Resubmissions
13/06/2025, 13:37
250613-qw645sam9t 1009/06/2025, 08:27
250609-kclq7sbp4t 701/11/2024, 07:56
241101-js2xpaxjbw 730/10/2024, 09:11
241030-k5n22aypbs 7Analysis
-
max time kernel
48s -
max time network
156s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
30/10/2024, 09:11
Static task
static1
Behavioral task
behavioral1
Sample
certificado.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
certificado.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
certificado.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
update.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral5
Sample
update.apk
Resource
android-x64-20240910-en
General
-
Target
certificado.apk
-
Size
17.9MB
-
MD5
3701535f51fe33673fef155d43247df5
-
SHA1
e0eb39589a97a4d576b8f9be9d41cdbfbd177c67
-
SHA256
e9f2f6e47e071ed2a0df5c75e787b2512ba8a601e55c91ab49ea837fd7a0fc85
-
SHA512
53e4ef2f7ebf41d3367bf556ba03e32512d4fbeb1aee3c5daa462daf9671fff948b1bcb1a3c531932f79c1cf088eb5bbaaf1d43ed2dee55388d53e30c394eb34
-
SSDEEP
196608:DS69BN8O5zZcRGGBEbcjxrlzilUasQyOdtkXGXXwcKJmUMGlOrINAHKdMabDu9I:DL0OGBEbc1RasZOdtcugchNXrINnd1
Malware Config
Signatures
-
Declares broadcast receivers with permission to handle system events 1 IoCs
description ioc Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN -
Declares services with permission to bind to the system 1 IoCs
description ioc Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE -
Requests allowing to install additional applications from unknown sources. 1 TTPs 1 IoCs
description ioc Process Intent action android.settings.MANAGE_UNKNOWN_APP_SOURCES com.support.litework -
Requests dangerous framework permissions 21 IoCs
description ioc Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access location in the background. android.permission.ACCESS_BACKGROUND_LOCATION Allows an app to post notifications. android.permission.POST_NOTIFICATIONS Allows an application to record audio. android.permission.RECORD_AUDIO Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS Required to be able to access the camera device. android.permission.CAMERA Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to read audio files from external storage. android.permission.READ_MEDIA_AUDIO Allows an application to read image files from external storage. android.permission.READ_MEDIA_IMAGES Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application a broad access to external storage in scoped storage. android.permission.MANAGE_EXTERNAL_STORAGE Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows read access to the device's phone number(s). android.permission.READ_PHONE_NUMBERS Allows an application to read the user's call log. android.permission.READ_CALL_LOG Allows an application to write and read the user's call log data. android.permission.WRITE_CALL_LOG Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24B
MD5ea842e58f01118cc9e47cefcf2f021e0
SHA185b1f831d4bfc34f7c3bec1c31eb73b11121773e
SHA2565169fe6634d6ba7a62bfa717307be57d393f0e9f6fce85b9834e6a63c826cd76
SHA51219df02b26fc845c7efd5262ff416e66073dad64ca5fecfb27fabda61b01527c53166c5daaa2043a6d6c108f67fb0d92510c82ca69b7e1cda4c7579284f5cdead
-
Filesize
8.1MB
MD56841b9fe23cde512d040a8eb2a76078e
SHA180dd5ed2d4996b409c957ce363831041783f5506
SHA25673e647287408b2d40f53791b8a387a2f7eb6b1bba1926276e032bf2833354cc4
SHA5125874ac297770861e4ebe673c68ff1da0fd6c4331b2e6365b90e5c0a8920abd97469bc9b59ad87b5afe65305451d7b42e208b351fbd5a5499de7d625191ec013e