92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27-10-2024 02:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.systemservice

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
a188ecca3d5420855fdce2791f459931

SHA1
18294ec5c3611ffe260548da0f2ca2c49dacd28f

SHA256
d2c586f8bf5270cb69b2f4331f8341fed47f6b5dfda485e49f250d1e93fe0159

SHA512
14a839538292417c3782ad78da899600ce711f4afbdefe162659af775055a5bb771881a3dea209e0d910c1933d0ccad6396caa28371ca1697fde3dde5f00f772

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
b0445e5c8b83259244b04dd2794958c3

SHA1
2381d285f377aecdd4bfccd22867cb74c48666a1

SHA256
8d4d94313a1bf9623ae0738d6acd7e5c5feab6d37eddfdeb5d2900cb47ab8c27

SHA512
a17c3ac70eca4953395116ae79fbc616f1fdf3752e19d6c9a75e8d33595c0eb6d73d4365a4b0b44f3b07d74bcea977d614239008156e4a2c351478f098dc07e9

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
59de1f96422bf256f11e174926fdebfb

SHA1
8a9b3bd3d07b4e29ee2b46cbf784c58a95557df9

SHA256
2b79b9874f9597f115865f3abef43d668617bd255147a69f69a41dacb3093088

SHA512
93e576d8b4256771c449a4a7767744f33e9d1c78074c655400d973d9e0129f56554a3f808a175da7065230b7bcf543af71c641638dd25675e40c809daf149a17

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
526f3d99cfc8590815114bd3364cdcef

SHA1
4a9180b10b10a1f394ae2cced350931639b6efb9

SHA256
956b483cc625a5fffc0c1368bc0cc5afcc5bd5dcdf70ecce8c0c406ec996c1c4

SHA512
5458f732c2eadfef11d28dca94bf4472a90247e3d045b4214d166007521f1bfca89ad1127691d3206c9c00154fb9b5de36dca5824531ee0a53735bb13df0b4bc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
db193b02267d9cd80ebd3d77f79173b9

SHA1
40c6d7746935f0b2a21306d1f0a16f5d7f3c1e56

SHA256
6160f41d81fc07c805a0f92cd9296607bbf241cc7e197cc1be02b5ab54a87745

SHA512
d0d99008ebb72f95339a19b4ed32efea83fa9fa911340a343b7e26e5d7ea0e3bb4170f952ba29c20aa1fafb83169e97827a6f70aa0bcf7c1eee9dbd418ce49ab

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f87d3c07a0ab01696f6dcdbc2e9d3ad4

SHA1
358b5cfa4f85d270ff68b0a8cfb9c1e9b81f7d38

SHA256
ae8f3e9f119d1c9648c53400ec136d12bbbf90fd090f6c22d49a5e6a87d90865

SHA512
a159f7911def55ad2aa94f6cdb50448ba9f882804d57fa89a6490cc648f82afba7623da1ec3e3be441e366759398a9bdcc0262afdb27426873a67694d33cee32

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
3be4299aecbd9b25925a9bd7c2cb30df

SHA1
45219246768c1c9497787c6ce5427ba8649a752d

SHA256
9e076ce593765f87711bdced7b75c616d34f8a42fd94e0ebde6efd9653c4efaf

SHA512
ffeb7066bf591b4e2472965fa5978c7c90f3c88a9157557fc598d1ee84d4335e6d31697e0b57feee3478afc2015fd0ad3628fa8b7824a6f51d4a03a88edb59e7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
652321192999a2a0565030d2c7d833f1

SHA1
aaff0fa48ed15ee7ca11ffc66967c3b88813861c

SHA256
ec767887650d46e29b2367517d1141d81db235dbdab8a8a0cbad28187020d61c

SHA512
83145e3eb8e6b620c5aa79e0dd1b74711acd9bec6a45933821cd694ce37e048c4efb4e96ef2dc02d062a9f8d990731048e5684f8fe95199b9791bfcccf432a0a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
888576afccc317d1e56c23a00e8bbcf1

SHA1
f6a7d179a73f7156780fb44023626a2385d535a6

SHA256
86a4d7f87cbfd1f8a8377a37c73664cfff1cf88d1b27d5cfda741a1520abbc8c

SHA512
9bc6287ae0377d36d0b7d0766ba76b1c6495f8824b59be81c6035b81f90910ebac53096a396789f7b36c816b605872713e9fce4c69eb3898cdc4ad421daa5cf6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f2a77e908d900edc6dfcaa24c95f7699

SHA1
4fb953db54f3df2d4e1ad0e143fc72fa947a250f

SHA256
d875f7d49264a73311b1294cb3293ecfa45b924374b1bce000ce4e0d44aa5ef1

SHA512
57cd649432048b9a1a14bc1a538e4920a67148fd449671403e72dfbf7efab8db4a3a381f3fe8e9d210acbb5ab2993cb0652b4acb6f38be660847f0513a619e9e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
727f7839810692f26114f4c84cba1076

SHA1
21fe2ef4f1f8601bf5d244b5afbae91dc4b1925a

SHA256
8eca06e532441d5480a7494f2cbfc3d2912262b80b0e80ae9835084bac01701e

SHA512
54054b5806f212a72b855f4386ef84e6fbe79ff40f38fe5b9a2d60d6a11703f0e400081b6eb1a243a795d886902fe94ac13f033f46c67feb6bad9f0dd533a67e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
155f11d43ba855def43a50816e3b446a

SHA1
74da8b56a4ac99c1c88f0af5510633f40b146b04

SHA256
4212fb5dc9581a1b711f465046a2caca61199ebb11ca5f49510103b0f533bf41

SHA512
847ebfc7e85ba0a15d1aac2f8583b41688bf56bc7320ac97a9597aa009f705ff486f33aaf3b6154631ae594ada282ea74df1f61ff7f2a759f43d90731fcd94c4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7d119d08987991d498956eb00e11c368

SHA1
63cc0b01703549f3d8f560a05036e8bef0e065fb

SHA256
f712fc6c5598e3f30206bac99ed2cfb85fecbb8527f0989ab1935d6f96903e34

SHA512
85d434b131cda683b8b571fcf678c33d1500545e997ce08e41dca96e4d20b353c99b36fbbc2ab4883d185a02247c9540e48f4a0e7c526e9631765aa6119b39b2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation310656574201866835tmp

Filesize
90B

MD5
2bb066a10a9ad28d368b416e114bd9e0

SHA1
0f9a30479eaff94a1617ca21c66764a112678da5

SHA256
06410596dffc519030f4db5d518444aef4d832c4617c082652b9ec4dbc710e31

SHA512
98ce528dca8529fa221b2f350de2b96bd6f499de546d46c6a3fda094511adc8dd245a8e857c22db65213f8df6381237f51c159fb9b4a4374b77046cc24547069

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4323393072026736551tmp

Filesize
556B

MD5
3f9038afc4e8f0d1f1f8886dfc490447

SHA1
7cc1ef4e79c41f1fb6300adcc313dedb7a3f6389

SHA256
3dca8f8a61719aef41050ccffb0202295f2033480564ba278d9fdbbc9020f7a9

SHA512
66ca778e4b22d3a687814e055f698e941862fcfac212e1d4582140b1925c1e12321c9433cc128edd246e9d08ae3ef71f6e0290995e8f38b26f37e1328180d908

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
e6e0b5ea5aad2a8b6860f85daa92a7c3

SHA1
406f0c434882592899ce4cb1820c02b0949686f1

SHA256
c432292ea4814418539752a1bc22f8661e4f1d3664b3399dbe69556fd0156d85

SHA512
577fac23fe79a817b42fae2607886885c0dfe583ef9236473190eebac3a5a4ab5abfcf3b1f26d8f7f4cac70f46f5f679c527a117f3ea22fd348621f6144f5d1e

Download Submit