92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12-11-2024 02:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.systemservice

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4255

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ee70a4c49f34903774206ff5a17f53d9

SHA1
9b7e68078fc9d5be6a5eb7aeb5d0df0bedd83bee

SHA256
812a47c8e00e88dfd9c93360e2322cd268d7353f73c953a5158afeee3499856c

SHA512
3ad6bc211ebe8b8fae6077bf61d6c097bf9e8b8a47b20c169526bf939f81c8b1ebefaf20e00601b85d2442f430cbad74925bc80263cca1f73539e9aced99d959

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
2daad96071ff57040797b17dd5c0e42a

SHA1
b01ba22e12cfc6039062516d8f9f7bde223d696d

SHA256
6cd454cee1c876f705f1238d670e6d2ec41d6e046888b568077d538a4f020a55

SHA512
fb0c17b6e67183669595e1f653e898f1da1afc23bd93c480f646d80314aff2ade856c9b589195f660893e71354cc414a352cc203c95d75091745d7dc709502f5

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9a699701ff3386c9b8facb40e06bba3a

SHA1
b2a0cffbe66c354f50023565c201efa960cf2519

SHA256
2337e686cc495c522de5edddbe8228fb12f5b36666b54821baaa14d4086f6421

SHA512
02286d5e9bdbe6f68338c0acc3fc7cbd6937bc889de32fd6bfd773f510607466bcba81b1a6edc90d58974eb74e54cad12b3844b5a7b40f08d1b3d3a859068871

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb9754ce17471ad9328fec536950a2ca

SHA1
f00606eccd85b456121eee2a04c33f1b3c2ad39e

SHA256
c0192ad6dff6241eb89906feea0dd12d6fb02ad9420822537d5f03596327aaf5

SHA512
41452c9ef0e5fafaddb315516f374dba539509ef4fd40377764144aa2fdeb6fbe6b3ab6aba77e9f823734decde18b84a313e816cd901fbbef035eb0b0ca9d0fa

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a35ecb93ce24f78a83c204254ee9b079

SHA1
e5e9bdca72e688b6dc2b0981939b4b6bbebd71a3

SHA256
0950456ba759656211ce333801da907b95a5dee8724395641b64987f190d59ce

SHA512
54d5c0878ae6677241a8da881734327b9ac9ed399c23c54f5393b64afffc0a1b1d134fee369da5154fcf38a2fc07bd6fbbc1dc635820606d155b1a51ae0b3e7d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6cc790da1fa84dfcc315975e53050dde

SHA1
2619f937f519e16d10d0044e999b738f63d66bbb

SHA256
8680581f58c693c76c12e7b4df36ad0af3ec14c9bcfbe8bf88b8ac6c9d4710be

SHA512
b77d7e01e67b3708f228fe5d98b8dedea235523dd02ba45071da05cc61ae489264a474003becca31af75081f12ff49f6acae2d5a23908f945fdf0090879fe082

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
3c1664e9377a64c20ca2d1e63d46cc76

SHA1
64e5111cb40413b7cafb3665d373a2d2c6a760f0

SHA256
f8e4f7eb402a31b6f3042424f1eb25d08c5149262abb516fdd1acc8d81c8aecd

SHA512
5958bf004d0188ed21aaefdbee13a87d5cc30ce2e11e4cbc2a9ec2bbe026dae765d7f5ea89b1793fad84be12b2a44bcd4dcb588f04756b7814e84673ed1f26f2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
9904c1ec744fb2578e746cbd04cb9ac3

SHA1
a33392f927cabf7a7632e6f29cea5169c33b60b4

SHA256
6c171778665a670c48e923150dedc2552cbe982ed50581b31095c946bf0787fe

SHA512
a6616273309472f85761dc6ec623cd2608db38992e4a0fc3130de877d97bbf553e336adf80a341dc85b8bb7ddb468bbca074f82ebd68ace812269d2a34a39ce7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
76b895711371d2ed98639f537dc25473

SHA1
c733bc3acc026c2ccdc7d59e43922a73d6fd4a84

SHA256
d1e5c7065aba9a238f4da3964f7d091a21cd3d8b06dfa10632c36024dadc2374

SHA512
fa98534873fffe7dca983b25a9fad4f2d1e4ad354ab499f9d62d1f0753a837013fecbfc4ff9c16909e0d16bd92436625014c58ff288cca194a59e86a31d79ae2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e68b43d8cac9dce35add8b460176d4f0

SHA1
933819c0931b9d287f10fb416bc4aea3aa258d32

SHA256
d055ef308c878e8649199d26f6e6095faf14119ffd02308d661b57f37be1d206

SHA512
5b0cd0dc744ecfd82c6f9db7b18e1c19c257337ff7ab319ab85a994f1da75e3a22a486d5e8ce612bb26bb48a59427178755e48c7e906df898524253fd053759e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6f4c34ad66429755a41b347bfff257d3

SHA1
33d750e12650296c8d0a5efad0aeb581b3cf1a0d

SHA256
ba21e79c53be92c95fc679d6e8eab6da9758d5d48d2e954be33acc7d75114405

SHA512
70c46bfae811c8611c737ed0363145d415768073b5e0056e649bf782681b476f0df371fe2de3c4468a31baecab560e8a066ec6b9205aa421ff28114760bfb08c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
21790b4cc1cc8f71ec898a15667ca8af

SHA1
3e72ab92c53911afdf33a247611ab344cf60a9e8

SHA256
39a7afb5d9bd2d0bfee9f74db250980f5c32624afab80c8eca19e1a49e99721a

SHA512
2287a6bbb035336e93875be78da408406a05f066fdd77f645097987fcf388d988999f2fa41b201d3f75c65e7ed144b609ccc5b0a77936cb69df24918b6d8177d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ffa6ef840b92bd4b166f46b7379f0256

SHA1
ee013db19dba1903322dd80d8ebca3c2b1dfa96c

SHA256
23550a74fdcfcdd17df3b90af6052d2bb1632bd3619035d30a78d8eb51b0d2a5

SHA512
1cb21d16656060dc8d0d4bafb8fc9bffa691978b8dbc9ea264c8c0bc15e9bd07982040d726dec51428b04035ae202ffc7cf2cd69cfd0bbe2152680f5631c301c

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3672034326482549895tmp

Filesize
556B

MD5
91e70fa5cc301e96e697a48655060dc8

SHA1
1ace5027aeab29d56eb679482baefe4c260eaf80

SHA256
0d941b48e9631d8b99f93fa38858f2e770f1652f0bc4242a5cb56cc01a8d731a

SHA512
04102b5d2af4b42c7a3ac34846a2b6460105c5a9f4944d8af4fae8de71fe8dc28d8e693318865abd5cf737dcd8dd8962965a35d0990c1596b916b6620dbf7cb2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4584181586953941349tmp

Filesize
90B

MD5
d2efd093c0f8d7f2abf075fc79afdeb3

SHA1
cb6797b4dd32ce7371bf60eb2923f9fb6863bf79

SHA256
90c8a6d483278182ef6aa3a29008b761024ad1410cb4d63220939bfd45f82a40

SHA512
ec16ef1636d276a7bff7cbfa6480a49532fe2aae35ba22a88c19e0739b68ff730050da719251e728464d5425d58dda6e4ac4cb247fd2785ee70b1f3ff2ac6562

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
5cd5263198d793b10f725aca5046879c

SHA1
607776145c94ae5ad5a6b9d43336d85e96ed3a4b

SHA256
ed47a3727252c3f9af11530de471b54ffe8c6905d61ec796813f692839e20b6b

SHA512
5cf195060360dfeae797aad2dc7cebaa37a4b59d1a75583fab1f9e58128a5703b8015609744da40dc909036322f339dc312f6955492eb30970f842265efbd474

Download Submit