Overview

overview

10

Static

static

10

5415d740f2...3b.apk

android-9-x86

7

5415d740f2...3b.apk

android-10-x64

7

5415d740f2...3b.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    06-11-2024 02:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5415d740f286a1ff7f7a22df18a9910c66841402a151a37b7fb2bb673b1cf63b.apk

  • Size

    64.0MB

  • MD5

    b261bda3ea80addbea9e282f840ebe10

  • SHA1

    660ea4e4177fddd07ad4aa70eed41d100e6c9938

  • SHA256

    5415d740f286a1ff7f7a22df18a9910c66841402a151a37b7fb2bb673b1cf63b

  • SHA512

    ef9848686f672dcb9df064bc2b8abc4735009a7d20b8ab600274546eb060b24dc07277633e3ab9eb0baadbca327339f7b1d283d83961c2c8c8bd1a4068f6958c

  • SSDEEP

    1572864:5DaeuGCBiCYbdIqLcuc4ET4SoxM1m/9DlQrct2zOSj5KF+Be:pCcdBct4Dx7pQYq/Ur

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • rel.competition.closer
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    PID:4264

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-06.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-06.txt
    Filesize

    29B

    MD5

    0330478a07d4b5e0488ccf196966c176

    SHA1

    7e0ad1f9ece697fdfb4757d53ba3b1ba247bbd2a

    SHA256

    bfa96b5b81ec911eb68b5bfc3c3d669dfa97e2cdbb53e1fe0d05b177fc4f285a

    SHA512

    50e75409d9db149e05001ff27e863bc2f6278f8d42b1c7b1ed1c1bfff9fa6c8fe2219a107c8d95ef93cf698b91e409224693175538c5d5a6793e0d971791ce4a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-06.txt
    Filesize

    45B

    MD5

    54c6a11bcfee5ba7ba120c25db4c3ea2

    SHA1

    84ace4968ffaca96ceb4963474d0982b5aa7f8b9

    SHA256

    ba02e9b68f9ce65fca9fad4f1aaad7bf04a06d0a4518d6be015d98010b410f34

    SHA512

    e4c5c7cc1d8f9e88ecea91408eca461daeb659a52b5f17e10bb33f50b8ee5e9255124c4c0af4bd186756bd36b08a76398858709556fafb625d45303b75df9d2e

    Download Submit