92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
17/11/2024, 02:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4250

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
14e43cf41dda0c1ce7163fbc252f6a07

SHA1
7f1cf6795f17c754e80fd9f95f4ea363f09199f4

SHA256
ee734280d2589892d652fdd5a20eeb145bf10830eb23b97d3211f735a7a96a3a

SHA512
800a5326e2b847206b5d28ff85ffffd3d1ade60bfdf7b0aa856b7f2ae8895bb7d84756bc21df30a9385e588ab83f70bcd47b563f4780a94ded67ce5bb79e1998

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
d2e11fefc1b55b9314beecd598288cc8

SHA1
4302ebf076b628ae7393b41f47bb67a92bd6c2f3

SHA256
df231520624f7895ce5be48e5a3b16c8c9058c52bc9a75d7c89b8817d8c45112

SHA512
940f991404c1828af3fafa980ee00b1f18d7a7df5b482c7dff7980932c19ec49efa4c36f52f9007655dd53ef2c66e52fada8cf38d423a47ce6e07429850f95a2

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
989dc12d1ade7394fba40d6af5599019

SHA1
a64eaa84458e4f5379f6432fd7a3fcf4af0581fd

SHA256
71b563537a68949e82ca512d0f96453e104b1893b287e9431bf32d13621f4d35

SHA512
38c3c2350f359e74c70075f033c1244c6eeaeefa4377be90504aec1dc487c86e02cf35fdf82eb7de6732955035ead29944dc18d30669d1007149d8e5ead2e2cd

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2c948a0af949a99fd9a27689b4959261

SHA1
f93aaf67a5415ae26c554cfa44323fc61f795944

SHA256
098639392ba903824e01530a18a00d0df41b2524d514a0a58b99e4f5c97cdfc2

SHA512
8715ec39b2a45ddd28663eb3c3dc7c98439979050def7fa17bb3f7779cb01554828f0759ebd9c7abf8058ee379e3a118d0530a5d49135ef700b7ace4ebda4fdc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5f891ad9b2010c3e14bf36150277638f

SHA1
c0a30aa6b8e30c7402f61ca049c01c318455234c

SHA256
b13a3711ce5017fb0040dd381ac682df5147a9d7eb2e71e35bb443c09363cfb5

SHA512
a86e5ecc902294f92bbc3060a5244634f60c8fe99fb420229929b565346ba41a12554a69086fc8eecd9c70ee1523bb829912b274d03e0969af828ff309b37145

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
32d4f34dc524743ccfb695ea80c5fcbd

SHA1
798cbe76d0e4928fa34679a66d6274f15cc13ac1

SHA256
6bfd0c0e3e2b6f4137a22e2180306a0bb53b69c33d10c9903ac26cc9258f5783

SHA512
8af6b5d02de53f22676c8ddb184d52db43ff1076c0b52519cdbfc2d95cd692ff2cd78feadfa96f875733df70111784845b062c62a0b8a925ff29a5ba4588d646

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
efe412929b392daec3dbdb5af49a0717

SHA1
bd2dd6bdd478170aaae3068742d4d675e24fd5c4

SHA256
76560a7450ce2820b3b09678aee736b79e0e684510586bff0807a6121457809e

SHA512
a520e8034cd8efa81123ee83295b050ca184959194c18ca374c1b2202d4571da0346983ee0fed5ca221f9137a249354e1b708ad6f2cdeecd8bf0815143d25054

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
39cd9c73ff4891211d88dac16a4e322f

SHA1
f2a1aa242eb5d2c0e36801d14cade89f27884fb4

SHA256
d1c69bc80edb42c2b090baceb9694ce75f57660cd72ea6aadd0d8324cbb47028

SHA512
8eac4760ce1261bc56d1ae0c5cdefc94b911389a1a032cc6e3db06a633322110bab26a805c8dd3dc7e34d7794fdc9ba31bb85ed834219952ca4fd3a7b4d23497

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6ad11b013f8934f0489b869068837490

SHA1
8c2c96694aea57f03059627217f768799babdd3f

SHA256
76f386cc51a5a4353a0c4512df01aeee210c7efd8a8d322aa76dbc4515c6734f

SHA512
fdd3283bea399702f6049adaa3c19c158c5618b61739c759a99c9d49dc314a225fc5627fd52dab6e69609f23ec6d086e423b4e10497902301fdbe0e9117443fd

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1426b257c582a61460b0546ddfad915c

SHA1
bdd35141150db7f65a3eb4091f799b5cde7f11ae

SHA256
adad5dc46229f4046de8f2544da1807d297dc2ee0d43254c2be178b865e2eb72

SHA512
16b8fc92a2d799b2de963c8c787a077b1a99a697d64ef32ad773142cc029c32029f32de599b935e24d282558b9b989da96e92b9d64bf9e120ef3919e11baa7b5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f778d264be6a3ba2b57c23f51e30d3bc

SHA1
87b32304daf5df7e7ddd21e4cfc4669076997d36

SHA256
3042279007e182829d7d1b6c91fbca00e78d4bf2a0c768996b458ad8bdc84f69

SHA512
836b7a10cca3dbb89ce3fae00220cd0163dea6eb2533e13295f01d627549df586178aa1ae48e00439e14803630aff3376c1fcbd09c58218fcf6808ce8b0891da

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d879926495abae1abb226c1b2838768e

SHA1
5346c92158c6937e219b1c59089763a004bb9c85

SHA256
b87dbf28598a71e9dd916507b8094ff0bd3b7a707df167f12799599b5b20ae03

SHA512
c959e526dbac09a1c12074915dd21369714caae2d19181f95294a0154f3672afaea365fca37124885ca13cd55cebaf8c9be675c1a5c02a0ff3b984eef9893431

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bc3abf951f150b5a19284f34b1df9f4e

SHA1
7c0a1d664a86be45a6d39c091e98f00f03fc81ad

SHA256
760b164ab3aad3f92db5ee7a1c23eb3989294585584acb89f0adfbbb4eff31bf

SHA512
8f43c234626f77eab4d94fcf48666e5ac9a0999af447699f92245d4a87ed17ad4e4f2e10b30988a6d8de83d1564fb0b16039c58795d74e5394e7f688ac25e9ee

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2297448043050002348tmp

Filesize
90B

MD5
e7729bc8002af97c273055e78ee6bf10

SHA1
fb8d819750059005d88746ab26f4ed32e5b621ef

SHA256
397e22cac6beb9c5403c51d25e36639ee345b6e6d35f6e447151285b3cdbff03

SHA512
200bba7361099a839784b4c7bc826b2d8455808981fa0ea8e06046eebfd38bfeeffa350eb4e93dcc4f998a210ecfd803ef259f4e3bc56312aac8034dd10a2efb

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3754102037487856953tmp

Filesize
557B

MD5
ed56d74c8bb4186d6780c5c8c33769d3

SHA1
4b86ea48800da3276127c2b6f2b87dda9fee3931

SHA256
910483f16a7d5fbecdda47486fcf9dd79bf5139cab44acf7d1e89a9e50fe2417

SHA512
e6be22c5dd194fa9a16c12d0eb59d63d03d093693d0436e1ff9a05c1428d9e8a04ea9da6e641d92dcfd96aa4c2b58768d29b747c1190c8b25059d911407c4173

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
adc3ff0ba25b89d58e75eecf12682735

SHA1
560e5df17be2e475dfbfe50a57973f2741ff6ca6

SHA256
121118f9457e0a04de502d84cdfa40cba45b7857ba4fe15c51588e3352b9da8c

SHA512
a8efbb6ff0df3dfd8173cb85d458118c122e8f157b86bae90fed6f4c166dab3fa3364217b364dd57522f264455e0bdf053bd0d9b365450b0ad920a8d19f4d0fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads