Overview

overview

10

Static

static

10

aa82bb1770...f6.apk

android-9-x86

8

aa82bb1770...f6.apk

android-10-x64

8

aa82bb1770...f6.apk

android-11-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    14-11-2024 22:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa82bb177092332453a1a774c60f9c61d1e0bf8b3809f6d15cf0c7d028efa0f6.apk

  • Size

    1.9MB

  • MD5

    4519ee2b39b8ecbd76679a79a18a0147

  • SHA1

    238d9d5911524bd2e3c3c44c4c675c52b67377f6

  • SHA256

    aa82bb177092332453a1a774c60f9c61d1e0bf8b3809f6d15cf0c7d028efa0f6

  • SHA512

    50bd2e04fe84061b16b75f395fb8a93c8768a7747c0870f725cf1126a590b07f5dd98cd06c6a13ffc1ebed339f5783f3832855e4445dca68a6c51c3d3e7bd8d6

  • SSDEEP

    49152:+gmi4seJhBtNLqt91cCkUuHrXPpZ89KGO:cbB/Lq+Ck3HRGO

Score
8/10
bankercollectioncredential_accessdiscoveryevasionexecutionimpactpersistencestealthtrojan

Malware Config

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Queries account information for other applications stored on the device
    • Reads the contacts stored on the device.
    • Reads the content of the calendar entry data.
    • Reads the content of the call log.
    • Requests cell location
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:5124

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Event Triggered Execution

1
T1624

Broadcast Receivers

1
T1624.001

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Foreground Persistence

1
T1541

Hide Artifacts

1
T1628

Suppress Application Icon

1
T1628.001

Input Injection

1
T1516

Virtualization/Sandbox Evasion

2
T1633

System Checks

2
T1633.001

Credential Access

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Information Discovery

2
T1426

System Network Configuration Discovery

2
T1422

System Network Connections Discovery

1
T1421

Lateral Movement

Collection

Clipboard Data

1
T1414

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Protected User Data

3
T1636

Calendar Entries

1
T1636.001

Call Log

1
T1636.002

Contact List

1
T1636.003

Screen Capture

1
T1513

Stored Application Data

1
T1409

Command and Control

Exfiltration

Impact

Data Manipulation

1
T1641

Transmitted Data Manipulation

1
T1641.001

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tencent.mm/databases/Dname
    Filesize

    32KB

    MD5

    0ec8d5e24581e56eb01c45155efe2049

    SHA1

    4de2aebc5e22d0420e54cb553c2739e50481e50a

    SHA256

    5bb1fd7e82a28019975971aae5f49b0eb2ddef4a943663b654ede402d2f7f616

    SHA512

    23f87b81f1b49b80a88b1eab7d5e08e7001486b135bedc434601eed4ab74b72804ae4f907ede18213454dfa9da7058692b012861170306adbe6b12650dd51fd4

    Download Submit

  • /data/data/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    47d75b03c824b9cd67e0ce245e6ae9c4

    SHA1

    dc0f799f592f86a056d0c1662e09d365b89dee6a

    SHA256

    2f78cffb316e2610b12b02d6a7742f8ae43baa6dada7d9aaf2da3a23c596e7dc

    SHA512

    3a416b4f71f7f933b826398eeef452237f3e80f49dd57e710d8105a3898d253b123be7fb07d2119d3139e45b1129269214c068c0e8915a4ea3e6cb44f24de20e

    Download Submit

  • /data/data/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    90ce680790c0fa22d2038ae961e4c475

    SHA1

    9e827c8ad8153d2a0a69788a5ecef1e7380acdcc

    SHA256

    e34b41814930e0c357e7f3ea011c4ca8ab9ed409ed35745920c439d75c6caaeb

    SHA512

    0916f924611cd583d6ae84dde07b70b19f56b30e911b658ea1df82b97ccf4b7ff192949d947bf2944f8f890ed2f91916d2f45bf32707e6005072a1697237861f

    Download Submit

  • /data/data/com.tencent.mm/databases/Dname-journal
    Filesize

    512B

    MD5

    49591f95360eae4bb2fa825ab0b97801

    SHA1

    92fd2300679c13e6d190d14e8827779b464c53be

    SHA256

    71e867cc664a34c17378bc5a0e8da3ec1e2a4fe42188bf10e4b5574a059f2c38

    SHA512

    fc15164b3fe909df0ce8a7465f827ee099b9d39bdcb6eadff4a299a014417327f8fa07588675e5ded1a3cddab313da0e109c2369cab3b00ad743522323e2ba0d

    Download Submit

  • /data/data/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    617af567e7c23a6af81aa10a887faf1c

    SHA1

    c470219ff51e34ad2b3cfdbe3a8fb9743b7f2e91

    SHA256

    aa8aff30f23c139c11502e3602c053b4c5ce59298f348ea8ff1a6619770321c8

    SHA512

    4a91b041b45227d8087cda6894567879fce4e975d1bcd57f1bae64d74659166704802a71e93475452221023f1963a1758fd543e5be706facf7f6896a091cdb29

    Download Submit

  • /data/data/com.tencent.mm/databases/Dname-journal
    Filesize

    8KB

    MD5

    146b9f8afcb150825e66878b868a9200

    SHA1

    6238a4056f4eebce3e3a556307c03f183d0823ff

    SHA256

    1a3093da067e8807aaccaef662e73272cba804b76e01f485e3b33ec5941e597e

    SHA512

    3cd5e98f33d264dac8ac088ea43c867cf792ec2e0f5b00104e5bd5baeda160459bed2bfdad61854618be862d6edee595e8a24b595a85d07ed7996d2a08b2b90b

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db
    Filesize

    16KB

    MD5

    b6e5401f589cb110122da444851ad52e

    SHA1

    e86ab4d8b7f1ef2548ad0a247f2df7ecca9219ef

    SHA256

    6b59cf11a5678f28c2721eaca59c94154212fd173e5289edcfd46c05df7b1425

    SHA512

    0c652215908771f5a302bfa7a794df392279938253ec33db8796f897ed0e016ae7a48f30a4d83b249c531c7fde13e3c8cdcb518b5873b8a4a6cb5b2c1574a2cd

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    c15b17c03475145636d8228b4a91bb80

    SHA1

    90d06d44e75b5ce8384aaa0a3cc6640b3f53f30b

    SHA256

    a889b926e5de852b8be630d5a830aa4a0811371bd252292c3a6943fed3eac67c

    SHA512

    77622061fc53cd3533572fa081f3a163d294c8476ca071e810ba83c647a96c671c7f91a2401cd4ef2bf4b16e1b558637db57d1d1b56aedf8aff53230df07d1a0

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    b0f6c173324585950a03420c3e15350f

    SHA1

    9107c58be151cb5f761ffe0f137e848c49737878

    SHA256

    9d5975b14ce53bcd06e33cbf1448f4f351dd3ea241dfe95d7d96021328a00d50

    SHA512

    4d89b31f15880fb6a992a6ba2d39bdde2517bacdb2792fed631a6497099f5ceb47c784eae53cd155959dc8dc0f6ae7532f640f8cc2584849620dcc5f9c459469

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    bca7981a7715b469e691e1585879a268

    SHA1

    808ef2f6ee1bb18ae5eb25200ddf5388b4bb434c

    SHA256

    ec00acc3cfc04185b8413130dd3daddb3744183e44ccfd4d32390ede9de2dcfd

    SHA512

    01ddd4cfbbcd87bc40b231fdec298859c1c39014c2ba6d34a6d7253dfb7c9f4979d434b5a1f645ce1ebb5ec809b05967d6d79883a6fb9c6e836d64d5f25349ae

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    78779eac2a75beb403e9b52cecfd61a7

    SHA1

    c8cce6eeb7e78b6b635f979eb77b6737bcce48ef

    SHA256

    ec0babfe0b6f78acf9edf655eeef2a711e991ed4dd3716caf0e3017a5db0c7db

    SHA512

    ca9c1de441ae765e6475d67f6545db0c792274b88a15fcda7feb5201d3888676090f065deee37033fd14b605b99a0c2c370a27bc6f4727fa4df51ce7815aa2cd

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    5fc533ca40e04ecd6fc992aaf4504240

    SHA1

    dc4c1fd9223f444f1a063224831583c111eaa98d

    SHA256

    890381202b94e2292c631e28972821c41e5cc412b09a84bad3fb7b72b29dd9ed

    SHA512

    e47cf3ee37f4056b90972c13132e5ba7f678986b535dd5d675c6400fa6a0ea92ec5bb0eb3047cbeb4f9df4b8a8e55269d208dbad263269dff4eff842befadefe

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    8KB

    MD5

    5e8976cbb9b9a33258d5a07bf98c17c7

    SHA1

    fc00fd35ccf8abf7e9b6698f49d7238b76424de6

    SHA256

    ac4551d05ecba533540c1721d8780aa480a19fc2c23972715819949f1adc0b87

    SHA512

    1951b9360ce7a09dd9806e0930e94b2f3925197b8732869dbf70ac4544d38aea510bcfe33ab32f4538858546f2d9891da23f6717a2d23fb43a368237235973d5

    Download Submit

  • /data/data/com.tencent.mm/files/CallLogs.txt
    Filesize

    3B

    MD5

    58e0494c51d30eb3494f7c9198986bb9

    SHA1

    cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d

    SHA256

    37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

    SHA512

    b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    7a4de8d83f8e59749d26598fd84eaa6f

    SHA1

    3ff35d0ddc5d7b47efea28cb9428f12a418c8310

    SHA256

    c23cfc3302d6328df1220c0817e52f32636510ee24b6a6ade90647ab0f24f41c

    SHA512

    11a0d7f715a7f07da32703de3b7656c65433baaeb926ab6d69380d9faa3d46c3b859b4ef9f6bc219d93eea9d3d8b0504db6bf8fe7303bb4e8467a6b4a3379245

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    126B

    MD5

    45f2f925436d275e154168583c707689

    SHA1

    cacd3978e2ad5976a0b82fe1a8d21cdf891ec19a

    SHA256

    1665418cf38f71f1f6147504e8af61a29acd20c26e77d2480288a7693a56dd9c

    SHA512

    0140813991cd20f5a56eefbafa64baac3600f1493ab47878527b06beed061b8c13c872e28184ce64e8bf3e976e20b8584881a216f37a8f00eff436898bc147bb

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    108B

    MD5

    e19dcb56ac4da279f5a5fd4a2dc36550

    SHA1

    b51581b099236ab2c4b01a35a2b1abb9ea0c320b

    SHA256

    f5a3fe97bed95730087366249003c70a9dbc8745c31916f36bc05a7475748e8b

    SHA512

    a21612e97374920f2311dda19964ebdd2a0a666384c85ab4ddbe4b6b3f6b8193374879b7d6ad9452eb0d21d606594d4453c77f65e5385cdcf90ea3b50a453a9b

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    137B

    MD5

    82a295d672456926b2a71020fb20e7c1

    SHA1

    afce24174c759c2b247684042a5f8dbc00990ebb

    SHA256

    842408cd18dc2b43e5f20b94ee39cc5fcb5ea74e7e589470a01e346e8688a7e6

    SHA512

    03f323dc7834680ffb253221ba8d4d9bf0663d53ff27c8a9dacdcff34fd137d3124a06242810c85006d9c3d37c8302d61a5c6aad395b14dd0192cae5d434344d

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    126B

    MD5

    9fc714e4eb9111c21d3dcb6583e42918

    SHA1

    a92b64f4c7009b67666f61452340fb87338b761e

    SHA256

    6aac632f7dfd921c9d498fa44e7ad3d7fd578d7dddc7014c3bbe80164377bd57

    SHA512

    3fb01e48dc46fb8f68cc05f2720e3198bfcf50c8526317d57c8f20390f9494ac54883e0072ce53b5112ae329dbe26d7a4d3ee09ac7979093f83de92804e3eb99

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    137B

    MD5

    409e9848dd4c11fd892335faf16e4b18

    SHA1

    12df99d4be440c46e5f5d683b72601a568f2acc4

    SHA256

    cedffe892548e5ce4f43b513aea0a731418b007dcbe8f4e87c434c23fcd2684f

    SHA512

    474f2805929d4b8978799b46ec457332fa2e140b76c104ad58d49aa1a20e8043163154e8e4789bf7d11574383c7a2c2ed049e45bf41258c4e927481864af721b

    Download Submit

  • /data/data/com.tencent.mm/files/Tree.txt
    Filesize

    262B

    MD5

    599382028dd60bb48adad7c1eb2b141f

    SHA1

    e92812f8826fafab64f0b7c2645f87d4455fd9a2

    SHA256

    d26db3c83fb76d716939fd9df761daacfa3774136a01c35e76f16973f62ac9ae

    SHA512

    d58cffbfb2299e608251c048750878818cf3600dc400386c7b2e31ef8ab430f7f62476fae3e9e956bb739158d121ed5f8fcaa19171d19c21acf630546b8a02d5

    Download Submit

  • /data/data/com.tencent.mm/files/Tree.txt
    Filesize

    351B

    MD5

    106589ba6bbe81a9694a09cb2bb51cc7

    SHA1

    81d0965df54c88b3c7b96b5b306ccf2b9bf2fe05

    SHA256

    375f1bea17bd51ab154a100cc78ed0a41ff5e8215253607ed069d1cba7c3f0cf

    SHA512

    0970d2109d96046c6932b613d4f65d9592c18242fdaa846bd1fadd4c22bb054d7bb997fa480e1f90bfb362bc516248da2ad311a6a750e8920097ddc176bad2c3

    Download Submit

  • /data/data/com.tencent.mm/files/accounts.txt
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/data/com.tencent.mm/files/netinfo.txt
    Filesize

    827B

    MD5

    f04a4e3b5651daada1d00f58e55fc97a

    SHA1

    ce08a9e95818f1f39c6de77f968ba9c8e35c6bb1

    SHA256

    87b00052d31c0b298070cb830deaeec9c4234577c32455db98a3d5d8689488a8

    SHA512

    cdaa71beb0ab4039c0bd20b808eb5a2875c24bd7392e3d145a81f42a4b7786a7a18ac5bb888c9427d9aedb817f520404e7f995ef23059fc060b6f7608b66f294

    Download Submit

  • /data/data/com.tencent.mm/files/netinfo.txt
    Filesize

    827B

    MD5

    f726382c04cc5dc71413285a6c887980

    SHA1

    0e646be36c742ad5d6d4889da53be550ca1cbdb3

    SHA256

    7fc5ef4321e84d9d5dabaef8cd6b85d5580ffc0566ba514ee20e7b5fe1fac32f

    SHA512

    6ff35f5a601b5632ed7acc012772fd2632b2552dc78d3a64a3c29747d487745f80dd32bb07403892cc754646eea6d33d3196dc2979b261035f07a71a63b6d045

    Download Submit

  • /data/data/com.tencent.mm/files/pkinfo.txt
    Filesize

    9KB

    MD5

    de42df6381f44c0dc45891054c656259

    SHA1

    5a76c1ad2ff42094034a18774912bfaa79489c29

    SHA256

    51c06cbd2eee387145a0eac5b55b387f2da3797cfb737cbb151aacc1b145e747

    SHA512

    700f8a3e85a7ea4f1d15aa3046d6c96ef898ac628b797616f94737570b802ee22db555e4d81c3fe91a90c3c92e9bc45aa940d55dc2c876a6488387743eabc037

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-14.txt
    Filesize

    16B

    MD5

    3dfdf110f7f4c430f4fa542e45904636

    SHA1

    dce0cc47cff5934790defb3b3466bf467715db6d

    SHA256

    d0be6a20981050c89eb1336c5d856daf96419a07badc5e7f365089c2299d9ac8

    SHA512

    60596670f78b2a40165d7cae6dca3b7ce1a51dfbb6cc01e2733d3d2a4c682af747368c4956ae8c17a2e24a13386b8629d7bdc63db41d7e20d9d4a86b3ef8c228

    Download Submit