Analysis
-
max time kernel
144s -
max time network
159s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system -
submitted
07/11/2024, 22:07
Static task
static1
Behavioral task
behavioral1
Sample
3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c.apk
-
Size
4.2MB
-
MD5
3e69c1cfd646775c4268fb372cd8ff0a
-
SHA1
95cde53346ca0045d0d59336eee628cf8b41bfaf
-
SHA256
3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c
-
SHA512
313bcb3a7b9ca7bbc1fcbada800064a407e256a17a5d2fe8c67b4d7dc0f83c6368007d084060fb231e92e95b697289b0c8dc3589676bf1b6e4bb2ac3f35aa838
-
SSDEEP
98304:y0frnh84XGSJ+wvrw0SMt70GxyB6ul6nAYpnZx3wy8T7Q8Oa0Sf:x8oGSJ7rxyB6OU2y8T7Q8O3U
Malware Config
Signatures
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground apples.searches.recommendations.exchanges -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver apples.searches.recommendations.exchanges -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule apples.searches.recommendations.exchanges:watch
Processes
-
apples.searches.recommendations.exchanges1⤵
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5163
-
apples.searches.recommendations.exchanges:watch1⤵
- Schedules tasks to execute at a specified time
PID:5206