92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
16-11-2024 02:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
406538111cb91fae5139839dd738065b

SHA1
19ef4f030214e6ae3c07d9f6b8216d47da4fb4f0

SHA256
c00748141c88b422879f6a726dd83cc0efa31f099ef1d0116e13c8c4b42fc6e1

SHA512
66aae06030caf63c90696b4eb73e0bc1a13ccfd62910dfec6b048d44efc49c9d5f0c7e7cb67773d13b58a99e89f6c9bd463fb043d7114aad75388dd049b0cd72

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
9ac3d7b4becc166c911741c704fb000c

SHA1
391a4c4305f924373e265fefa11d31d7e8f8589a

SHA256
296ff29c7c9a950c984e169eae680277f314032b0ec4845eeb15156e59cf4431

SHA512
0b4804c4d3efb3fff2347aff64dc61c454707dffe0e1c562bb407e48425cd4e7f64d3813545c7bf18dda140b4a1870f513174cf22d0ae4cca9282acfaf80068f

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7b65add18294fd79c1dc8b714b2ba7cf

SHA1
ee09d8289d38b815a07b06fa96153f77b4323879

SHA256
2d4b63dfdbd44523b72616e80be080e5dbdf8f35f8b37cf2d67e798014d4da23

SHA512
53946ce0168d9f3c40eb3490163c8b5901e377bbfdf1822cb9324aa4e11581112e93d0a192ccf65f6c04abb2351e37daebdded36c39aa212c9c29c169ea128fb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5392cc5116d8cb418c999987088bd946

SHA1
b2cba5397a11ef5a37d8a6b151c022662a3b162e

SHA256
06824d10a6e645f851c15f02b235cdf8ce218eb43b132c8fd6d9cbc70e4d4fe9

SHA512
7ff3d71c306ac3b6b28393aad443c58a12c616ba732915ff50f4de97674ccb8cfb36f03efb12179ad2dc33fa5f20be5a317f1aa8667e7faa486d33093bf40432

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fde7c235eb8c97798d5cf43b69d5d351

SHA1
1df7333389b2be1661dd056eeb2720aa1d753a82

SHA256
99cc559266dbc2670af291bef749bb3f1093841db680c929610f84b36fcf24db

SHA512
abf009706e17f732d0f3fdc14bb211c402697f3206ec010f9d2958984eb40e13bebf14348d3a6e441c6d6f5ee72a91d003f0580e3c5c65dc705fe70165d3da90

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dd8dde3aa4c6e52138730f148db567c0

SHA1
259c4fe3aa3e8c546e9a4d9850fd644b92176b18

SHA256
7f1dfcf88040666f8399d47f0145b4121c2b9577fbd27e6178d93988075b83ff

SHA512
3a2f231b4acd51f97bada78ba22abb95ef7d0f7ab991904be5c96b7912607a3895e84df7f9e2b331b485d8f6f1f866a542a6296328c6c0b2fb22668537491afd

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
b5b0882ea615f05b985e61c09a2a9d47

SHA1
291ebc49f2a6c41855ad8070a7e96472f8cd5f26

SHA256
d8000748f612b5f67a56038b06e062d104abeb76bad6fd6935d6ce182e773e31

SHA512
21cf8ad17d66b4543d57bc63a61e53a4ec57e3aea719f9c1beda09307d6c9303884ef810d5a07d2d468b017a1d283f442ec5c1ab7a148831519ce17adf92c9f5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
fdbc1910f9dc14c5b72078204e5b3d3a

SHA1
6be1c2d7b77e2627cc36e80d311a6477aedbb052

SHA256
880cee9ef359ad30b2d9b6b5742607fc62b4e1f54c0144701e84a9d5a29a8332

SHA512
2b8bfe65b81ff94878ee07c263344894adf5e984b26a5d2b67364a7624763b328755413dea3919ff8acf6259474bce0059471cacc9df60e04ab4661ebceceb86

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
498ae537ebd160705ee28641a86ec276

SHA1
fc8dc7047b7be2ed183f01c7dc93e2f7ab3512e2

SHA256
344444ceb150d2e0184e76e0585759d685c6c7870721f776f1e0843f56aed022

SHA512
67e1b87cc332e715ce6503bc1bccd41b927b4a4ace19ce868175b8a6b121ed51365491e5fb6a39445390f3e1102094ca4470f788afbbdef25519cc877b3043ba

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
15b3e736e3e9050a99d1878ecd6bedf3

SHA1
dded3068ca4a14aec16f54f850a52c9eb720d85f

SHA256
0e8abab2df13344c5d63845edc4690a798f6475289226720a0570972bcf871e0

SHA512
9f7c4db228726bf1742c8b5fc8dcc68e4daabba32cfdf51a417fdf7a0c86c9edc5c2cdcb58485e3b4b320d5692e0f2e95dcd898af2ef48a2855795d06dc66af1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
02a4d1481f3af7c5551177aed0595cef

SHA1
df9f7bb4f82e69772c5dfb1defcfb93c0d1dbf45

SHA256
7bce8521c7353191d9ee6b8adc5408b260a007253b6e600b7b90e50764da27d4

SHA512
a9613b320c3028eea723f8bdc67a1791e9f77833411d6a556327c56100526d9f7b0bd94c7decc595fd8585975257f3c4f76bf43eecc77da74f2767312864b726

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0dbeeef0841cbb358effdd49b5930046

SHA1
a6353a5c1cd069c4674c848b67f8eac1021590ad

SHA256
3ecc4239c7bf2a3bafbff8375573491d65ad25dbf6901a30dba5667897c59515

SHA512
daf5a2d62957ea8bf96bc303e286da081a12eebec86c954e2cfb80dc74bee6e4dbd9e28e25a5123f8b216127d93349aa10813a72b1cb74372d3b64f51342198e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
da2c658d248179b47c99b813b32419d2

SHA1
561a679d72dc9fcca58d79243eef9445d107563a

SHA256
278b889f81b4f2c68422dac1c2b092810a0f427975297d6372c3b3e2ed34955e

SHA512
55b942c6b4f5d80286bd009eb21a154fd0ba395c374049b9aaf3b22904a59c0800749dd7a262afd2aa876a5fde9276fda757a415a53a7f7c5cb54ef86514cb25

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4078326225790681570tmp

Filesize
90B

MD5
14b73d6ca0b493d41e5bb88bddede7c4

SHA1
03e063df62c3b3420d48ce9a13ba8785a4cf2478

SHA256
cb0aaf5693f1e6ed4507ce5477cab231fa02e7abfdc82111d0aaa5ee6acfa9fe

SHA512
39f538f39f449f812a6ec7ed4784592a0086d727e7252e0ca6260bf3b1b0f3d9934af7c15e3893de6734f08c86546ba6eba10c54845b288f8dae0fa9f0c04cc3

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5108924944372839118tmp

Filesize
557B

MD5
3617a934b27ce3711e4ca8c5bb16ab4f

SHA1
1c313491d59bee04dc62cc3fbc4cb0f314d4a752

SHA256
a0edf05f32c1f335f7ae8f2030294bf4b44577f1793d64d14dc198974da6811d

SHA512
bb0199c2d9750055a50cb185d4b68397d6707a97fba6b8fa3af349d279e85c69d33e1c46351c0fbaf8c5b0edb0f84dff80f022162f9a275cdb2f4a77d74fdaec

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
dde03a104c6189569bdd0b8cd9b5d369

SHA1
4365ca918875e66e1bad8e0e667c51847fda3026

SHA256
33e1f6fd828dbc8186151d7c1e934829462240701849dfa6557fcff6c26c1c62

SHA512
e6ed33eb92f57fd16b5335ab893a60101d5046076e976f06b91743e5e98c7057a22534936cb0def24cf4d70dc0c9c5b2ee21700f000cefd25d213e94e3fa2615

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads