92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
16s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
20-10-2024 02:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
3fc2a3ce2f16c458d9057c20e11940c1

SHA1
bcc6e5c5507980b2505ece53f9b8bd1d29b2e7d8

SHA256
b765a23389d6e660253b8a0611f1733bacb5e49b165cc319e09909442418ed3b

SHA512
94092e9893b44cf6d54eab6a9048bd9dac2a8509ac33c7ca0b1fc0d78b984d9ae33be5d91e001b47b8b32dd20e6bd663299b8666d1017999a712a37dbf5c9b9b

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
92ed307e866fce493211b593d653a4a8

SHA1
e8a8d45bfdab2221b04d40e25f31ce4daf13b719

SHA256
a3d6833be2e0e1d5ba9dc15dcad2bfb4f441fa462c6d7b59cfaed75bc96578fa

SHA512
72b5eece2e1d7ce5427bc0bd78493e4f9a5fd81e01bbd07e8b07b7dd85dd4caba49516d1dad5b256747c53d41d0733bf3e7e3a8fda2143a60d7543e582a8dfab

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e73c27d3920f98c8d65b4143fdafc9de

SHA1
be4afca6eed1b0baa3a002b6206b870a964a7b05

SHA256
7e356d37995ec519915b85d12571b2dec4d4168094cd9eb57e585e0188937a10

SHA512
72119e84d007d41574c06a8fc80f788904cf6224208fdc179d70bd5331cb87b820ecbc280cf95f28026dc9b07866344b4e8ba54a376883481cb7aef732e74e0e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
55067a332de53c93db71903ab943c85b

SHA1
b97cbfc3dd903a0700223d7bf91ced54c0d9fbdc

SHA256
1d0821c4ea820c7d3629e917d5278c810107d71d8bb4bc77c359d1cb07e3ca86

SHA512
ed115f0569967bc4b3851ee53f74bcb0251e0d7eda8657bcb80f14363821940ddabe60c68b415a169070cd43393559e44bf85e9287ebdf523fec5b726533358e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ab0a166a736101f4fa0087eca99a6d93

SHA1
455ae62f159f2346959d842ec4ee1c2d3785c3ac

SHA256
0f77ff671d5970d4b1d358eaf0f1e09c364d753aabefd26006ad6cae2cd1b7a1

SHA512
229af64949c8574e93c3b6d4a50a9a6bc6fff229a4c981b580695110c66a467ab0fc3d044bd49ccfd8752cf890fc08108e81ea0a6b8eeb6bf00f01779a368360

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de3345ec3f69ad9e1c3f7df4f0107e6b

SHA1
6c005df0188897ee8950138847b322a986d5aeda

SHA256
9c1b46d5de1f09ff03f66819e89d6e93acc8726d176a81352491c257ff23b140

SHA512
37ab5852fe86852f074427a9f943ca98557a0c3ca1674bc914fb321cc57fdf0d24e90f92e618a1d097b68995d68a08a34b7c0103bd33ffcc3a9354ea62236668

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1b35ebb0a615df7ed821685bcd50e161

SHA1
97d6ae39e8d34eaba7e68fd6cc7b585da648db5a

SHA256
27ca80a74d91c9c112a53c795a43b96eb853b2659440fc38f0822105c5d0bde0

SHA512
1f160802508783441f41d52e3f9a421827f0d4a6938ad040d79598a3eb19d9f78fd8d29d02f9588e37e33c1ecc8689e49e1440bf8d3befff40eb9dc0ae003287

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
337df7ab7fad389b16369b46c13f109f

SHA1
72dfef183dd60e6789b7777b4f704a8e6e2ced3d

SHA256
a1bfe2cace366ff4ee2c72f9b4baec4729f9de074fac5e5ecdfeb09dc5a2be8c

SHA512
b9d4757c7e898959447dabaa25c7f45ff6c032b5f805e3a7b7602a36a5d7e92cb16950ff30a73cf2afb2fd4023cf3ca46811c3d5038829faa68d3fef1345cb15

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
af5e45338b7e0fe3d928c1b24d193500

SHA1
68dfaffa802c50118e410b9d45cf6e596cc0feec

SHA256
3d32e7af4cd928c57de2fae322d65c6b2682652950e7cdff6286eac64301618c

SHA512
3ca51ab623b42c13d20fc0b179b01ae86273b831a8467a766681b5076c766b6568ce5fc12b5749490024f5707ff6b8cf6a62c3642f48cdc981393d24e1c51f33

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
25b1fa2a24e14e10dba3c18f07690cbc

SHA1
88a8e7b97f4c2f46b21a7e17a85269d1060bd04b

SHA256
a4919ebd87a44dcbe3d0404441936ed5a6b9cb283b1d28ea4c3f05855c70fd90

SHA512
1e2e7ef5a4dfb6aa2064b15fbdc0dff33c44806b21824815a74c37411124a7a5ca0383ac28959b96dfb2a90228e50938984daaa5db504308f6790519fa12c39e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
cd2c122058186ec9594e5285aea847b3

SHA1
e04f46dfaa154f3ba8406fcf7e773bfd3a80e16f

SHA256
75b3be0824994588b2a2b40c25f1efd2e65afbe9ad426f2a88b450e6711d4b6d

SHA512
9cd191abc301d719554c83fe04f93b5d946cf107173a0be29f6caf9bb598e04f059ff9b8dd1121da8a5d2f6d9bf281c879f9146aa25636197e96fd9b5f36491b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bf1a445f0577ec90cfc4404a49ca1ac6

SHA1
4eb908add7de7abd7bb7c64508be71f35c83eb59

SHA256
38d655e3650b7a8f22b8101ae24e7465ad7b003f68ad8a452fcf504d3dc30974

SHA512
ca3ce23260f2abc63e427c20e0084d0ab64fd779527097989e9e90ef5ccc01c7ca67a567e881ef38c270cf1ac2ce791401918aeca080cf1871d17422d2cb5f03

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
302203a481161137874a6a8f6110fd43

SHA1
6ae51ae5dac8893d287d12bc68f3d8cb01ebddb9

SHA256
8702ae1b511fba339f57674284c1e95292925eb5685417ab846e28091f748790

SHA512
5f411dda7d5669e1233120e082ff3d98f58e58bf1bde31c666df6c354b5750681f29129214573bc445b9788038b7ffdf272032d7b6dffebccc0c1434a96c638e

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8883028942519909710tmp

Filesize
90B

MD5
1499a4841ffd7ab659d3fe90f2ddc342

SHA1
6d9b94099707c5d055a99eab6da4884b7fb97189

SHA256
13d57ed6eb34a32ecce698ebdfd9270d507dd759d78c76f55bb7ba666279f17c

SHA512
2bc6385c21662d90c5a7ba756aec8ca335cec689f651b8256f83d7086641cf569625b5e9d268aa3157e42a3e604dacccac560da46e3fff264e35f56e0e0c6fe2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8985528289918074369tmp

Filesize
554B

MD5
0d6f5ee0baa79e316a6cea421c279917

SHA1
5aa8003c188735cb3dbda2ec19c38c51ebb595f8

SHA256
e05e60bcb6a3918f083a94cf5a1def07e109172d8d0fedaac1a29710e7e86908

SHA512
7087ffc3db77a709ece80f723e56f8f359adb40717da31b537c766f496b8c7811eec3039bf3438934175407b9d6dae5d7fd8eeef6a49d6c71e07545b1cdc867a

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
aa3bd1468948433ddf665ae501f8bc8d

SHA1
1c1e463da58930415e5198eba6270f8e16b1a831

SHA256
c09cb733d640b8fce04f12ab768e61e24e32c97e289013781806511fd42c2a9c

SHA512
3b97ec61bffbf9366f10b451644b8ade9c3465061b19df8d07caecdbae7e0578fabbd6ca3385325a43ed922c77cb18d05c0dd98e38e79c25bbf3ed2f1846195c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads