Analysis
-
max time kernel
146s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system -
submitted
18-11-2024 22:10
Behavioral task
behavioral1
Sample
6f776aa6a65111d37c63d4bc16eb2fef12ab53a41b4d93469c969f1e5e81484b.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
6f776aa6a65111d37c63d4bc16eb2fef12ab53a41b4d93469c969f1e5e81484b.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
6f776aa6a65111d37c63d4bc16eb2fef12ab53a41b4d93469c969f1e5e81484b.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
6f776aa6a65111d37c63d4bc16eb2fef12ab53a41b4d93469c969f1e5e81484b.apk
-
Size
760KB
-
MD5
72bd35f4e36f366e45a88456c2b740a3
-
SHA1
5548bea0dfee8a3dbd83671a9881a67a6cfb45e0
-
SHA256
6f776aa6a65111d37c63d4bc16eb2fef12ab53a41b4d93469c969f1e5e81484b
-
SHA512
0065df0dd1281be9ad4e32a54f8aefbd5d41e166a020b0f994494aeb5788eef3a50f3fa3dc806313dc06b1a5843ad190739188808b790983c8c6568011391bef
-
SSDEEP
12288:mf3+nlsa1a8Lre8b6JGzf75WmpYshXZPbGwidNpgIO:mf3Pa1a2e8aGzf75WmD9idNppO
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
cmf0.c3b5bm90zq.patchdescription ioc Process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc Process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 2 TTPs 1 IoCs
Processes:
cmf0.c3b5bm90zq.patchdescription ioc Process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch