Analysis
-
max time kernel
145s -
max time network
167s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system -
submitted
22-11-2024 08:04
Behavioral task
behavioral1
Sample
apk005.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
apk005.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
apk005.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
apk005.apk
-
Size
684KB
-
MD5
874a2d006e3df683e3d84a0b6ffa7427
-
SHA1
28f90d85bea9dcec6c246d2e1e0d81d20d84bdfd
-
SHA256
758cbf74036ee718530f699f327b9c9eb833f6f2ca495749ed7614644d98ac7e
-
SHA512
1f59fd316c5405dd18e8ac07319440fb14e02396759339b411cf01b0b7f6d35fca1c326a4f4a2bae322fd3ef3003bdebdd11b89de2537af6bae3e3a70a4a20d0
-
SSDEEP
12288:DphYy/p6FOjENqxpXPcRZY90ipEKbM/qd6IusT3cgtN0Fvm16Rq212gXH:NhYKkYdpEomqd6IHT3SFvm1GNjXH
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
splash.app.maindescription ioc Process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId splash.app.main Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId splash.app.main -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
splash.app.maindescription ioc Process Framework service call android.app.IActivityManager.setServiceForeground splash.app.main -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
splash.app.maindescription ioc Process Framework service call android.app.IActivityManager.registerReceiver splash.app.main
Processes
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Hide Artifacts
1Suppress Application Icon
1Input Injection
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24B
MD52cb7ee8f096cb9fbcd14bc28733cb604
SHA1469bc56f4cd04633640b477b49691d4b95a1351e
SHA256ab4a9ecd49e5e00fcff0a8be1281e85bbc5648fb3a1d89c72a504d7d676ebe74
SHA512868e7a711a7ec24f178abdc3d410467b172440543a0e7b40e58af174260043329e5d526f0c421e02a01aee61eadfdfdbdff4e232cd49035aa9e3dcb4bfafee61
-
Filesize
24B
MD519e9022a0237abfcb41de0da45b6cdc8
SHA1cfcb8500f6e281eb42e54dbf472cc05fefdf55ac
SHA2566a3ed19be60f504848d404f19e7c3dc35b0e2d623fab204e02d6aa93acc0c4c3
SHA512bd02400d5f3f91054f1bf60ccc35457d6f3d83fccae18b3fbbe22b81c5fa86e430d2886685a6a7777c5714d25b16499be31ce86097e64d3b878c04d89dd2aec6
-
Filesize
40B
MD53a71cc46a72de9883a7b8fa8cbe34ca1
SHA1ef1bbdb281e546b3628a1a845b4941db1ca9e4a3
SHA256c06d9e99f6ee253432eadfdfac6008e211182c3770fd883fd0ff6e4e08a5e201
SHA512f65df913a1f4ecb920de54fb6c30ec52368e3b61043f9e37656f364d420f97d3a816ef2b0c6d9e770521e3cf1818cf9c5d689482418278b3c967a4d57c9bdf07
-
Filesize
279B
MD512b5ad4d0ed5dfcf236a1b2fb5a6f53d
SHA14177a934dbefde119cea55a015a07fa83a7eb27a
SHA2564b68a25b37de94c8c05fad0519376d3ce7cbdd5f967239f8154c8b9a87e844d3
SHA5125437b8c04a2fba346a33e6491df366f57b35869585902782ccf97043d3bedb03290df8f64312be862f48f77c16b07ed23d20da65bb7f05c39b155a019873fc94