92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21-10-2024 02:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.systemservice

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4256

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
7ec53d3af73b8c12abc0a8fef57b0021

SHA1
6ffe59fec82c62eff442acecfdf14d91161e5050

SHA256
d33bd04a56668c8b6876ba9586fc4b49cde2c97648f0855d2997e854814dd498

SHA512
7378e28b5c47e82489e0f3229bfa580e2185dfaeb0be6ad3c1e933a301003b5f38e0709b7f1635eb9dfde3ab4f85ed07f1e4389a51dea9028729659dce4e8266

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
9fed53a553b415decc4d0974cd7eb9e5

SHA1
79e8ffd8c44982587b4c756b64cf921e83043912

SHA256
ea2790eb030da040327ad7367b51fa5edd9fba54cf6e756f203305b6cb497f7b

SHA512
e402d625d99b425e7f06bdc1cade2d7d6b47e7023502c4b28c72475946630c3bc92c869be9c0137420d0127717d43636cb816cdda1e52a9444a092a58b835036

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6075133996a47e1ec33fc402feb7706b

SHA1
6cc912f4ffc8b611017c63e977d844b6c8c5cd65

SHA256
c462bf1e46f00f084f67ff6afab807f1db2f4769cd50cbedd6cf50ca3c7b3c75

SHA512
d5c9f7b3317142fc7eb93e33a9b2892035674c6ecbdf8801724a94bf0bc30fb633e064185eacbce94c1c9560b56ab4a5393dbb8ba4d8103294326cca158b5934

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cad28754e753d46883e52279e18787fd

SHA1
61f7186232544e546297a577a271fbef7e3503dd

SHA256
78fed1f0a35384b76303773404a352fa9bf302d35aa0c7b5a3e145dbed0b9294

SHA512
25be23f9924396ab91c86574d05ec0ce971d8f69ad0303a15abf23f3d8f32664dcf4e5762c90ef7eb1b4afa89ac51c2971f05e781de3af4559aea6f90a4d5c25

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fe071766930da04bee680c8eb8fb9125

SHA1
5fb7e57c66823c9b32e1b4adff64712fde27f670

SHA256
78a2f8657c0036860dea47241ebf66326573732647956d9180096e035ec2d647

SHA512
59bc8c4610ffbe5ddaa6fc56fa330f64bc5c98e0b8997f91d85e38cb7b88b93bd3dbd4d045fab0a7c392284bf18aa5e54447b3ab0b46ac6d10bd293569a1a5f0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c1c11c8c2ba74ba285577380eae2cb5e

SHA1
b21802d4bb3bf3e58bf71a87bb143aa18605fcc0

SHA256
c16b100634cf70bc51057b5ea51136db5642ad2985c96efc8044b3bf551e5cac

SHA512
669023105b6ef78c977d67f38142c903280145a87c77abbc7ffd682652953377d6977d5c7fa5da189e0468422016303112c93ab6482677fcce96c94b65f78ba2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ae5ef1e6d3ff4e324e54b21f33271f9f

SHA1
f905b42e5678ef156e950efee77a02a14c2c9de5

SHA256
4954cd59861b92e56533b1fcb401cd37e30afe92aedb4b63b966ce899d4f6fdc

SHA512
dff74a789a231bfe6aac9dbab3a987548fb433ea228f54b17a11430ef2519551084ee6b7b15616fdefcb306ff594768efaf7390836b827c333a56a5c2795288e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3591a19d7f107e27446042308b043340

SHA1
806db9b0453dabfbd2a13389033da9d88b590fa8

SHA256
c4ec6731a3b886f20b50d51264e7e58e6dc3ce9e4e02b376a986e636d9539505

SHA512
fdc556e0d140561a48130811a1e1e2273cce957d903e7c7618784bc829e4942b3fc88e573b5386d29117ef08ddbe713514f7accb2a2d4cf9310ddba41bea3ab8

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
44a62e5d2342b120df2552032234cad9

SHA1
af1d44a7b64dc0f046a1bf8ee5e6fa88c1f43970

SHA256
67c584b9fef23ce5961a2e09df1b0b9d6d4ce2536c57b5328f314ecba2cd0aca

SHA512
389fdb6f809814ad5be33d9061b6c4b5a3fb412e8ee65924350fb77b87952bbfebc61cdd1d0cac65479e7ff0a1668f93753a0a869600e378f2db41195070b024

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e20558725127d917a90662546e9bca04

SHA1
e1ca1594de330a1ced97d7369ff7190655663028

SHA256
89904cc1a060fe8fa2c2616c133b4edde19d269a473f4464c43a6ff91d12e9c4

SHA512
669f372b16fed8b57cbbac57e37d63219ef6d99e1d0eaec63ea8f44462262f8acb38960f0bc8a18fd35417a900105fd09335157d67e0112b17ff9602096153f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
07da856e490c21dbf5bcb60aa65df183

SHA1
b406815629cb792989060cf357a58dcd840bef63

SHA256
1182f0a313e5e05fd3eac5cceb9317d8695b83bc0b43e1537f66704b6e7be9e7

SHA512
9441690221388bfb282ec6f15bd828ac3a2e316186ce636bbce393bee230baeaa9cc9253ca52f17a6b69586485f1a2798ccd7f2c9e4d3ffe3e20b0b2dc7bba33

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
62c01cda90c3d6f85410e2104cae7e9c

SHA1
d4eae20bf41bbbd496d0b49b6da910e1a8978a5e

SHA256
fe0869d445c3357cd623cb346f7cdc614a5dc7fb2112b7c9606460ab087ef36d

SHA512
1d240305a482b0de6c62d9deff0d638b3087b179b55030fd8b0a7f70c85cec3bff2963e5d405b6b5a666944d591531baef0d4d37f57e00079a39c0301ca67128

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a4692367d2ce40f6b567a4a3afc2b0dd

SHA1
64bb284e9bbfc0b1787c54c41947baa30a2169ad

SHA256
fa3df300fac2fc7a343e2759a3ed98360f03d4e90c43ec24d448c2628720bb6f

SHA512
c84befe097f683285959d0c1027e13a786e4021d86a771b089c5aee9f2cb42603b538a7ed3ef85d9f5f3a6832c741b9481a047ccf2829dbfe5e6a4244cc2d02b

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7635326115085946567tmp

Filesize
90B

MD5
83d60a79387f0441b1d8c728f7f92759

SHA1
3c29b0daad92ce26654fad0f70194c0a7d2b6952

SHA256
b98144960d480029c43f2cb88a9594fb82ab0adb9041d00c7dc4ef04e8ec2f93

SHA512
fc92b521aebc200048baac1f8ccb27d67541a3d1c952ccf58838544f696af966e4f5b71492700b84e9da1d05a55c03cfb6dfe8f0e3a242b0ff12043c8780b665

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8408696755270300267tmp

Filesize
553B

MD5
fdec96e1dd6dd8302b7c0263ad200b14

SHA1
2a37c2971eafa6c9b364905390f5fa56963e9e69

SHA256
73fead4315c46145a9694118c76c2e046fe25a684b15ce8f5e9894c57e74533f

SHA512
66907cd37ade63a6eeab778bf359ce5b90412e6bef7b7975c6dd692084e84e32c14ec9c3bc229fda9d22adaca4257d4f097a4170c0c6213fe7eda62babf050ff

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
65ab5eb304ad73e0e6bec89dd1bda4e6

SHA1
9651069ebb4b584f6032a6bab9d02df7779af146

SHA256
5e21e1c12a06e04e4c3bab895d77ba4f39d76d70192cd1bf1c0f8c156e2c8069

SHA512
c73abc2f05c6f08851c2827b88c96c53022d6ba0fbfee90615007bd4931e97e4bee5dc3975c1c603350d145551bd28390a02c8af681630a91fcd279307f41092

Download Submit