92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
13s
max time network
148s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
21-11-2024 02:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Acquires the wake lock 1 IoCs

Processes:

com.systemservice

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

System Network Connections Discovery
T1421

Processes:

com.systemservice

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.systemservice

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.systemservice

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5129

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
b0bb2aeea11b9e4c106096b31e1b9bc6

SHA1
a82ad36a30dd3e569e5e25ebb26c14056bb7d870

SHA256
ffdd89ce5b8e9dc206fba65838e3dbcfe9a0a9da765e086e2ac6d65310cde77a

SHA512
f0ce281e6472582583b3506bbd2dc1f2d079592158427e00dfb6db3b9e9f681b46dd32c0d91b3bae2c2767361c520aa70074bd384e404f85eaa12c2f9478ef31

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
4acc60641b1a4ccc9eff9d27a043948a

SHA1
ff8f74168ed01cd5cee132a85360db90e80ced31

SHA256
073c906d53c493ac7ffc6d0672e949025966545f4510bed1e695c5a57e3080b6

SHA512
fc45fd6a79b9aef2f2aa1cdcdcb28253dc72bdda84bdc55bb203a3aaf3ec62f68908947357971ed45e4749f377b742c58f2ee5bf5229828d45af43de2b8e0ecf

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e4490d9e10a35c822ac031491bd0048e

SHA1
a63669fe204d893fa177297a1e262feb37cc4cd4

SHA256
31ea419948026792931e151bb099b3890e3e31ad4ab800077ba1c0595138971e

SHA512
fc5087fb9c1a34ad0f1522a8d8bbfc9cd065928bbde182b771dde96aab1eb5d60efdd79293bb0b79f0df0b6286761d50b3983a9bb419372868aa1306cb3f2439

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
1591153d9cd4c9c275ec0d86e71f1161

SHA1
af83ea355039c42bf74190788550ce650c84c9d0

SHA256
f58d8dd1cf4c7d5de26cbcebaf544483ad3cc012dd92de03b51fb52d7b8eb377

SHA512
73fde3f3d2554d9d3492296e0ff0bfaf819bc3578540515dfebb713ac25fa259ddc138304299c291e2f798a35cc08e392e85c63b6afea38ce86172e10aa77013

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a1411bc1398e741a83aeadc9a331d1fe

SHA1
759635b9ed7cb569fcf892e067c47cdd823fee95

SHA256
c72ea58756a38d030e7a5e9011e6c8363771b7a368d94cee49862d88ee068592

SHA512
fb5c8964807b757aacbe03d4536a00b7878530043da93378822a33ba0ef0467cee6b92efe26683a1d7e214b58f44a478f6733c9e9216baed57ce23899a58c215

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
edca3fae58c2333528a694b08ea26caa

SHA1
89d51a0afa30bede68456880ce6e26a7b8a5f89f

SHA256
fb45bc2c969990868205561faa86b0db5257fb11363c5a054205f9459dc3b6d8

SHA512
e8c4455b91b0d3e6be8d632f9c0d4233061096b40a67d803818218967908ae89074d6a2b2f748ebdd8212f89884deae2f5d72dcb3acf1445550e3cd880add2bc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
896a67272756a43504ae12f9625159f4

SHA1
04d83ab0e8f889357f94ec361ea9775bce5b5652

SHA256
551f5d9b2e3b9e5de3886844130bce82ee3b6209b4b236b3477332d9b4446d36

SHA512
f5d0869c4bca4e346a0226cabf84dbcd6dcd0ce4ecabac18231c6fb8b24c5aeb4098220e143f7bdfd014aedeeeb3e9bd5e91c90d8df4d6e0a22bc094239cf497

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3215972384eb66ba7632fa9cdaef8d85

SHA1
61e9e1fc152ea5e451a8d7ec40c1ac3c4f91a081

SHA256
b57838dcfd9d8f4ce15b8dbd55001e137d7b6aa6d0c5039546b026d3c4af2eeb

SHA512
16ce4a90d0acaf1064387f2508aac3d35101a4d4e02580e22d021bf380d52b309b61c5d39c9631cbb906d099b6287b19c59d3b40ecdb9eb88ed5c732f5209037

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f871ff700510a56a54fdd56bc41b7541

SHA1
481548c8bc3254a00f497140278597b915460c48

SHA256
ab18f3bb605f3cbedaffc75b2d5a03fe21ab82179d268331ea907bdcd32c23fa

SHA512
12e3d348199566e137f02b63e4c8b4c722aa086128c0f1cea883d512075b8573d40d889d2b4452d9e3d9c02f523716da9775d93750c242a1a2d9e62f50f60fc5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d086ec6baf13dcf032992de02633af2d

SHA1
67f62cca6b8431867ed323efeb093123f5d6e9b6

SHA256
8e204724fe4cc96f706a3288fe21c672492db6b579cef590a0584ad8d0bebd22

SHA512
fd0639dbf883b9c65af7ca15376ffa44564b4a916f76f12f3341ad7a56814798c990ea7847252ba3d252f7cc352a77d174fef3f618c4d342cebe93a16fd54a0f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d504b5d27aca11a0c1fb63d2ca06062a

SHA1
6dbba3366e4f796e6cf10911d53902a7a1a6bb05

SHA256
1f3d685355b265d9fb430e3056b37008a46ce415a79f0e00febd6f83a80b29d7

SHA512
79a2ce4788aaa2f2d6623478ef3b7f8281ba193a6dc33fa6cd604fc31685e4d9d4ecc53eafc778c5e2d35394c232eea3f98846a57f0a0e6f603aa5183221fa86

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
abe6f0bb63192f393faf8a01db487041

SHA1
495012f56527ca799ccd5919a31d4cafcfa1e685

SHA256
601bed4192aab248d25654261dea822705b1ab4e48c9ebcdad0ad09741696ee6

SHA512
47d330d0fed7e525bf8d552022372ad961f35f6370bfe5049b900c7b65b48a7d55e57f4fb87bbc20cd126c1454eaa14c169158e670fd8448d060d25306941ff8

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ae1dc42cea15f7fa6d5b9c36a83a0045

SHA1
39aa6bb38fd04292d373184fec4a6b76da067786

SHA256
db63e8e86327ff2fb8a1c37a5c73055ab6492806b9945d79c054e2a46e17cc10

SHA512
75b630a6ac6410e689927a653edb43f1c2095affe21b33426a34177d7c568d4734d64ca6b8dcd601d9bce7ca1c2c3e7be3efe39f6f9bf6ecab303d6b2603c67b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4d34a7666f6812201477842cd2273a33

SHA1
372759fb7c1dd481a833d28f5f9eeadd31ab7503

SHA256
180dd968bde4ffc625cffbf332db158c0e6fd0c3a17217c06ca28b04c406fe74

SHA512
dc89d1caa9061c8d7dcea11edb5b42589815e8f0541b5bc569bb5ecb5627cb43eef91fb598fd0a874ac44fdd38805c4ee841cc77d0f3956f44cc4dfa6d4576ac

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f3068c2112ad64e8dff1bc11710e4cbf

SHA1
3d2067030517f5620394b2a12e204af60cbe58d9

SHA256
1e3d241632021ec04e3dc6f20d357fe9d933e3df5b8b1667e58c2576d8cab7f3

SHA512
26084fe2d9d585f3a089a3717cec121b7c1137dad18fe7cf3a5a0bfbc246be32d4d9ea2499ce037cb1dffd7caa3643c7149c04fbb5f3fc58f3c9e286238b265d

Download Submit
/data/data/com.systemservice/files/PersistedInstallation108506960574726893tmp

Filesize
90B

MD5
48b94a31850d7f9c103341c0ed7b3862

SHA1
7e9995b40bae1a65972cd09c96afcae7c239626e

SHA256
846e4f94339488c54c7a6ced24bfd6b2ec4ff2bd74fcaca7a970d82c666b61c6

SHA512
307d1aebd8eac1a748df27651d597f4d9d7af56b827b406478e4dbffc8444b6a6634d628b07f9bf54b7aa0dab658a7b7ffc17fbf9000ca25740379ee87b37f19

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3373942979863846681tmp

Filesize
554B

MD5
1230f275c063142d66ac6f14d6854b34

SHA1
99a10a95a5331b4f4b41cf6ce79ea5f856de92f7

SHA256
c8481e0ab1988b3f875a9f3fb45a0ee026cf9a54d1db89ebc2b236586924821c

SHA512
21448e1f5663ffcc11510a75a36db4ae8cd3ea29e6eb71c2494dec5865eb5da69ba2ce49cc6ac689e007cbee0063f5a2a0516e28e34a92c4fab68fbe34e52adf

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
08657fe00945e7759104fec11e3fdd74

SHA1
ea34f27b5b4552650c9a11dd98442e3aff9e4fcf

SHA256
7a34641878196b4f54e5ab0eaa3537ec38648e5bcee528be44f83da758b85a98

SHA512
a1bf2b861ac5d396231fd1349df753d07e27215b3c5d30c02421d969d8e2f4b59fbd1077f0755e4895eacdac5f92b6882e96ab490894e6e3781acf0c559853ac

Download Submit