Analysis
-
max time kernel
146s -
max time network
155s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system -
submitted
26-10-2024 22:03
Behavioral task
behavioral1
Sample
99c8fbd18500935780f706afe02b3171d9eeb02abab86d2bafe9045624a30b36.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
99c8fbd18500935780f706afe02b3171d9eeb02abab86d2bafe9045624a30b36.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
99c8fbd18500935780f706afe02b3171d9eeb02abab86d2bafe9045624a30b36.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
99c8fbd18500935780f706afe02b3171d9eeb02abab86d2bafe9045624a30b36.apk
-
Size
760KB
-
MD5
99ebc8674f0991544dd85a9d8772d13a
-
SHA1
56a72e6d9037cc7c304d9df150ff71b50311a81d
-
SHA256
99c8fbd18500935780f706afe02b3171d9eeb02abab86d2bafe9045624a30b36
-
SHA512
ca01fef8936b9b05a1823ebaf2adc3f0e18876be2bdb4af419c6a3822d3da0e15e904c6ccbfebedd9e3cf173986628c60eeaa5c80d8e0a7f46f7a3beaf1f65d2
-
SSDEEP
12288:rdl1qa1a8LVe5OopwBt15WmpYshXZPbGwidNpgF:rYa1aKe5NwBt15WmD9idNpi
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc Process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc Process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 2 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc Process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch