2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc

Analysis

max time kernel
17s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11-10-2024 02:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk
Size

3.6MB
MD5

39fa2c58237de702fc3458251f358cab
SHA1

16e4e5003046f5d07a0fb1eff0dad56d9ce53be3
SHA256

2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc
SHA512

023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126
SSDEEP

98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4313

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
984f5ae7ec05f6ce2040de65c53406d3

SHA1
a0166b3ed71e9381c9c3d20319ff2cba9516fe75

SHA256
843cd69f9862d67f776da7fa9642019c4b4ca861e4793328a27dd559c55cf3da

SHA512
94a052264366385c45e920a20d513fa1989c4d81954ca368ee7340831ab9cb782a1a7bf7f8b2fe749da9916f18c081757ca5e3660cbfc082b13b82af46434ed7

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
72bca69e5c04c9f2d5538d85d43531f6

SHA1
a830296e863d10665f6b2756d03161dfdf462bb8

SHA256
e4b6a27608967befe96e9257f1fae6731b9699bc233397210cf85d9593bb09a3

SHA512
634222d935228d01478f7630087b3b11ca776d739ddd9d230cdd057ebae47cba4a07485ac52d4f9d683959cfae7e384db6c774587c56e402ab8be8cbc09c7392

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2e9457cd0154656111f71bb11b9d6acf

SHA1
8bebf981fe93ff9aa1ada1c286eb7353ecc20589

SHA256
64534c9c33994bdb529bc5ea2efa1d26ca203038c602497ec8e735dee5e05342

SHA512
5fb1383ecd06474945797e6a2c02e88d96d23cc0ec1bb2f7b156ac25099112c5a6241763847d5ac4680fc329e87e4ebac5236a04acb8c1b9622129bcf1c66355

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4e0d356f2691c30efec8f3124030f81c

SHA1
b97e648b6a03380ef6d86043a3853e8ffcc667dc

SHA256
096bd8e90e7609b3315ccff02334cac6d8ef390d947916361023d828d3c2b820

SHA512
8bc93b19d19182b67025d2dc24608f79f24242fe2694a66c174da8b30fe68b93795bc7f59158d69c4a362700b1caf296050fc75937751b07ac3f495007ec4a58

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d037837d0d00d8072e99892c8423a208

SHA1
a20816f0f67defd4d72f4ffb74444509a03af552

SHA256
2ffb74562e56557ce41a9491d173437597d13020c15b43bcded3edeb999d5650

SHA512
952616c53859d3a7c162d3c2958082da01c3828e295a076919b4ea94854c623a5112fe3f1cb937665e841cb6cb7e3f2d182c04247588f2749085d7afbb9373e3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a7fcea4c2f58786d7b781b38ba9e9c3a

SHA1
6abf205ee71b4334dba8f70a00544798135790bc

SHA256
fe729b8f091d698bd337ff6df1420b167bc1017a83fec04da419ecec997cca40

SHA512
738c917b608ca7d3452f27b5993cde14305038cc87bfafee07e0bf6672c9806c657358c3df117efe5bcfd4dde3e716f500df54b0377b9dd6177fbe5ba53419ab

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
438c5ae81451b4066db53c44c7cef333

SHA1
1c99ac8794468d23aaf012bec5aef72a0d115661

SHA256
bada5cc5fb35e3bf4ed7ca0e283edcc53ecf11b60b0ca1ab6cab0ef91c2714f7

SHA512
c615782f4fbcb41adc5af8fa37495c19b303dc1bff876417b5fa5aafc7ada78196d813b0356b7248ee506a65bb45b6dace03c226e5e9c8e959d71cd75e0a6bc1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
38ec18c80d7aecd9fe2e492c7bbe3736

SHA1
79fc1d8e44d28b778c5f66742f0913da433319c9

SHA256
c3923983ea89477faec19c03f2f8ac56965c776b85dacf7c6b4bc53a0e709950

SHA512
3da8021d4c1e67963f3cdf1418acef7babcf46de5c8f4fa655c2135e8e1bb68fddc1f4aaa7961a03f5087887100a1f44ac4eef8a245c816e02f511d97d2b0d95

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f20bf11b6007dec5f51f3209f6cb7450

SHA1
f030a0f6eb35032bd04cc78808a057db69f767cd

SHA256
7ee58c7c1ed1b0ad2699e503d9f73419e5223898b76a8759c7f5f9371c812171

SHA512
aca4ec370568126faf724d107cf75f0cff8e54214000d88adea10975a5c7b876854da04ad4880abb8cea06bca82e132d369ae7da00fb0f5d0c138f1ca3cda002

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1b87a1d7822478ce2bbf93ef5b8b8ef2

SHA1
6061e3d917de80ae0a32fc036ae603196fb25b53

SHA256
3d6f6f75b8483ac3dd332538f0b384e1fe08e794adf6c3397fdcf2e559290390

SHA512
40ace8199e042ebe229d9fccf6d07cf2a9fd030b35b5df04ea5f965e3a5d5eb7d8e10148a7859b37f6f11c87333ebcd8fdc8e721b582b32ff81407ab8a36b428

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1887763aadb5f284d9fab95e9ee4af5e

SHA1
b0cf7e3af217fa553f571ce8cfcf0803fa83bf7e

SHA256
f156f5ed13e98728cfca6ce9cfa71ef540f949e0f9906b19cb71b976203f441a

SHA512
3ee60c050131de4207a2683c68f454eaeb592796dbe68b5aa45a3d2ac114e69ec479b4f44ed079bf416a178ab89dadc1cfe897a04ba88868b273d8ea16fee352

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c173af003ac1045fa2f372cb592c2ffd

SHA1
5be16f4d0a93403449cd179a9793c97fbb437400

SHA256
6561acc7dc246ae10ded10c528dcb7870dcaaf8983f2dbe2df4025519ddda6b5

SHA512
e9649eb7c0c8b510b7e5cd8fb24ee95d5693d5e1aa11e127a6fe8a2754cd0d4ccbe71e9ecc0754d62583698abe073f748973e3fbf03415ae4c416d6f2543dc22

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
174a56b05550bcccca7877e338c2ebcd

SHA1
c4318d8abd0d937172bf639ddf54f6e4f5fb6591

SHA256
02a1f5266b7b86a7648bfc0c38abf6800fa19d60535f1fd2b1bd539d2525a56f

SHA512
2e37fa26cf700f62edc2846b0ba7ad95e56b869f69c255f6801109eb5bf8584964c8bd4a321cddba3db138a699cc27682aaa93bf64fb6266faa76bc3c389f5c2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6411479366300825263tmp

Filesize
90B

MD5
e5a99d55806662f16c019c95ebe2bb93

SHA1
7176fb602aa8819d26d64b18b9fac9d95dde95fc

SHA256
2a6958ef6770bd8bb460a90ed9244a8fde39e474365c767a12d55393df7e9661

SHA512
b124216da77bf6c7e846d85a8ec39806e09a9ebae24aa54bdeb0a62db7641acf6a8fc9b26e7a60ed118da8b3d9f4d86b2c74f7b03a66458753dcc9693edfbc49

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8503557521997450701tmp

Filesize
555B

MD5
b256fc1a036cedf4959fd27387bf7f13

SHA1
ab0ccf339ee4721f434b01041af23122fff2abd1

SHA256
e015fabc8e82acfb1254a03fb2c6c50378c64f557f58d466279fae98bda3216a

SHA512
f93f0c903db92c97a50cb0168cb44f650796ea32ce6426d05fc59dbf24dc9d01fd3279e7ff43cebe663026246ff6ba9d1932ba66605da88bad6a88635d3945eb

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
4KB

MD5
3b12a923beed78855e8b81d45bd2e5e2

SHA1
90c692015fdd0c6e65376daae3a0ed3ef8d7cf09

SHA256
283b7aa3f4145845fbd98fc0d6e55db9272685bd4becd6c12c5c555b58f87533

SHA512
08b2c1b0647099d063d24568c279dba06067d147234e54155be587648f567cc3cb401f65666295e792f613c83ee1834cd5b8190c74bae8affceede2c1b3ced7f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads