Analysis

  • max time kernel
    146s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    07/11/2024, 22:07

General

  • Target

    3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c.apk

  • Size

    4.2MB

  • MD5

    3e69c1cfd646775c4268fb372cd8ff0a

  • SHA1

    95cde53346ca0045d0d59336eee628cf8b41bfaf

  • SHA256

    3103a0feb052cdf2a34e19cf2b0bdd24afb6e561d920f5b882db371f7dae049c

  • SHA512

    313bcb3a7b9ca7bbc1fcbada800064a407e256a17a5d2fe8c67b4d7dc0f83c6368007d084060fb231e92e95b697289b0c8dc3589676bf1b6e4bb2ac3f35aa838

  • SSDEEP

    98304:y0frnh84XGSJ+wvrw0SMt70GxyB6ul6nAYpnZx3wy8T7Q8Oa0Sf:x8oGSJ7rxyB6OU2y8T7Q8O3U

Malware Config

Signatures

  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

Processes

  • apples.searches.recommendations.exchanges
    1⤵
    • Makes use of the framework's foreground persistence service
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    PID:4468
  • apples.searches.recommendations.exchanges:watch
    1⤵
    • Schedules tasks to execute at a specified time
    PID:4542

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads