ef7a3cb0b7dacaa9ac1789020cad088605f71e95f2e466422e387b2dd1fe6ad9

Analysis

max time kernel
123s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
25-11-2024 22:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Payload.apk
Size

770KB
MD5

26bc6867474b1d9467b1ecbb1bd35b3a
SHA1

904061991a72c74b95b8ada947be5fe72503f98e
SHA256

ef7a3cb0b7dacaa9ac1789020cad088605f71e95f2e466422e387b2dd1fe6ad9
SHA512

4ebb5ca2ee360c2857809344b311d13a522b22aed947539672fe73cac2abbaeba6ee9dd138e411811692101834a03e2e860e7452959bb3ee8e71dcccdea1e355
SSDEEP

12288:U5WmpYshXZPbGwidNpgCAzYbvVno3EGB6boQNR:U5WmD9idNp/AzYbK3EGIoQ3

Score

7^/10

banker discovery evasion persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

Processes:

cmf0.c3b5bm90zq.patch

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	cmf0.c3b5bm90zq.patch

cmf0.c3b5bm90zq.patch
1⤵
- Makes use of the framework's foreground persistence service
PID:4538

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads