92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
20-10-2024 02:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4964

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
385dabef4ef3b3031285ac19bd169540

SHA1
7dca717ffe486f7a20b69ff08ece625ab3457b22

SHA256
590c9d81a705cd61cd242e8531317fe71859fcd06d9be623bca69450b889d3b9

SHA512
6793cb07c539d084411f0e9d4d92c95af7a7386aef6c9df0f5e89f824dce519688367ad24da8d1e39f9835b9123471f8c622918dd1eeac3c6ea77645a773059d

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
6cbb5cf0e4d28fd85303d9a5e0dcf6ca

SHA1
af6887f540e7c9897d7c359f733fe66aebf36b07

SHA256
ca488d3c49f81e95826316aef3ec3c7c55b27d7bfcbdaed0250356579298ee29

SHA512
7dd518615c126a42df6cf2e0e37be9b917df87d9ff72d7bba753a49f482fb4b97dde65bed91bd9b34b5f618c2f46a983e24096508c84441da93f3385e1438dac

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
05bdc89360adf8643ff0a0f30e4d7759

SHA1
9146d8e0013bdd8fdd1b6acdd70b91582f366736

SHA256
5ff0ba4d43dfefe199252762cfae278bcd47b49a4f1719c2994dc613140bb6a3

SHA512
87b910d7f9834e1a253fbccb49ec85b48e75be20cb194ebf56a09ae27d0399256529c275ff6f601c3ece0fb9bf1c789ddae98b20c4052680753d1487589ef03d

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
8438bfd46e3bd9a416aff431d3547a70

SHA1
6eff74ce1a2cfde8ba8b53dd7ad3a02dd2789717

SHA256
b516cd6e68927775ed34b298417b2b5d1da4bee2ee4d1906c03f6631e8665592

SHA512
cae01087fbb96c23800c6d16ca9023d816c9351f54d80343df9a2e0ebf1c688b29ecb99a2d62203defd5af63179839387042fda688231651fac671e693ca0c89

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
953496e025854cddd43e2de03db9d9c7

SHA1
a1003ac0e9dc7e08851487d0006fa65287a30eff

SHA256
a9cde8b71096d03f0958ca4d701397811e4cdcc5228015a15d5293a00c162f51

SHA512
2a2d64ed65f010941a1e62caa0352443c6641ef53494f1d4761a304eab6e24ad54cfb2f4645c6669bf365eabae2de6a38a7056c3af7d83c532adeee324bf2b66

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
40549964892526db4c8b9561457a3fb9

SHA1
5593043d231dc672371985beb1db37ca28f67265

SHA256
cf6450e3a079313f0fd7859e7bac64367d94b272a6be2f2707145886b54d38e1

SHA512
420927e7075d9b42be3f2923251ae647214c001de4f880a73dacf808f3887f376ef18968222f7504a2647aa649c9601df5501376e1050400a21e6fc4fda394cc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ec8ed0b024dd56d0fb574dfb4a06766b

SHA1
9f659924aa3f8810f76ca5073dacfc20ca5ac6b9

SHA256
ba76fb93a798a8478f64eec8895733515c6573e04d04cd1f09a73a3f10ec56fe

SHA512
4c26ac48836f593cc65ecec1d1e85b84ab1df084dc95e477641b789c7cf520d032e1e7f80c4c10579fe71156a25aa7280a548eefa83be25c33578924ca192688

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d47108a1eab0a513e2b4359828457a18

SHA1
347042cb8174670c54a9db2f82a98857596a8a8e

SHA256
f3463b4273c42442554cca02bdb6b808f4dba0050d1213ee7b008ed6e1ffca24

SHA512
34688902c0ee767274657fdb4888c2ad9ff6aa82c3f6d0b35c269e3b8e8a05692bc701b2be6e509fe374efe2bae8d3169fcb9d2edb335b3bdc8b638eae625124

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f871ff700510a56a54fdd56bc41b7541

SHA1
481548c8bc3254a00f497140278597b915460c48

SHA256
ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

SHA512
12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c6293950c249fb9649a31b2fb1802478

SHA1
dae8b4cf3201dfc427e009a06697ca49dd0e11b8

SHA256
45be56fd3de719532b34cc165025ce1c72046e69b79def5e53b010ce02fe3818

SHA512
4e8cd247c3ec19a388a0e120da8bd31673bc4c2ee344e028054dab7482729533d961a2eb09801b0d436aefd052c1ddfc26f6d5de5f0dbeef6fb1be1df037c2a7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0423b0f10bda8a1794cf0b33be780650

SHA1
bd5f3a5e188c01c63b370f8b4903ef26f289bd45

SHA256
317bf723357e04465e764688798f2d1c8d69e855c231a10f9415f1a44b82a4e1

SHA512
7f90732c549db78d68409bddd540d5af115545396d8cd82d3e392b1039f3f327b30380f458a8837911ce1bbfe6273c8e85841b287fe980c960506479111faf1b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
70d5b3a33055e59b15cda497d838eac4

SHA1
67be8e1550e715479aaa24a00f43f3b09f173f16

SHA256
cb8f7e597a9fe7180290618bc3b0e08f5735e271de23016657abe4d289c19788

SHA512
e4a8e974d81b87c92c10ffb60e7e689e8f04eca111341d4fb90c50deb89cf2cdb50288b2a84fd441858a051379ab5d7a1ec7fc99a9661669077d75f97ad31923

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3a1baf1bc2060f16a7528b3d708d3b23

SHA1
f22fcd71cfe8deab76b8e7ebef307a2ce06e90b6

SHA256
449532f60b7ed2e92f64847373171f1c2e6530cea7f0d8837ec8c09d00c76ae1

SHA512
09162d4aa1dcb76527d2e6753ffb7f38b5e93cbaa9b0a1c1deb57f5f961effd4366896f2ce373373f75ddd64c2261d5ae24f42401b0daa394fef78017defd69a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
eacaa0d6d9766cb106be889a17c16808

SHA1
7faf510d968bb485b46379f1d3d7e51d1dfe7883

SHA256
c012a7fa6bc1625fba3b8f3a0d4828069539def585140f42c21a65c9e657e68f

SHA512
0caec015ddf4ca16d19f4379163320c1669a079c82edfa4e0d18fda86fe473bca6621b9aacf275096338afa071b4e94a20dbfcba7da9c86c7c93af992b439f0d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ebb05270e0eea2de4adf588d6ed0ee5a

SHA1
dac0f878a9c8bd31698606d9cbd84367ca598c63

SHA256
483a77aa5dacd8cb6638b6f57608a33de3e929d4a78b28fdaa9e87ecc88bfd2b

SHA512
865f55398a1c5a88c4b7e51dbbd2514f75d4438812e9c5a398bd99ca986e7ddce17ae49cd8ff92b920c4dfad59a94a8712a460d4af7f59cfa5083a3aed87c026

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4986749282291392193tmp

Filesize
556B

MD5
f7a5896ebb65c5e92f040f98cf75ce9c

SHA1
84320a50e35347cae22bc8971d04d466b49bcb45

SHA256
cb16568a72c42ab6fd17ed0e09ac82afe31fed9f284d0be52c318d0bc8df0d94

SHA512
0f2eab6ce2ae374ab16fa4618e7bcea39552b2bb007fcfb7808358e0467787844cb2db87cb95eff35d426cc2a78c7f1154c58e184665f179037ac0012e95c299

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8241865170978626494tmp

Filesize
90B

MD5
aee37be37fe3442ee9da505dcbf9136f

SHA1
14e3bcce7fce4fe354d85c29fc091ba69a103a72

SHA256
4845fcca0acf1c03ae8c5f1be85a89ca8e5d0a1c918e8176400f34c7edecd5fb

SHA512
ff387b596970a8113a11359d2b8847e9352edec3012a415a66fbd0a9d1270563d9be077c3ca84c64fba9a5a03bc1fc176742e44fe6101360e4e7bf6a320e5e85

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
fcba89890a14aebabfc060394c103557

SHA1
1c38ff0cd4a80fa87f9943df0dae7785faa19694

SHA256
75fcaa81c10c83c764918ff8a8ff76b15f5ee1d173ef279c849f8ea925a5dc32

SHA512
71f387f28a2617a2ad1c186372ed63811fa35a07f21cfedc6fe7b7baa9ba5393f133751748314a9e5dd9e915ca3d830f749869162b02cd2cdb8d508a9b09983b

Download Submit