92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
16s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
08-11-2024 02:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4263

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
bfeedd7f4f52acf74c2957da399e6686

SHA1
3e6aa8fb6fd4999c6221ecbb3d76a1986ccd059e

SHA256
699e4dacc10abed72fbaf807eeb440638153bc23cd81cbc1574959063a9f3e9e

SHA512
047b7f4b7c543eeec815004b20ed3746fa1bf9833ac1e5f2f7a05286d4b6daff15a64a9b7bac3e75d777da50d12093ea09a67e9d64222fd3d7550086df2e7292

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
3f93deccf57b1dc6f9faf2c010f7ae82

SHA1
d1c46ba8fcad3f295e30a36e2ffd4daeaee9bf23

SHA256
130495d4b388b123c9291c22595bff6e188f04d9801596ad49eedf8f4c8b5d06

SHA512
fd3ab82927a850b1da883848fdca4fc2c9181d60b00b593b41c86d568ae1574b8b5c889073ac453db778b9494f9cd45cee805a13d266bb23beb27ed6a46ffd60

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9acbaac7fab56d098bdd4f5b9c9c03ea

SHA1
f7296758a26177d3c2a7e108933f894dae31e58b

SHA256
e18947142132dd65b8927bb212ffe18b9d4b8c7a8f8c4701eeb7f75b90d88770

SHA512
fd4cf512d149c4de6c6ffc57340333c5a745df094c1d3c9aa80db28ed3748c3a1b184773c513185a927df773b98933db2046a2e0e99fdf262f03ec494b3f580d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6fcd88e5b387880193f30af65658325f

SHA1
db6452aa23aebeaa4de50f56eea037ae8c4c2731

SHA256
327c305f6210bca924ee84feddbc72864a595082745c2b0b0c68e62c72e626f1

SHA512
a9f1b3234c01b898735a8e9993018fbb2e716de9ebe5050f7e703c813230f8b7f37e6c73f8448a6ccc4f44a05a0e12cabcb3f4f5fa719eb22b23064a5d8937f9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d231179949cd8578ea47340aa2f09fcb

SHA1
2880c2e49b793cd380d6f0eef3bb6eb00dc9d2cc

SHA256
16d4f687a0ee817293b0369694dc25f5cf1371da7c2e471374c1397a281fcd01

SHA512
f116496a84e8aeadb6867b313802917c2eb223c59b47c040fcf0a8628dec9d8e75e5eeca84ee0b47dd4f77238cb9363223b3f747302854fc8348aba475b7279b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
47494a033e2313c541afa7309298b758

SHA1
6b2dfac25668fb5cde8badc7fe6b1a49d46a4a0a

SHA256
50f71b42828810af5b2fecba3f991c72baca909f950145dbc5d6dc3b91e029a0

SHA512
9fb6258589c19456113fec6e37e975e80c2dd09f44d0c61cb860f7c26286fd33e94e55345ffff0d5af0c2342fa65fffe321faac14c00c84f9ebb6fb2fbedebf9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
f8cb406517ff8db96c94dd4a9ce69981

SHA1
1215db32f0c5e45453ec0828f91401815a1bfd57

SHA256
562c3f697c2feb4cf915da12979ec9c5edf3589ec43657b1fb418c3542333c2e

SHA512
399cf1e9176bbfd67feca69126c9e8cff45f8f0b015ea471913a73cae37e607baa32a5854a0f0fe45f6edf3ffa683aa6505c866f58f9653b217ee2ca7a2a500d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
26463a435ba5cf9050951140b031495a

SHA1
f37b53c57f7483bcf8afb03249bd2b07fa10aebe

SHA256
c96e2223e116c2d53ebf9b7035af611d809b0873b7f5bda6148573e2bb5792c2

SHA512
497503d11a23b49259c4142b45cf629def744f964a0e61c2f777f49aed1aabc0dab72e374fa4fdbf4b791e5b81a768192012d2cf709b1374c5b8a7cf50f2db93

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0527aee41d65c93d58dfa666ec8498e6

SHA1
12ee0497d12c36ff891258b9b206a8d4f78c212c

SHA256
a0ca0a942b4251447839c2d6a1f12326aadaf9c9fa71a317728b62f1e3a4a5aa

SHA512
8df4d773064b1c93e5a61cf0633b8fea1c995ba8aa83e49c050b035c8e18be68aa77171b6822de79106bd0b9125860a2e7f11cfb5268d332e33266cc887e4177

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
02b7043c18f4502e9106afad3d2fbd9f

SHA1
af5e52a5227b67c2559da8156b17a15dfd9cc35f

SHA256
69417e7e1a190529d34e86d0750fe6537791be9267bc67969881de8137672440

SHA512
6a9fa876734b66c7fa8865cfd6d2f303cbb4b640ab20691939ba0ebc3683015aceb9aabe1eae74c52f45d6af5f5b2709da343a8e3589652b47796cfeba1ba74b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b3192d38c2924b6029ac526811cd8853

SHA1
f40c3d5127abc8c217e73ee4190885a8e549be17

SHA256
a673985a5ab1a9a76751dd24ee6859e7d5b99871ed96ce6c0c7e578c3cee94fd

SHA512
471333fc1cb26dcc9ac35695a2fc7bf47c2544ea67e83b9d54037a4b101189abd31cb91ba374577f721b429d189259d6e1ef20d6d812177163cd830b7498c27c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
695f0d39bd07f6914caf7b0bf707bdda

SHA1
ceec97ed912d7fac98b210d84f5b80199f3cbd66

SHA256
bec28c251f2c2cfba5177fde123a03621cd23e128c6a7bd12a70005d3b81b362

SHA512
9ae98424beff794331d6aa2256fe630618a92ba95b6bde74752ebb1890d5abbf7bc2eab762896eb6e97e02e151ad8f192e75e430dc930d307c2381af26c82720

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f53da2050ab216094f48ee2197900880

SHA1
52377ce1233f9791a13c909d1329868ac38f683f

SHA256
1dcb9efcc5295c39eef319077b930f3fff50a7d04898d9b150883804bbd40b26

SHA512
e5423bde55ae1e789ee4bf40186188495129b58f63faf4ae765db997a4eaadc64041ae0f73f20fee29bb1cddaf392bb5c8c44f385d1ba2514ee18334ed0a284b

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4888894264201017727tmp

Filesize
90B

MD5
4309e7b8756b9f3db6ec9dbca2e5dd27

SHA1
95d2ccfc0440aad8762752d02ca61a2c5567a2c9

SHA256
51bf89367958773876cc13fc03cabb45b3357420a94255ce3ddb6ccbd8ba9b7f

SHA512
061492fb4f3519cb1c7fee523f57e827ad0f8f26862f9bb602ee5446204ef53d9a924880f2e17e473305ad9625f5fbc38caeac55aee0cca21659c442434d2eac

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5701891869837338597tmp

Filesize
556B

MD5
1295cca0b2f60051855944be8bab2eb2

SHA1
93f7545bc9bde472c07543b166705c2eb4410bfb

SHA256
419ced75d9fe78e4a8089a1fd8bddca81ec2206ce59ebf24ec4498e90cc64e91

SHA512
3b2f17db08f9ec3205a314b35a0aeb416df9b5689a684f75a9e610a34415aa5fa5f0fb5dd974063b2a7546c098519a78583b27b927f9d82b0b5a260c305b951c

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
9687ad096b41145c1b78c69fee456791

SHA1
51667c8e88bc24731964d21eef6196ad65120673

SHA256
903c6de497d0306509b8adb1cbe3662d7f3db61e9809901f1e92696e0af773ee

SHA512
d7a2f8925d9dad5e6eb225e16cca1ae87367c10db14ae99a379101720d329b5a9a53974bd774d56305312753c3ae4faf7bd5e1c709883663b7c4f0526ce18678

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads