Overview

overview

10

Static

static

10

launcher.apk

android-11-x64

7

Analysis

  • max time kernel
    160s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    24-11-2024 19:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    launcher.apk

  • Size

    5.8MB

  • MD5

    65635fb39660436ad3b7961d7825c511

  • SHA1

    3d2894a74e6a5d6a5d8ef057738f5c601dc5cbdc

  • SHA256

    bdbd5808368922e89a14318417fe893076a0b37914a264ddcbdd3d7d2e45ac15

  • SHA512

    d5924c9d55368a1247bd246621254f20eca2623be6470b50e2156ae2c9aaad593ac784071db3ad6c4dead80dc2740b8bb1217672d5a685388c934656e6027099

  • SSDEEP

    98304:bJ/v1eHdwEHJ/VGu5aSXTnzggGnW+mzOaLE83LyzB4v0mOVw6f:Jv4mEHJ/PTzgg8WZzOaLE8pM

Score
7/10
bankercollectioncredential_accessdiscoveryevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • build.ledear.yvjzd
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Schedules tasks to execute at a specified time
    PID:4448

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-24.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-24.txt
    Filesize

    25B

    MD5

    56ddf40eb66d9e1d6980855c307771f8

    SHA1

    004e36380bc0068d0cd8679e8dec9ab2be72179a

    SHA256

    8b4cb11636c9526db4fb7b39fa9d92cbf6ade64666de7d4beaf25a6a1cdc78c1

    SHA512

    1ab2e7f2e9545184a4e1130d1f1262a8fdaf3366e0d5de113bc0db90ba9c6f609226db7d9456b3e90357d110dbb59d15ae16efeef8733e1f23d3d97b7480afe8

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-24.txt
    Filesize

    41B

    MD5

    47bf4896695dd37839081267ce5bdc7f

    SHA1

    5a22524c99760b6bedb78a471103b776441d0184

    SHA256

    6695a9937b4d80e5da880643272faa5aab78d45be90b092fff8a9235a9e65c67

    SHA512

    d58d5bbc32e115e8a46efdba89dd9df622c439fd9356fb13974279d09fc5eb4b5391be5a376ce91648a0dfb5fae6250b3a799107e4e05a755f496383ba1de146

    Download Submit