92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
16s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
09-11-2024 02:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5004

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
fab737159e653de94866ad873fed4f6a

SHA1
5aafb4a856f3c7dd6664a8dfe227671d4d37dd1d

SHA256
711a1c4b633599b0555032266e9ddad8244a8603ac5f80f480f74bdac6afbb9a

SHA512
7677c368c80d3ebe8c5ffc7586f3cabfee3150b72d289e293a3b4c27e79ce143355d043a0f7f2fdb9c1b51aca8628f117c4ad74e240750329872f3385e95962d

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
e4688ad779a5c5015121896946fab26f

SHA1
fdaf6f11732f2cdc1e85db56bb2a3490739fc5d1

SHA256
d3a8c9cadb91f17dfb3585a744a2288764eb81346560c227b9e7b883eeb4b4f7

SHA512
90298ba229987992d07fc18b9224dcb2d1ff3912d02e8496b641dafdce68832e7f3e005c480a7bb1210e1029a092be2221f04c970f9bda1edd8e3b4cd526811e

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
f4bff48433222bc379394f8163b2bef7

SHA1
84c0db72594c22aaa91035224530056fa7dff815

SHA256
8fd95b7a71e1dbe408bf20f77eb00d3c52a4b68fab1cc69ee47991d74ab4a54e

SHA512
669059fe57aecbd5cb47f08cb335bfb8124e3e4a1df5f06e543d2fb5158a2d4b2ed122914c0f9980207b737804e331244a5483f76f23c22386fbcdc68d5d6314

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
1aa05af1c49c2a044d6797e2ed33746f

SHA1
d03ad41fea9a76f06062657454ce62a2488b1e5d

SHA256
ad62272d93815e1e5eadb74db4970ab90596e690c5b030be25857289f58c23e5

SHA512
6e130c0e00a353dd91144187fbee2906688f70680c61d801cd0e4f084e8c273e1b843f20d96caeb45a4a767202d9ab6306143cbf8b188710e2906e396eb53507

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
81816e49f13cee4b33e0814b6660961a

SHA1
6e83008bcb0324b91c561fc2d0049d4a854225d1

SHA256
61c176f1c14bf60e2c9b2831255b6f826eb2e5f71165e920bac7f83f483f9339

SHA512
5d2e2cd984a2d42d87f9150c439d3dbc1c9143467f786f3cad7e57f6699ad97a4506782d163a7498fd15c4495ec66ef56c4f9bcbc3db0f7a075a9cd09a7b49f1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
94a2d9b6100a3dc07031490267e22e25

SHA1
dbace47777b6257e63a912d532a8b49a0be82890

SHA256
b81527e970ec8da4be71185d354cc9d4ec8a61531ee04648de1b41d07d5fe6ab

SHA512
f843ea6ab277fa0e4133f80c04485a4ca7a36cf71d4a0f9b032e267f472a2769dd0cd85e1f78c8a406a89ed49735ff74aa0fac915917e88ca89e12dc8a621801

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
992fcd1770fb86b796de1f1cae61ae8d

SHA1
5b735a73295265527c5bc985c3f1d1ad06b8ddc7

SHA256
6150ae0962babe0fbdad2ac3e56b990d96d6815d0d7ff58ce61d2c3881feaf00

SHA512
72296cb4c5d591f9bcf24dcd682599eb2cc024902844f8e73ed6c77e3c613c836771d2a0900eeee25e64e61826162cad624a6b983eda3f238e0f4faed9fcbd03

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
28b080578d024ac0cf7021a834d03b36

SHA1
c1e6563fdd0633b0068c706d64ea23b57ad2252f

SHA256
1f35069e7c9404b715692cf6ecc42d9210e743a6a0e7a4ae91b919a1d36b9c8d

SHA512
4aa8fe692d64a5c5b7a5aa06cc35d6d4ab1dfaea24a2cbccbbcd787d13b73baf3e7c80ce28a6cf9989477cc568840ee731ceded248960fd853935ae0801524f0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f871ff700510a56a54fdd56bc41b7541

SHA1
481548c8bc3254a00f497140278597b915460c48

SHA256
ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

SHA512
12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ac32215b746eb808ebc0e83ff1f81c96

SHA1
ade5cd98bf88e54d21e5586b9d85b6c1f7aef255

SHA256
cb07a75de29b6296f2d1422ffedfe2346b7dcfa52010bc83191d86c9c0b4fa5f

SHA512
a891815a8dc8c0063429b64a6d143da278d07355cadcb0222aaedeab4fccebb31d5861bc10d149d8658710e113673523c5c3188cff5bd841d090698dcd145ba3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9e9f8eca9d82f734445930c6bcdd9e33

SHA1
1e9b05f6aac62d6ae27d1edfe895a24f418ed4b9

SHA256
76d8deaaf0e01b2dfc042c789aea25f412bff4a020e95f3b8c3cd5b6cccb7e19

SHA512
885b4b1c7697381fd53e25643ea5ae1356eafc5eb535a76195d99e280918364affadc139b167b4b1bcf1ef5627af6d171bf47346267303a67e5b9cd14b8f85cb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
8eabde584d285f54c4c503612ca91cb2

SHA1
c4d093ffb5d04c37de73f6ebe3437084ae6d92fb

SHA256
c0977457200a2908ef542cc02138635f538b2acdd6e4d01da842ce3adb088dba

SHA512
81ce2797c6c906051e39a199d40774f1c485b2185eb66383273bc1c4d9df33b8c4d4f9d0f132d931873b3ab5ec58f8828f14198bccf12e0194c71e04a40105df

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2ef4079152355d91c5d6593edb1968b2

SHA1
ecdd362b272dadc7d3f2e19cd890ff1e332e3089

SHA256
e1a581c278ee7748cec54a8bb08bcdee07ea8a3b5124b0f2cf59a4b0f1c0863c

SHA512
a34cb13318da0eb5f195277ae43c205755402f8263e5e1ec1f2d6542666d483528a4210bf36caefcc09d8fc943a2c32a60d15875b594dda14da77c86698cdc0c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7fcfc0476cb0cab94f6f48774f04e59d

SHA1
a0b4a574ceeec9eed035dc800c85ace6c3ffc13f

SHA256
e506af7abdf6ec606cf94a519a484ff4986627e773bdc143a14970cb2bf67f63

SHA512
541be5e8784a6d10b86bed02690aba4b52701520715672395158243480d20d27e5899ee1e6112c946d421cc1e40ac1726c2d804cc4b57e304747eea7b77c98a0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9713bbf33c0ce77ad8677cb4ae61ca46

SHA1
3d31d935b278688d0fc3d96677c192eeee7f4650

SHA256
37bb537b741ed4d79e80a75a232ebb45662927cd7de06d7bd1256419674bf402

SHA512
9d93fafce13a4fd40ee59c59e273d1ebedf0f50739651a96b2307598ef3e5791973ba0eb1f9d329537ab6c85226c87a8dec8e93728387c4597980d2af970b118

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6618142890978881260tmp

Filesize
556B

MD5
3206145071fa582ca348dd51b065ca3f

SHA1
8ff9602d36e8c939b00b2ff2fa20b02d670af8fc

SHA256
d7844a9f84a1086250021157178ca2a735aea7cbb32e38d2b3bbee591c267786

SHA512
79ce47ece536809f12eb9073d7ec058c006821bb7ea1b4c94bd0fc0287becd1287cef45bf11c4d5187a656a646dd75a62a03e7c4e5e7404e216dd05188ec9cb3

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7834671398612294128tmp

Filesize
90B

MD5
7d908db9727f7d2805453c8c9741b227

SHA1
6c65924efd7710d7e6f6284d0cd2514d4f962d6f

SHA256
bad9828ef97696f616dad15840dc24e01a9f9fb060a4b787a207106941bc8fae

SHA512
1614cffd07ee18d154c11f5bf04b6b9491f762becbe5e6df24f11247a3d8ea814a52910eb439b15f41418c1ff471f3962bb710f9741cbb2d8e0697bd448bbd90

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
7896c5f56a86409223b1e07eb4ed3e4f

SHA1
c29abe603c7ec907312254619798353802481c2a

SHA256
24384f07f90e03602047b9f60e3462d2a24d9d49ebcc42c6a93a9cbb0c1c2122

SHA512
01081fcb1d0cee6e06b3ebe256e1194f3a0775875347bf26b5f0a6c52d794cdc092608b78b80f8cec276654e4ce11a244ee0166dd22c98d32788dab7d230be5f

Download Submit