download Submit
/data/data/logo.com.mbanking/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
9fe14ec8c2e507235d407c00ba85e22a

SHA1
a2a164b8564dc73b8e18109de2f1edc1d1b0f0ca

SHA256
086fa201ce12a6d251d2898796fb1e60961d7cbc2ddc14678b257179ee318aa6

SHA512
e352159deab1eb1f3a8e8bf0594808b797c37f2073adb5c99c518a2464ac8414ef7b908e7df4d24b8ed9bdf6abd10c8a9ba8c8bff94da90104adb302082099f8

Download Submit
/data/data/logo.com.mbanking/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
8ab1a7745db7cc9c6a05ee7640acceb8

SHA1
89088171ed4c1c84e91ef302918630f45fff0a78

SHA256
7e5ec409158679764b0de3d43d963e50529f35441cafc3a00a101d326ea78f62

SHA512
6aca93d7cca3d19080ce400463c938b75752adb14b14f6ea89cc1b19445b966a9974eca2524a1343fd3a96a0a3ed294ee2a13991bf940422b47792588748b92c

Download Submit
/data/data/logo.com.mbanking/databases/ru_mobile_sdk

Filesize
20KB

MD5
1c708393a0fe0a01531162ef6b29df82

SHA1
47a61f14eab3831bbc32382ca1542aa4d65113be

SHA256
de3f2abb8ce69eef682dc88bc8dba439834bbb7a7bbd2a9268c88e72a67d1112

SHA512
3f553fdef8f466ec9319b52b81c8e0ab54a6c52f6d59858c0b581a11f27325370e1ba9dd74809c26647bb339d1c945bb93d2ffa5827b9fe649f3770a4b9e1482

Download Submit
/data/data/logo.com.mbanking/databases/ru_mobile_sdk-journal

Filesize
8KB

MD5
ddb63f70251a3815a203a854c853d747

SHA1
8ed35ccbbf8ea56f2fc67e25c2502fae7f8ccbb1

SHA256
d9a52f29f66e4564aea1125a4d6e95995e19481a4a2f2adcbcff1268d4fbbde3

SHA512
9973658ce32b00f04f214907c97fa8531402d67c477d167fe7afe5f1171115fd154c0dab544831593e657825963120d0c40ffa206f7f89128850a7087c7638f0

Download Submit
/data/data/logo.com.mbanking/databases/ru_mobile_sdk-journal

Filesize
8KB

MD5
0660474e481bcfd820091e45e89b35e3

SHA1
f9e39c9375600ec7895d4500c21190dc25104fac

SHA256
c9b0b36a40a25dc871e2657178ac22275bbe9e58dc9f5810b40a4f7b26e4313c

SHA512
e87b422ad539c516ea0d5cd1bd8f236576818517ef3f75f00fd92d8b2ed3baf8ffe47d0f1462671f6783c2f21b8c7cafcf3b46ba27e17f0185a99334e8ef8e5a

Download Submit
/data/data/logo.com.mbanking/databases/ru_mobile_sdk-journal

Filesize
12KB

MD5
a9140c37dc1458dd244c298ec4a5a6f6

SHA1
9fc8f17aa6975d570a08d56da89c9d4b3b397955

SHA256
88fdde73e484ab837e597cd9721254ba210faeb8a8b6f0bd78066b897426c59c

SHA512
ceee347a31a91aa1fcd0045eff92ab76785c90256baf15a7e713e7f34bd80176eebe56cb173019a7ad9437d7a13fe6bf317d552405bd1e0a84069977a8ef08c3

Download Submit
/data/data/logo.com.mbanking/databases/ru_mobile_sdk-journal

Filesize
12KB

MD5
c8da115f1393cf03b00cb4147dfd07de

SHA1
c0e9c5cc900689ec81a3038be58d45bac03ac421

SHA256
5e930367c9630e6e9456697b43b5221472a247ff2c3cb59ebf333b173a979992

SHA512
eff375b9f32dd1ecc0b409acf9277ac4af4aafa3f586036d53cbd05f8e1bf13f065000a8b7a68b668b11ec4224e892905b003974e113b4fca248aac7b92e55dd

Download Submit
/data/data/logo.com.mbanking/databases/ru_mobile_sdk-journal

Filesize
512B

MD5
58bbb9eb654b91dfda31813eeda417d3

SHA1
b0de22501bb561952bca42cfab9784813f914c69

SHA256
9d7a87f40f14e9a856d32af3d3d7a2316371ec9dede5b4b9a457e9abdb0b0b73

SHA512
802606818b16eb40f2488e5d824ce0b782a08a145f067f006d6c718eef2e08234a3f48352dcd9b328307d8959beca64ef16745ef12903ffad7cbf92cd086998c

Download Submit
/data/data/logo.com.mbanking/files/PersistedInstallation1333893157700979062tmp

Filesize
90B

MD5
d261d789cd64d3f6f49bf131e49ba6b1

SHA1
94a9e96932db37678973be67b3f4489b914961d6

SHA256
1b0377f66dbdb38b07fc379ae4a885603f696a38db5565457655187590d6473b

SHA512
ef8079a0902acd07a950fccf9d3c5c10060f47e1ffff78e60379bf4ed4b77f55a55350e164d326e44f2c44fb52b5cade3331eb873e4dfc72aa4ca9586d3dedbc

Download Submit
/data/data/logo.com.mbanking/files/PersistedInstallation6980010833454186269tmp

Filesize
559B

MD5
719131c1b9387bfba50fb7d2cd12375f

SHA1
6fb706f88576b27d0797ef7073e91984071847f1

SHA256
bdae4c97d4f08d971147325813918580762dd82a66ce3a11d95357e6eadf705b

SHA512
00d3b0dbd66c2a588344f7630ce77558a0f184cab27c7354add0c4cc0ec529a83f3aa6442c454151cea893b9642cd4b2d7f66d433e6ae62906458fc44bf5d783

Download Submit
/data/data/logo.com.mbanking/files/integrity.prop

Filesize
69B

MD5
f547b02cbde6a88b1df53df0a6a592dd

SHA1
fb48fb5e87bd5bc5366f1a5e59594da997ce7867

SHA256
d6a9db0bbfa2b2571e0ce08c08f5b591b6cf3e225e1825c37595a344f50496f5

SHA512
d7c109b31dba9bf5d04bc0d23ff25f3d3812d3d6d08029aaf0a23e1a99dac27584479ac4cef99eb470411634d82c4c78fed973f2c00d57d3ea92807670c8fb11

Download Submit
/data/data/logo.com.mbanking/files/sys_certs.pem

Filesize
207KB

MD5
c22d54a0d69e33f17e0c5e81e79b55da

SHA1
453a6e34cae4be5b7fbcf19b8ca7ba5da217b221

SHA256
dfe5e22488ecb060f0ef5b2087891ed833a3559a00677bcff3f99b82166ad350

SHA512
34b252de39889de42fdeb67367ad4d3130595dcfcc04f8ac4e1578dd8e19d16b3f936d0b55aa50a3e8587ae791adf42e0b433fa0ae0419e692fe14f6e43f3b3d

Download Submit
/data/data/logo.com.mbanking/files/sys_certs_hash.txt

Filesize
9B

MD5
e320512c4fa1f59dcc0abfd806bab1c7

SHA1
f3d3e718442ce99e25d8c606774c0fb2d805edb7

SHA256
a237bcf0a20874cb2f09c76ea5387f86030aec6db289613f4201e05db6bd77d3

SHA512
93ded3a2f9efa7c556c775f0d80e46e71db1d5b93a61bca350e7e8df58092100d7b9622b83953bc2f7665255aa79968c65c39d94b3b7d1e01a55a6636036cd3e

Download Submit
/data/data/logo.com.mbanking/no_backup/androidx.work.workdb

Filesize
96KB

MD5
ada8297d8b727fd74a1f5fb94e883758

SHA1
dff822505e2100a96b0b41e7143bcec40cecc44c

SHA256
e59ebf5eedbd4b5152d377d43d0483b38f649589f515d2efa469c481968079ae

SHA512
ff5a1f7f4b86b270efc120fb816794d36bb91f7041916f44cba96e68ea85842ccb36654b367c8ff5697db3e70c5eef541431d08519339edffe521e75f6d2f6e9

Download Submit
/data/data/logo.com.mbanking/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
083d5e270ba5049af360a6b358c71c4b

SHA1
567ff2933c4fe218dcd5ee4c2f37d99c35b74ec3

SHA256
4d93988dfa33349c7c803c211d80a640e2d15ee4a4e4a2b188ddeba17ebc7a2f

SHA512
d10bc30dd8bfc0482d1e3f013a22ba59a597fce610275624ec453bf5809a4b2ad848fc72a67da78140616fd0d6ae8091d33eaf219617b6b6ffe97ba220b8d783

Download Submit
/data/data/logo.com.mbanking/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/logo.com.mbanking/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
809f4fe502286bc2b0f82a4c1bb1d0ec

SHA1
8e954e17eb9872e0d9028b162c53e76f8c46d37d

SHA256
8c763c7d8713f2ebbc97e76f15dc3dc5e557bd41c3a6c35d82629042cc806d2d

SHA512
c5358ddc51953e6f1f655d9e6cafbe13b4be1977ff46feb768bf7a8a063d3e7f4fa5a873aa32c90b16070fa8ac0d2e04c17f9197cdb10fa3757150a8dba60472

Download Submit
/data/data/logo.com.mbanking/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
f97dd5f323daf169b294ee990818f2d4

SHA1
deb64ec2bef68c1747824d1fa6cd058480189ba2

SHA256
3824efa2bc4835fbf937120706a7295a7884aafdf2f21141c6691ec3207fa46c

SHA512
c29d3e223f3b6c0ebdc12bd2f651f25719facc048229ee4926d4ab0231f20115ba2bff4028fc0dde5a5ea9e16afc1430dae20fed6dadb9258a65d1f70f6e9291

Download Submit
/data/data/logo.com.mbanking/no_backup/androidx.work.workdb-wal

Filesize
406KB

MD5
e222b20acf28939a2ef95f5863f4fd85

SHA1
39bd6d14e6086e78bbcb130b31ca44891fb1753a

SHA256
b1634667c4ca635694bff9b69bf203a65a6f07e54fcafa35e829571776ec06ed

SHA512
5f064b96d3f37644c43765991d513ddd9abaaf491eacd0129af4776401fbaf81a720db976cb7849e3ec5702c5656c78859120b72090a2cd7545456cce4784b25

Download Submit
/data/user_de/0/logo.com.mbanking/files/math/m

Filesize
64B

MD5
b38bbe0fa163f654c6dbeb7304f31f0f

SHA1
0a833f8a3cef8e2a7d99e3e4042c7f8a18f01ef9

SHA256
4c23f950e1e8c6c1ee24ef5862f7e3436f33d791fb9fca6a01299bdda41048d9

SHA512
0c580ab94b81fd20e34688b97a34578a2880d29d46765452aa59dae717fe5821841a81f604bc22a4c21d2d8057babda92a32728bed71cce9e85db7ad55962aba

Download Submit
/data/user_de/0/logo.com.mbanking/files/math/t

Filesize
64B

MD5
301c431a36f9294efc11d8f55ca7a2b5

SHA1
35e7daeeb1b6024f78542cc3eaaf032799e852ff

SHA256
8d13e847328391e6a18c0321c9b4129b4f16876fc9b8d23943eb54ba3dea1086

SHA512
1cf390a26831ebdef7c5121aea651d9eae082f6967c65019a04eeb81f3062c8577f108e236dea8ee77f2ba642b12ec493f7c790f5172e87f56174782f79dfa01

Download Submit
/data/user_de/0/logo.com.mbanking/files/panda/d

Filesize
64B

MD5
37a383641456b072664fa9aea4805660

SHA1
012dcaa5ccda87d8ad9b700f9360e2172b8e7d30

SHA256
6341084cd7b31d8c9446bdfa488daf2d316a6bc94b3e646fa8fd28f5f6dc91c0

SHA512
b7ce8b7fd10696935c8615cee7ca5ea71cb4357fdccb89876587e2e2d854da8bed1ef088e90b083c6b25f427fb7f34030b67c70db00deddb91fd922aa3e3815f

Download Submit
/data/user_de/0/logo.com.mbanking/files/panda/p

Filesize
64B

MD5
cc947f14b2278bcb4a576b0665cf281d

SHA1
1b52a9d6af1de29b2e880ed30c194b01dd9622ab

SHA256
b7d7689457d959231a2f6fff93a64f6f4850c8571d5accf4a81e12d37e0c63cc

SHA512
bb770df81c124eb01802f47fa81de2cec7aad102a685a61fe87f10ead910b11fc073e017b39b659850ecb2ff593f2056a5fd075ba47f8669f7b957aa62b02797

Download Submit
/data/user_de/0/logo.com.mbanking/files/s

Filesize
192B

MD5
020199d2909e396622307253e83cb5c7

SHA1
d4ef4dd01d8067945059acef82b1677b84d9dce1

SHA256
4876aaa0a68ef02ad3c30909d1810113e6437d52d9a37fc702b07fa98cdfdbc1

SHA512
91fcb804f3c92132f842c9150e6113231eb6fd6c13e344d9655e4ecaed8e226515802daf68805361a6814459033cc139f167db8d393c318d58ee5c18f733d653

Download Submit
/data/user_de/0/logo.com.mbanking/shared_prefs/aaid.xml

Filesize
140B

MD5
751709a79dbbec97b714f578cb4c3e72

SHA1
f55b65bda1e03ebd26d51fcd2de6eebd8f6bf662

SHA256
aaddd7b7fd7f5cb1ae70e5f09928d02e6343928d21aad4d33bfeb5a9c657231a

SHA512
deaab6229abfeb63f22039f9b14f8c30dd8c56736266f3db9bad109d866b825f555503e71574d399a8bf69e0dd1302c9f1ae43c0a02e311e874b57cb608e4b9f

Download Submit
/data/user_de/0/logo.com.mbanking/shared_prefs/aaid.xml

Filesize
195B

MD5
0524d6fb3e15f00eb50563fae031674b

SHA1
6c039d511667b403669a00940b861aa69f3a239b

SHA256
29ba9c32c95cfa89af90360aabd76f5981d705a160ca652f4700619477156b0d

SHA512
ec7bfa35f282954e7993f9b773eba52d105ad6a3c707bd8764bc422d14c72ed2c769251d7a8b7ea61e49589ea873df1bd22b64ddeeffeef8af4d61681e2a2630

Download Submit
/data/user_de/0/logo.com.mbanking/shared_prefs/push_client_self_info.xml

Filesize
126B

MD5
fc6bf10a43687f0628782fa01037f6f9

SHA1
58dfd05138472178b55b66dc86008428f260b9be

SHA256
96231eae343e85be3d03f8a2f566eec0f06ad208f063bf8e33b770e721a16e7e

SHA512
bcce7a53b2ed63f13beed7772e9c9eea1d4ff2173f746bb1e34ce158b6ed3bad98f48632cd11521c8ed5f178ac41c823cafbede7f582708ee28b352f3b0a4bcf

Download Submit
anon_inode:[eventfd]

Filesize
8B

MD5
33cdeccccebe80329f1fdbee7f5874cb

SHA1
3da89ee273be13437e7ecf760f3fbd4dc0e8d1fe

SHA256
7c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8

SHA512
991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads