2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-10-2024 02:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk
Size

3.6MB
MD5

39fa2c58237de702fc3458251f358cab
SHA1

16e4e5003046f5d07a0fb1eff0dad56d9ce53be3
SHA256

2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc
SHA512

023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126
SSDEEP

98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4319

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
aa1e8a2554ce4d127ace43fde93968cc

SHA1
86e2ca5bae804e18ed6b08605feff012e0287c9c

SHA256
6a8d409b615961477ce1b24a08d7a36a634cdcf77a908392f29c09bd4ae366bc

SHA512
b48a9a8d00e4a01bb09fc55237129bf00f7d9a7e27abe42ad1f1ed0346e2b8f5b72c11548706ee96d3b5ceca88e63b5629d75bb8cf9152b9b9bc7cdf9f1d507a

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
1426459eed8c4cc3557475823d470ee3

SHA1
734768e32124e1a3ebf796d6a3ba1fb6591a210c

SHA256
2cb1c763e188285b957ef802bfcb598c8060aa09ae48d23551e97c71db40ba6f

SHA512
2148f89f050495820dd7489cd61375c5502050e38c7e074a5a090f94cabbc4d6504a061a28b95837cba026dbf9e2242c82326b590b53d69230e07e7f0a79dc1c

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
67d80c7f0bfff99b344b5ee949351546

SHA1
0e486ee62de8b8206267acc6ab73b9895cc88847

SHA256
f3f2da9a868d7d6dd078c1892333fdd2ea1324ff72a2c714af4ce9f82b7ae1d8

SHA512
03d07ec62cd174893c8528bc516b6470860c209a1bd8956ae1a51ea011a93745779daac8d4368aa397901c3c563a353e3eb5ebc97ff5a32b82000045eabd511d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5f359cd43df8b479074c24c415aaa972

SHA1
f9850bffd9b1b6e2f30e81f18dc8d719514a67b9

SHA256
91143ac3aa644aee0f88da170a353c6e839c57e6eb80112484829a83d31be39e

SHA512
5df92a7765a0026121019320abd0b4b2b58c31810f8feb23826873cb745316ff1ed5ef59521c29fcf1e717e7ec3acabd96f8d8e60f0bf8eea28395ea062f720e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b90dc70127d49cab84e76d34141fa9d8

SHA1
208bda2c5beb1336510fe8d321014d59cb0dee2e

SHA256
f37592a185316d655c1f1286840f763398a90d9432942d88acc7e8f744249e04

SHA512
0b75a6e308c304592af8dab913794af89ffbc5a7d265a217cdc5e648b354defdfe0e4485e625afefbe97b1ae95036eccff8b632c501583a564a1c81ea8a0876d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
66056d297969c0ee886f9a2213fae23e

SHA1
67b0947e1004dc02f7be88d1574cb71b18aadba6

SHA256
7da833e2ad04d125a29b3a0c0a769e27e7ca062439a649371c781c393734db85

SHA512
2c9e3c59f3328dbe7fabdddb6dfa20c998ded7fbb10082bb1dcf4283b88927d236c6662b002dcb0e607505276e16e0040af2b36a4abad3e73a7631b1f3cfa030

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
bd5a59c85483832e618aed08a8b0ed72

SHA1
eb344c431b2f66c80002f93d04a2d2ffebf1eabd

SHA256
9dfae00d98e5fa014ace3f7bcab842284b5b4ee850975d680344b05209007483

SHA512
bb34e1c5b41ea38a622ea6fe0ab127fef99e978630958b21e112939cb29efc62541c9948c30eced767e3adb33b84d6f39ce83403c7a5a18a09876993466bad22

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
1410abd703129511e55c9cb4ed84ce2c

SHA1
835f95fb7e7c2b09b4f929e99ec0be575702ad72

SHA256
c2d1afdcab0f07162635b91987dedd090ee1ea228b1c2229eb283b63058de444

SHA512
4141ef5eaee548cca9ef7ec7aa9fcd8de9d30641ba42bd82c50c19627458d9be6d6899d098f325d819f0b959e3fedeb871b6ff6c4c5c8b03c15a8c8e522c06ff

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
acef49e9e6362d996a3fac67581c6623

SHA1
d219df4adbbb9def00c4594ac02b19e6fd02062e

SHA256
1ac300d2d4deb1fcd71d9948c6c59af83cb6d973c157c29d1e92d6da30031200

SHA512
4664eed0cd6f33c0d7cfdb859091d08bf8cf46544c3a8ef0c5b8078221b14f38c32a2abbe370887317cd599316cc9e003237f92576329e4883fc51bd5d0b8f7a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
87fd00f5a7c9dac34f852927eb30b9ed

SHA1
b49011d1af9d43822ff0ced0297709939f676a78

SHA256
4305ef0cbcc9c8b623cb0d1f8bbf3d4a531ac5d1257a91d29c83bbbb9be379a5

SHA512
b6737daf5453e9d6fe69670951420d053f45e8a5a1a5d33e6db8a929d61c670439a5f0ec6b67a7d107721945d1cf3846367ef8d2009ef212815eda5d088839de

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
413778b8ab6154af2191116ec9c60f91

SHA1
f76fcc137f597730b8eec7e56256fb1e0ce1019f

SHA256
2d83c1ef1788bad3d47b7e7de88ee1af202697371b381badaeb5d3e5276915c8

SHA512
796ba72cc6b7ffbb7a0998787672102627d81cd832ecfdcec8085e22e65aae0d4d61c32ec1f7c41d05466591d03ceba1a5a7fa8e1b4c3ae1f9bf562d3e77a15d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
601d91931e46811af351e17a1180addb

SHA1
0db2ee86b284d01f55ef36fc4530863d77da50f7

SHA256
ff44449205384251e36e58a8449e4c013a6a3bf37e905880677b4fc9d2a6e749

SHA512
d222e433ab1576191f4018cfd85dddb51451fe705fd8069db81df26af329d23d72a292ca749456781c46f6a6ba7f7fa9e74c77bf2a0db0db5395bd484cdd8130

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d731474ac2ea0198bfc1c177e7d6a307

SHA1
0969d34c5b36d52edf172512c4d0c3010a915449

SHA256
d672b8f1405500e2cd3827cd00fe70e610c5554a98a4437ccdd2f3b0a25000e8

SHA512
524b3168a2e0d9ef3a3b18f239f9f79f1497d9d14b003a071c98b63ed61ccbe4239f64355a74183a399c545e0a37bfa1845d9b3b88aa5cd6104f0c74446e235e

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6063355192254899818tmp

Filesize
90B

MD5
5294aabcef0d40bb96136caea2b247f7

SHA1
11840ee09ae86bfc4ef091879ee6fefff5ec9e2c

SHA256
c104113334ec235411ab2032a96efd9b1f1da407c064fd55f83be42a49d51ba4

SHA512
32316b0d8cbe6ebb8c1f4a8d491429b2a49151b046952d085839ec0584806fe4207b9c57c0baeeb4515c480dd4c80d455681b4f826ffd995be1bec790d5d48b6

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7665044064659804574tmp

Filesize
556B

MD5
4b2d4609fa2c3c9f471358ba58189740

SHA1
589fa698320f4f957bbd3c12a0fbad749490b142

SHA256
4cb9dc71466304e3a2504f2e2bb38955feb4bca094d900e6223c5f675c5d0ee0

SHA512
2a6ddc26cff0259e0bd48ebae36ca52bce82533deeb87f47c452549814ec61f1f53f6d76d083fcd638d64c700556b94180a03fe9410ef3a5f8bf6dff4512653b

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
918B

MD5
75e67d8e8126207f0c7840f72ada55d9

SHA1
52ba63644f9466faeade2eabcec79a2caa9f2f70

SHA256
b2852f6598464cf861d2424d8e42f7b7f62f244d1de07336ce3398a9fb55d80f

SHA512
99643b4b9e227c6d0c910693bcda8e88cbbd58d1b508397d416df11f3edc2a6cd82dd6cbcd463a8b347854fb2d9a333aa0e8bca84362f9f3315b256d7dd59345

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads