92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
16s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
18-10-2024 02:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.systemservice

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4259

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d5a36a0fd190c90a8412d01fc78a9683

SHA1
e6d5d2e50d7923dad12fffa45b373eff22d512ae

SHA256
b9332ad0ce2d274fdee793440031fe3b4e57cc4b9b53e12f9fed0ba063affffc

SHA512
111d1c9906161c0bc9a9ed962671b50da59e87c4fc9bbdbe24ccfd27c6b437c8051c05a503b1def28a268ba03f9cb3118029fe42c63476321bcced35d1b0ab87

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
a6dd0028c40c8319e99dcc7f408251f8

SHA1
0873c041781e221f18335265364e99f8f15b10df

SHA256
5fb5c9df50fc2fe803c0a95bb1a275356c86e50b87dd1e5cd66f6bf8071ebe8e

SHA512
5dbb2e3a9d1843cc8f79a5083e91868f093ca8e63a2989ace25297eee15831f5fcf8e868a243d26b364e1b69944315d82d40fc2a92f8bff878b64fee02b5a20e

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7f676796759a3230cd5e8d903105dd1e

SHA1
4c5adca68c8d1d6876e63d045d7aa064ce2b3cc2

SHA256
48edc535b2171c23a0020431f9058314405473e9d56c78763e4026032e8c8a78

SHA512
b20c868ca02d0b25a828dd2d39828980a2d88d19e3828c63c2bcad99901d246ddb0c36d213741411db5b23bb3b9c1ad511fd970991851bfa93d59c9b7eaf0b5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0b5c1481e2ef865964217ead6a1b0fd1

SHA1
908a63baa635fb712331c98ff3fff07388f152f3

SHA256
ef3cf2bac037de6ae875391ab0739eeb9e68b4a5df2cd558c0b378ffe01f0e20

SHA512
68a030cf6719a5560b8abd243ca1805812e3ecbd8628d20a025bec017662b058c3268b5d5c08f0e4a20a10009df1c0438c789a89d6cf257a1c16551daea810b8

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5ac4667c6fcbcb12f261d59121ce4146

SHA1
ea80c4998c564ee7f2aa9b1b72cf9d9e793c0531

SHA256
3fc1c5a8a9ce63abc3af5d1ea30ff042d016c0e9fe9d67e60aa85039cd226abf

SHA512
98deb05008b790785ff3326e401629a55434052d80f3623e78d1b0cefbcd86c73e149360f3a304a022d4c90dfd9f8fe4cc75472a9c4024789bf785dd1cb1704d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
55ab6b952e95f9112b515f9e9e6d75ad

SHA1
d5ee80423dded976ffe556fc67823f80b7bea46a

SHA256
4cbbee7fb650e1b656193881aff72573f5ce02a9a0391f06e3e84eedf74505e2

SHA512
7230ad70972ec837021484d5a432bf1d71b73e01bdf1defa058ec771978722aefdfb2343ab7db6bf0fdcfd0a18a4d87dba5077aacc9c76b3f058cf962078657a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c18ed8520eb662aeb176a9694dbe9bd4

SHA1
0a93e3993204444e1c0ae297793f83a7514c4461

SHA256
ae5e72c0e4969f3456125c2103a1c9f1498875cf5e43479dbb34b6077924d811

SHA512
087e9bb08db7f63be6b3a769fd53de4c20258b6be0b363ed3d2ce74ede7eb1780cec149f354a78560c801d2a83dd6d4f071270b476b62e9c5e51540e57db98f5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
ec283f899a13f9c73a652688501aff03

SHA1
df7fff88165247e0cc3b9e42ea3ec2acb7179519

SHA256
1dbbedc7e6bc2ac9753f2dfe65f9f5ddb53e79e4c572f174ba84699e11290524

SHA512
cc6796aa1ed2d744b7b9487207c5327f4f8cbdad841b93c4604ddb0b6cd285b0404c738d1cf0d4b3ebd0ae5e54f97045fd682fb8817ebbf1d1d61cf0939d6ccb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9326f74255e3c65c0cd73bef6fb69c20

SHA1
8ebf70a2532489a6b6794864743fc39c9dfa538c

SHA256
ffbbc8e87d32b4d8815b0eda2c2ba7082ac1a9aeba1508a311c159adfe000016

SHA512
6727a688fbe85ebfc0495d6e9e55dba92042c5d9bbc05206989f186324f50bfb1ef88b829a36cfc5c8e7c63b4e8f8704881135a6ace90bddc39a0ea41c285757

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fa01ec8c9a8c40e55b3d68447352ac63

SHA1
a85e2b262dd185b7042e717793b816fcc5937cfa

SHA256
9128ed8d32edd9bd47f5d98030b849ecb7bc47eaa1ff0f255e7a3a20e67809c8

SHA512
8b99c6d8de3ccfeb2c80c4713f5a8551bb918a2cc3d37e22b573ed906792404c5aec181c0fafa9c7ad6d2fbec1ade87a6ea5836a3446e0a4b8b60c0620abdcdd

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3c04e14311c765cd496b02d088ad045f

SHA1
737b644cfbb1df1cc2068f0b7428524a0bf570e9

SHA256
0d4f9f8b738cafb27f6bdd464edb3c6bd93c8f612a60b3520f380c077d1fab09

SHA512
ac6e87a46dbbca330674b85cc8bc5dffc6841675f747f51bc48c5b5c6bdde62341ebcfba82454c65b99828a3d785c9b91316ec0df758382fa617ed9b7710632f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
490d680e3f70c4550d791201a2f4ed21

SHA1
469ba470d0f29dd49886b23014f60a3bb34adf89

SHA256
9c5683744f99a61b47292d94ca4b92263520d82ab5ef35825e04f24919e634c4

SHA512
868d3b5e5817ce2d31e183ffc56dc8408a40a17c24d7a63761392c2de9fcd3f8ca5bffd406562df5c3a1bd5b750ea65497ac8fdaeabab7f244fadf480b4364af

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
afa533484f13a6b1ea8c75dc5801ce05

SHA1
0abe4f753a818076b7592af324d31b4f97d8c562

SHA256
34f45dbfa5f4b2327b0d2eceb9f155b96686abe2c14a2821b8711a16d5a585b8

SHA512
405ce7a271acdcb168ce0458c954630d75cef838f8ebce3872472fe0ee431dc4733307fd53bb464d9c0890eb7ce340ff13542a50c3f3c5b1dc8ec76ccc072b2c

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4497793819114639538tmp

Filesize
557B

MD5
bdbae2feac46acacdf32194a7d5c6889

SHA1
cde8acc1bb0f6fae54978c17874df49475ea34ff

SHA256
eea25e6b243fd2edf46eb41473dd89c63a4bc55e31ae448b062af012e089057a

SHA512
cd72348f1024dddc67c806cd7d2378bd914906a370886ad76cef6f7e8a3d275c0087f6279fc114afa03c0576127817de84cd3260148358175150bc3987269c0f

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8892909571802607466tmp

Filesize
90B

MD5
74dd52f0f6c160b19aaf0d30743862b5

SHA1
ff0d5694eb2039aa30a7cc9fe588f4ae3e3691c2

SHA256
55200efaf6d4b665c2a28622ac1b10efb7b515cee2bf4a799cdb5632ba1c1a85

SHA512
370b1ff138b4c0b2e7a4170be3c41708438486e9a34e38964de85ed254f3aaee8aee4a5aa903c0001db10836e0ef98fabc0dafdc2e1ab976ea55dfd99c825198

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
a7ddd767f2fa630032590a42901e51b6

SHA1
91ff7efae450d96cf3b331396115e88e6b07fcc5

SHA256
b2c0a168ede3ebbf3fb5ccb31a3ea2ac2d5fd9e53135e4eae7ffb5fe04812003

SHA512
e277c63bcd4a4e7d675f399862a39b2928cc601f538197d37a9c335e60dd34868b7e5618044a8fd8dfe881b1533b7abbe959b7e67fcb5541dc5ca66558b8d610

Download Submit