Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    14/11/2024, 22:03

General

  • Target

    1323fabe06de5dcf3578aae286eab4adb04b827d9b7c6ec4923f69bc8f1f6cd3.apk

  • Size

    2.2MB

  • MD5

    ac96a6ef634d44d5adb587e392d0733f

  • SHA1

    3204687a659d490cfd91c267ad754d454536d874

  • SHA256

    1323fabe06de5dcf3578aae286eab4adb04b827d9b7c6ec4923f69bc8f1f6cd3

  • SHA512

    c206076d321baa4a734cb01fadf7b1319a2aca599a1fac6e612e155c9e1abb446216178ddf62da545a46178f708888cb7b74de5ae6cbc7ca9a944520da07e89f

  • SSDEEP

    24576:Gi6NWGo1ipUh0gz2rjPMrAv6HOuFsLNuPf+kOF4xWnMqcgU+UvExEKpgsfO3Msc7:5xK40U2rTMrLukOWOF415oEKpzfO3Mb

Malware Config

Signatures

  • Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

Processes

  • com.ssabbaiii.onr
    1⤵
    • Reads the content of SMS inbox messages.
    • Makes use of the framework's foreground persistence service
    PID:4328

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ssabbaiii.onr/app_sslcache/m14122024-default-rtdb.firebaseio.com.443

    Filesize

    8KB

    MD5

    e76996d3a3e60401f01b38bc601ec51a

    SHA1

    805cf8cf8c093eb6caa944719af31a258197e4d5

    SHA256

    c3bc5fc4e5e292a3d1e263f7e49396a558737100cb84d9ec44c7546b04b72cf2

    SHA512

    ea0a2c001e3faaec7c9f6bf641791c49a3efa7f22801720b5c1ec3fa1e90e5c371f2abd3783160e32391abddecec3f9a324d8378e2c4e1c2a54bb5681691453c

  • /data/data/com.ssabbaiii.onr/files/profileInstalled

    Filesize

    24B

    MD5

    5a9bf40832abfcc312bfd63363555a5b

    SHA1

    12f80bb2a3654a080b92c28a02ca09c39b90fd18

    SHA256

    ef6ead1e19048d9761af2d6ccf18d54d52596deb78290ec3e7c5801b4b8c13a2

    SHA512

    d7ac665344164249f18702499387a6c8f7dbfa60b5a58502ab094d2239ed651acbfab9027860cd81dda1f33e9d2880c4ba776a6f77611ab550d6ebd4a94ea483