e7ca63e041a7dec9b43992a61495a96f3d776bf05de03fdee8819d8b7bc7ed7d

Analysis

max time kernel
8s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21-11-2024 11:10

Target

готовое_приложение.apk
Size

1.4MB
MD5

cfe12001d24e53774b6795ae8bbc2e0f
SHA1

0c661fea62669c67980bb99997c8d25b2b62cda6
SHA256

e7ca63e041a7dec9b43992a61495a96f3d776bf05de03fdee8819d8b7bc7ed7d
SHA512

d1e02f3a0053e6d768cce320ce9caa9afab3d710ac375def30a64fdecfbc01184446215034ff929a1ed0085a89a4171e330471a375dfd76f2e70a069ed2c9cf8
SSDEEP

24576:PCeVnM3hMRUGnbZsRVVrY/0TLkEglI/gzfaUcPjDzOQOsgWfFyfKWNTvxqnqtElb:6eVnUhMaGntsnpY/0TnglI4UbDzOQ6Wz

Score

4^/10

persistence

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.tnoho.android.iric:remote

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.tnoho.android.iric:remote

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.tnoho.android.iric:remote

com.tnoho.android.iric:remote
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4976

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact