92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
05/11/2024, 02:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4261

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
0d90584de44fa3d78ee5361d7fbc204f

SHA1
495745c776f1b60a234d6f3962a4a6857b4c73f7

SHA256
47f8f391689dc8e67776cac8478239309fc666a928dc51d75e2d7de6d629e413

SHA512
fd2f4fb93d93e3e4a75bc1280981dabe950e34c0f1756d8448d4438c4cadc2c9f38f2d7e961da9cf823316bc1f4a8df53a1d9d8b616d8a7c51d355a1707a010b

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
0fcf2cce4ea2b81760761f57e6cc0186

SHA1
0727bb5677f7df02e15c07e00c91d546744175fc

SHA256
5103992cf58c93a0eb62a52eeda59227e7b8054c35a98cf355d94478461297e9

SHA512
3d969b6611f10ce7069aae70a8cb0a104bf11bae868101ba672992c300e31d4490bc63de80a168ac2fa8f4848e6e3d7051a95d44497f5715d199a5a43442bf47

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c6b58d6ee215600c955e08a3d261e10b

SHA1
bae2d519ef80e348562bc82830b431664457dea4

SHA256
f6f76486782d02ad48b169ab3e968572837d18acc9d80e339584bcca7bfed14b

SHA512
ab6f064792ca75f706ea2cb56674bc81ac54da9e1df0bf0dce243000b847df94cac6c217e51843ccc7cef7465bd1dc58dd9c13d2b1bf2bdcfa45c9add525c6b1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
560e5f632619f942842f11faaa1852f3

SHA1
0f520bb96e7b9a94aa462f81bb23f1e7085faede

SHA256
35207f05d97fe8ee3fdcac8d3a220c95e07dcb58e51a4d4022f268748f99cdec

SHA512
635015d0dcfb4a6dadcc089b15ca3137af7ab807464d32fc5c36732875e2b74bfa75ce3d73d9d7400230fa4c8f23e2dee7e27dda894da0b5a97526e024463478

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c17b0024b3351753122c5a459c683228

SHA1
9d722f4e0ef3bae0878fae68c90bc0b9c9883528

SHA256
cdf1e7c724175e9a36ea10bd830aff69a3e40fd3947994eeac9384098b1bf5ef

SHA512
055d1005dc07bbab8d45a28916f60c835f09ea6a2e138e64f5eee72a8df846a9684e7ab2b305ed0884ec959d386cd0002dfae03bc6e0a28e5bb8e2479714971b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9dc43d7734326a3e7ad1ec810701449f

SHA1
e0b42484c26ac89270f42526795145eed825faf8

SHA256
86e5f842e5d3d56210aa9a3a1b0f3209c7b15a368105ccacf2b6d35347e3dc1d

SHA512
76b16af83691c5d43a45fe2b70699674b8431bcda6313b9711f2453b875bdb0f300399b77a0d4af571c2108a12a85f8f0c399c216a4461d452f10a78a3cbeeb6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
200c5f171e3eb43ce4db34c528384cca

SHA1
348ebc50a901207e83a8c085eff8510ac4864528

SHA256
284284d78e5c0d4ad5a7b355bdf8bd0dcffdd9f558c09c870c84a216b8092e27

SHA512
00ad4052ee283cfff2d61357e0d88d25e53edbdd9b403c94b600711729f50ee8254d70daebbe8f8fa75273093cb1e2ad1986427e5c93708803708a9789bea27d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
691d29ea1eb516319b9671739f3e27c1

SHA1
cdface52088343769f9a396763daee7e51fe921e

SHA256
aabfb6bc800e5e03b0ef405592e06393fc9639df106fd9c3d78768caf5324fd6

SHA512
e89f504161b1a2a28b3bcf5c1ad7fffd7cdd58a087b518136e7d94b6d411c871cf24af38f5f8acb069e3365613f797a76af47f94bb179e3bdf5b10e5ea42f0c5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4b549a1a665f6741f2c4c6bf10a69b4b

SHA1
ba3dee8fd8e99ccb96bf0790e5841a303ccbb744

SHA256
82ec1853f8650ae9315b630c0c31c02cdab9e6ecb990be059f63c864e2453102

SHA512
2c9f9b336313dfef3bc74f11f2fa57f811b15807eefde12679bc9a60eb49873d7a46a2e90bcacdcd80c4a0a19a4d2184c7ccf854a7f0771d4e5572fa155332c4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3fee990e787ae903b2cc086a77736408

SHA1
d56f7b2bd8ce10c23f3c02d5497e5723e3f0b944

SHA256
6de675cf2497e1ca37fc2791ebfe63d303c6fd88aca14ec16a5df231b1b74fb4

SHA512
42f67737ddffe649c76fad03afc3528d528ee4e7b6da0f462b26547a4607eb099cb8565d70a28e0256aeb7b4fc7d7e172df853a2a87c5465f3225665c6afbe14

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e04f6fb8078edfe2fd2122f4ed324a6d

SHA1
e5c5708d12bc1d764cffb8f33b674a502fc60339

SHA256
21a533e6e2775475c35d84700860d41aee0c3c28624ef91b32c03049c1bfa5c7

SHA512
456e0c50c92dc0da44d304385198b0c16802f5a33884d7fc734467dd0a3946a8ba1d04702e06ff83b61abfffaad34fd26536a473c114d17fb632b57205452df1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
565a3d06f7d5575fabb8d59a827ae765

SHA1
70377870c1e3f32b7f7a545cec44a84f70925595

SHA256
528f4263e52e917ef43d8577cde8f7600af29c15e61a3741ce3d2da355504aed

SHA512
5d0533acac7b44a27b68dd5c418441a622de35a63745af1e22df452cf6b792a189185904f651b1a17217353015ee4633b6f7906c042ce6410a8c4a52d7e65df3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0338a1714367084f93395301dae99b71

SHA1
119535651371e7106c8beaf352d613893e3c2724

SHA256
eeec000639c381e91d8673cdef329a189c09c127ad7f600533568761e1ec790d

SHA512
8c17ac5db822720e387fab5fc69d8a73bd270f02f9d1454034184245fca30eb5ca720e5258c8c66110aa41bb2a60aedfb9fa405aa3e2095fce3ebf4415387596

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3844284187570152908tmp

Filesize
556B

MD5
9da246ed8f944878e44f3b46f35a9761

SHA1
12461e99c0fbf0976f4a25b36788c31b2b13024b

SHA256
b7ec599b626083b73a4d412daf16b8729d03b34c67d0a3f6299e7c6f8e083582

SHA512
81f25ff36386f7ee581f768c2d07b65e2654b4ad309df24c8df092fba52e31af667c91c35f076807b63298aba263e3ec8eb694d895d0f029cd09500dd458ce77

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5491178109690058273tmp

Filesize
90B

MD5
d93385f65ecdcf0bb639e9352850e285

SHA1
7e8d3ae924b6daa9e2b1a0971476faf7206da367

SHA256
964da7aa918a632e3870d8083c402ad4dc52a9cbd85620d6124d32e12f9b9588

SHA512
4b8bf117716994c4624a0c090621fe720c1bb893ad1a521af5d612b4ece7b1a98593962767d30cb0539edd80ff409ae64b6e7e47772bdf863ff37c49ad559338

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
cb89f9bc8e34050a904310ded9c136af

SHA1
4b8363ae52e7bdc1cde6009db7eb00355f435790

SHA256
c9981bdb4b8ff57cd8ff31523af7d0d6abca0210e56ac697dae91914f9b81cfb

SHA512
fe99a203f66931e8ceedac6087bff893643dbff7f03678eb3f91488e777b9fc66424ff0d859e93ecf15617c0f3ae1dde5aa152716a55304a8ebd872acca25a10

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads