Overview

overview

10

Static

static

10

Pixel Art.apk

android-9-x86

7

Pixel Art.apk

android-10-x64

7

Pixel Art.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    30-10-2024 18:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Pixel Art.apk

  • Size

    5.5MB

  • MD5

    33dc08a89280839d5ebe61f8ba3c5b83

  • SHA1

    6b9ba586147691f86a1318007d35408085a384b7

  • SHA256

    2d5b6806d9ad74062f2cc6cf2dc5e0f6545639a1b3e6c00ca2f5528f09612783

  • SHA512

    836b2d0c30a34ef2ec544326bac9e605881aedc4d61fcefbbc81ee92919904148e493f76fc26c9a9fecacc9b12ec327c44cb5cec9f3a4f35f53bee39823ea845

  • SSDEEP

    98304:959As3Vg0JZ6hzQTs7dyxcP3FtzoNEV5mzMzBiTs0txFzI3:9gai0JZ3Ts7dy6P3ciVMzx/2

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 3 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Performs UI accessibility actions on behalf of the user 1 TTPs 8 IoCs

    Application may abuse the accessibility service to prevent their removal.

    evasion
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
    evasion
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • criticism.searchcom.looks
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Performs UI accessibility actions on behalf of the user
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Schedules tasks to execute at a specified time
    PID:4627

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-30.txt
    Filesize

    25B

    MD5

    0300ec2f8d88e07f8983e99b902851d4

    SHA1

    ab19b1319d461e2ca7808025c2d2a1852f39cced

    SHA256

    ff7c4baeb96176e50875a3530f2d6fe37a3ab1c0b33c568db7326e0a52bcf7a8

    SHA512

    d8e7c24644da8672b1df959ded2ee1dc2ab673151a1e987ad1e4a1d52da3e784e076ec91fa096a665d75dd91c7ac9563e689d452e405119352ae4761d93bd5bf

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-30.txt
    Filesize

    25B

    MD5

    0d5535c5355c354fc9673314251ad301

    SHA1

    2f50797480887c0fcffef8e0eee926dc5ac35d99

    SHA256

    05f5a9fd6ff214222c4951e2abf569982e205c8cc7bdfb107c85578207e9777d

    SHA512

    466b1ba376fbde4ed889bba63172cb49ce760b52843bd496dc74a96993a37d5c4f8f13c8ddf46fc6a15b80b1d60ce9f6a220dc5f3345284e1e5f577484248365

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-30.txt
    Filesize

    25B

    MD5

    ba30336bf53d54ed3c0ea69dd545de8c

    SHA1

    ce99c6724c75b93b7448e2d9fac16ca702a5711f

    SHA256

    2d6988fb5afdaafc4e33fa1f71d6f10c95ab5a49a8ec820add5b13eef05439af

    SHA512

    eea34ca526e03349e746d3687ea660b4748f0174fe2ffdb65161e232e08630b345e03329614852ce881a71362ba68575e9dd08fa361a416e5b2fb231e21a0a3e

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-30.txt
    Filesize

    280B

    MD5

    86d3da1bdc14e0832affe21a219dd5d1

    SHA1

    d09d4a12d1772b35311c68a71d423e603d70e140

    SHA256

    9e459cc0a118029b6f18dd781b711823ff9e039d512621add4dd419dfc39026c

    SHA512

    17f56709e795ff4314245963d99a1c21a4fdf695961f214cc76039d38001527c798791f1940db5f5298fabbe9111b999ad1a73e459c2e247f70fc21eead499c3

    Download Submit