Overview

overview

10

Static

static

10

578a103e30...c1.apk

android-9-x86

8

578a103e30...c1.apk

android-10-x64

8

578a103e30...c1.apk

android-11-x64

8

Analysis

  • max time kernel
    23s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    24-10-2024 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    578a103e3064e135a772471a11bf76c6966cea8ea45746907e8c5b33172bb5c1.apk

  • Size

    907KB

  • MD5

    41000b5ebb492adcd4afafd049b078cc

  • SHA1

    e1e938a4337dce01924c6b4107b4290eb071b11a

  • SHA256

    578a103e3064e135a772471a11bf76c6966cea8ea45746907e8c5b33172bb5c1

  • SHA512

    8a8a9c8a8ad3055bd1b66fb96d5a18588cd989d72991564afac58f350fdae8a6c80623de85fdb06e5e6de94834e7a72a83485228f0da753b56c8bad94123b4a3

  • SSDEEP

    12288:l75K6Rq21wzSvNs+vz8eguM9Bj/wE+cgXJcVfmESeeeeeeeeedIDpsPl7656p7BO:mGNwzSvN/b8bZ9BbjgZ4+E+ol7nYyvkD

Score
8/10
collectioncredential_accessdiscoveryevasionimpactpersistencestealthtrojan

Malware Config

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5141

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

1
T1624

Broadcast Receivers

1
T1624.001

Foreground Persistence

1
T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

1
T1541

Hide Artifacts

1
T1628

Suppress Application Icon

1
T1628.001

Input Injection

1
T1516

Virtualization/Sandbox Evasion

2
T1633

System Checks

2
T1633.001

Credential Access

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

System Information Discovery

2
T1426

System Network Configuration Discovery

1
T1422

System Network Connections Discovery

1
T1421

Lateral Movement

Collection

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Screen Capture

1
T1513

Command and Control

Exfiltration

Impact

Data Manipulation

1
T1641

Transmitted Data Manipulation

1
T1641.001

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-24.txt
    Filesize

    48B

    MD5

    534058b03134422eeb6493c1efc51e85

    SHA1

    bf1bf0b14521d4d4002dbf59c8f435a5238390b8

    SHA256

    888e57c1d06dc89ad6a1959cb0daaf41988b79880bb4a7eaa4d77dd68fde51bf

    SHA512

    b9d6db5ceafccd11d37480b18c2c6755590e1061b17cfc2a35391424ee1fa97f09846847c14328fdd48874eb8083d5ab1677ec55be745b6d63a432c237228ff7

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-24.txt
    Filesize

    12B

    MD5

    a9256f55737b655c8cff95418411997c

    SHA1

    d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

    SHA256

    bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

    SHA512

    10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-24.txt
    Filesize

    283B

    MD5

    8e9b9a424fd79e057dbe3b5d49459077

    SHA1

    f6863434b843f5d6256eb1977cf5929eea2711a6

    SHA256

    9d23579e02b112892a99088ed2b23368fdae322c8cdf8f489788734ed149cb98

    SHA512

    8d3dd6d0e0c718037cb034d16c31b7cc9f69922087e007345e800c8732349bdffb72bd2f186f15e1e9c0dba0baf1eeab662394b3bd21f8d5abbfbdad64f99acc

    Download Submit