92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Resubmissions

24-10-2024 03:22

241024-dw319sthrk 10

24-10-2024 02:40

241024-c537ys1blh 10

24-10-2024 02:34

241024-c2p6xs1aka 10

Analysis

max time kernel
16s
max time network
145s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
24-10-2024 02:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4976

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
f80424e731e7978af1015261d1cfeb09

SHA1
a426a0f77dd5eeca0650b575be3e734cb4279d13

SHA256
d0b088e9d04cade35ac3f3c1d70364584781b62086dba280a0bf062f9588ad7c

SHA512
9db618580a5a6da48408c202ab7ad597bfc13cf53787e98b21804fea1d9d49d00b90e9548607981e1ac850b174a102e2bf0355a8adb4db6b5d55a16f95746a5a

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
e040bad2e4e729b7ca674b89b34b5d60

SHA1
fd54543b92979a51bfc229db3f25f4ac7d749673

SHA256
59ba9d3f7b741a6d51e15aad34bcdd8a11456ba497ee4701f2fea1121d71b1ff

SHA512
25f656a78d158b25fd45e3055cde7349eaf075c2fcd6fbcde4650f3edfd316aa09e06ac5e158f1c3bffad002913c59b44670d871238715ca04a854e70c75a66b

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
5c828357dbcd0df5fc2888c90d28ab82

SHA1
447f6545c12332b8e212ecc7cd6e6a8ad0817892

SHA256
6839778f10c6be8313d851643f36300ba491d7f1048ee5f5e8f622c0489ccdde

SHA512
8a8d08ddd4e5c68c3c3405bfe6f3c78c6a741aacd7b02391c926db9fc89d9b97ec1af65448dd27ce1d20d1e6d2e4976eb9e1a074398c2ee3d67dea363220fbff

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e7a81dd0c2297a8d2d0b52becc2503f3

SHA1
986eecc4a5b52ce791245e2b88f6d54bfe734c63

SHA256
2b0a8e3bd1d4d9a5edf99591d24a9029dcd90f2f1d577a12e1a554158e81ef7f

SHA512
a736a64e203135a3d38773fd88d2921fd86d5fadbdca1dbd40f4b27e6eedb73f6af58d305736576d5209a780629599daf492ae343ebae5332ed5f8d465e7746a

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a0589de1d464a49ce92b678d5d3b93b6

SHA1
3e22b4d5cbf9314da8a7564beef9abcd3aa27527

SHA256
174e527ab045fea166139173a05cf804a465ab60469e197f509be398569e93fb

SHA512
fffb7248445ca37c1ea8489ffce0190c2857dd4926ea9a04f4197b2e33590f36243991c7942a81e2f4369197fa24e1732fab74b95fec3f3120c1d5a713472bfb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6bb9f97fcf3ffeb6ba090c058e15a809

SHA1
8f778918d9f86b1b0660d07e3a21f37cd5a7d659

SHA256
aecf74337a3fe37482e5348830ef0067483a3e6744ab7a42e5de186487f3ae20

SHA512
7c0addd73040ee5a3841d68f556778195c17cae8643b89d0a139d7312028146a73b4cf0cf7cb655209ce5701f834bf4ab1e82171297df3227ebced6fd998d10f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
832cc5eb52622ed5e480a26fd9d44a43

SHA1
7b179793b531778c6709698369d71e31ad66b48a

SHA256
8d741382bbbae6470b2ae30a1c7f2b924a5f15ff3ff0c3c7407cba58995a12cd

SHA512
a8c45010e5a3b8fde3a2add16ce599aae6b837fd53847cebfe476f48552682e3e92b361d087c1ba2a33e3eb3924a6002b97b7553fee888091778634a937f9e85

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9cfb4bdc091c456f852701461bb83764

SHA1
c08b8834825eadeeff3d0af51761d6b54b96dde7

SHA256
430e5bb6c622d41d482c2356ff084fde9e7f29b7728e721c096f0f429d23e5ea

SHA512
a0a8df16b67c8cfc3d8081405710ea02e160c5ad20974bdab79e0a128ec2f5e0e27e27e7bcc3784ffc73562ae8469b9464eb8319d77fa4e1f751c7e06df40e41

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f871ff700510a56a54fdd56bc41b7541

SHA1
481548c8bc3254a00f497140278597b915460c48

SHA256
ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

SHA512
12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ec7b79b6802d890cade8aa9942c44473

SHA1
cc28dc0fcab83fcc0846043837cea56d2a3e0e20

SHA256
96d14209279a18f3f0d3a708619658952837f3adc983475cacf8bce127c8e853

SHA512
b0654636f9b3339c7c5a6e2eb47ebd9b9d391713af453edc7bd56ccd04556ed7e20097f59e9abb8119712dcda0965c526a06be248aee5cfe01068adad75d99f5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b840658d29ea8fba8cc0c72ca75e78c6

SHA1
b976f593d7b354d9db2a4ade16d18377fda38d7b

SHA256
1a29fb35b10fdce489f006a8a7a87dff9273376e81079294c112056c5c177193

SHA512
31cf90d7f45deb7118bcb9941826f89750263a92e62a73edb1871f4dd69c4ce85015682ad34875c6bb1ef2b0fa69cdbbd326ebf95329278d019dd9e36aeaece5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
188b693ff62035a5ecbf45c7a700f34e

SHA1
dc1365541e7a44c4e2fda2a9f35116bf99fc5d76

SHA256
ccbc51d45601fb3bdb7ebb0b4e764eb82ce3d0acf27a03ed1ced1a342819279c

SHA512
451ac6384ec002101e6c52462e4fae37c2f89b953b28ab1ba53cf541dbaea59854daed191e2aff53cd77e829e689abf661152e13a23ac0a69e337448b3081bea

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2d3ec068c7d43f79515eae9c623566c4

SHA1
52f06caaaf863f29fdf4c2997c505dd913aff9f7

SHA256
f9048459b91fb37cc389a97fcc1a342e7f4161b50928156ef69ecd43c65adf73

SHA512
c674513bf07a6d9f20ddd201cc8080fd46a72fc76f73ed5c9a7e37769ae9c4c1a10fa6f5987d1631b0c0124e8b261127f266f3a40f851f07ce13a7e3fac0677c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
add6364e9551293e8e7661ec65ca1ddb

SHA1
be1ba1e07cdbf731ccede68faba3f4d28b01312f

SHA256
33e8dea5b84247d7e830e229d54821359af334fc5f0065fb7da7514c280598a8

SHA512
1b3f3208de762544989ac7ffcae4bedf92801cad4d395e2bca0b2f63e573ae80842c5a73508f9736d3b62a57b769035d4adf625a5df11313a94dffa3f4404fed

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4650dc753740c012e9f64acb122697ac

SHA1
1dd8b428ecf1281bbce15104cb1426f4c7bd53c4

SHA256
cadfa9af6148569063c2673668435762f9e3c1f637aacc73155f90c51e88178e

SHA512
f5745f1d141c94c18d8c6963379ddaf399c09e4bbc9adb7ffdfd0e9e8ccdb41a49aefe807fe1b2a9ea7773d34f84c9b21d2c3a5e1bac70b0c590ff4fa3f86cb0

Download Submit
/data/data/com.systemservice/files/PersistedInstallation1598393449116832403tmp

Filesize
90B

MD5
93ca3684df5cd1482fb07ed9b8b52e3b

SHA1
68950d8c069c05105c563fac9147585bc1eaf566

SHA256
dde199a3543288c720df60857ed34611b541dff530ebcc02c554e88d59c98b93

SHA512
6082dcfe3a7ccd4aed284affe47a03b90f6fbc0de29e071f41cd50925ee72d2456a1e30d39d75ba3c6448c35f2d7d21f1517608af6afe511ad3d5bee2cc84a9d

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5367392051222614019tmp

Filesize
556B

MD5
74ff458fec1c7f14d699dfed92deffc0

SHA1
8e4a585400b14d012df53147885e5f8da6bc89af

SHA256
94eeed66271ab623ee847bb9a2edbf5c42e8925b80018ee8d123533c5e3dcb0b

SHA512
6bb12450173c1eddd62c3613490a8d7369c99d3d5dbf47dde833c5b26798933d21232f9d6e1e68b7f179b7696be4ab81863435816685447b19b761e08061dc96

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
7c98917440570be05f1154e22aa153b8

SHA1
9542a8903646b6a518e8be0553c9ad9899bdd4d8

SHA256
bb70e97115049241a1d007b234d3c2f2452063cbc34614b6024646a0b1656173

SHA512
b000824598d6f24dfc2ed5e15575ddefa2fc360648667b73ea68f6ad3bd573e957ef8365607b6b955727d7b15319ee1351ef506e980bcbbe101a01d705ae0266

Download Submit