Overview

overview

10

Static

static

10

rdp app.apk

android-9-x86

7

rdp app.apk

android-10-x64

7

rdp app.apk

android-11-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    27-11-2024 13:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rdp app.apk

  • Size

    668KB

  • MD5

    42b08a0f6553f50044ba10b989252efc

  • SHA1

    5fd0999749439898b4bfcc88b6af52cf885e7090

  • SHA256

    1638d48b05daffdb02c6d15fa0e2325d9f00734ff5859ca2c606bb89a9edf621

  • SHA512

    7161cfbc772db28581710e7e5466fc7dfae5cf761c70445fb0459d0813627ba41e6ab0045117c355c1985853d6a2914da6363054fb2c2d320174928b191c55e8

  • SSDEEP

    12288:P9ky4l5eixfRFqJ4E3h3Xp9fGuzIw2IgXgUvk7vQusT3cgtN0FHmv6Rq21xg7r:2l5rxZFqn3hJ9fGOIPIgBvcvQHT3SFHk

Score
7/10
collectioncredential_accessevasionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • splash.alfnet.viewappsnew
    1⤵
    • Makes use of the framework's Accessibility service
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4965

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-MjAyNC0xMS0yNw== .txt
    Filesize

    24B

    MD5

    8b7b3f50eed2777d6c50bdb3e883519c

    SHA1

    f3f04b5679105f5bd0efc3dda76aa29258ac006f

    SHA256

    3c5f2c9318209bfb1e85b0bc7d92b4c038881913854a4ea1fd7c4fa46cbd0dde

    SHA512

    037435b68e40006b82c78989d7ed7b4751b7026859f62c0c2ba58957638d75be284509b6fd108557fcf452d5696f8e03e32b520d56b37d8f3416a519b6c0dbc4

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-MjAyNC0xMS0yNw== .txt
    Filesize

    24B

    MD5

    19e9022a0237abfcb41de0da45b6cdc8

    SHA1

    cfcb8500f6e281eb42e54dbf472cc05fefdf55ac

    SHA256

    6a3ed19be60f504848d404f19e7c3dc35b0e2d623fab204e02d6aa93acc0c4c3

    SHA512

    bd02400d5f3f91054f1bf60ccc35457d6f3d83fccae18b3fbbe22b81c5fa86e430d2886685a6a7777c5714d25b16499be31ce86097e64d3b878c04d89dd2aec6

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-MjAyNC0xMS0yNw== .txt
    Filesize

    40B

    MD5

    3a71cc46a72de9883a7b8fa8cbe34ca1

    SHA1

    ef1bbdb281e546b3628a1a845b4941db1ca9e4a3

    SHA256

    c06d9e99f6ee253432eadfdfac6008e211182c3770fd883fd0ff6e4e08a5e201

    SHA512

    f65df913a1f4ecb920de54fb6c30ec52368e3b61043f9e37656f364d420f97d3a816ef2b0c6d9e770521e3cf1818cf9c5d689482418278b3c967a4d57c9bdf07

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-MjAyNC0xMS0yNw== .txt
    Filesize

    279B

    MD5

    0772c1a1251db2c0f8f0ff7f3ecb317f

    SHA1

    c769fbc95c7daf9a9012f1ecbe9d0d39c2b04b77

    SHA256

    74cd9570846c7433cbf73b4ee8f41c9a230207a7044bfd3b5a0adeb1341b5145

    SHA512

    16ddd8ccf04fac8cbaadd163ac453b73bdcd991c77c949cbbdf0af7743f206999f6406602da9ce8cf6d866283d8987d14eb772cc43bd70203f5d4ca252090034

    Download Submit