7a02c5eb86106247a3e744caced3b621918e7033dcae40c8d4015d12e246abb7

Analysis

max time kernel
47s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27-11-2024 19:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7a02c5eb86106247a3e744caced3b621918e7033dcae40c8d4015d12e246abb7.apk
Size

3.8MB
MD5

0d5b966d999d4801bc81b225a29a2f31
SHA1

b338c125cfcb68e8aeb053d718488a7bf7de9e55
SHA256

7a02c5eb86106247a3e744caced3b621918e7033dcae40c8d4015d12e246abb7
SHA512

9f50d7c5858a1559102e2b764dd95cced75fecea8b5481d5eee9091aee773216d7c75e6286e2216b61b18cc9c24a4ce84b13f80081442ca425b68a9508026dc6
SSDEEP

98304:7oTwrHKDwj/yK2DM+F742qs7QOCbwQb0fES:aDwjo7NNCbPxS

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

com.errorforcode.netix

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.errorforcode.netix

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

Processes:

com.errorforcode.netix

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.errorforcode.netix

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.errorforcode.netix

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.errorforcode.netix

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

com.errorforcode.netix

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.errorforcode.netix

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.errorforcode.netix

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.errorforcode.netix

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

Processes:

com.errorforcode.netix

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.errorforcode.netix

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.errorforcode.netix

description	ioc	Process
File opened for read	/proc/cpuinfo	com.errorforcode.netix

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.errorforcode.netix

description	ioc	Process
File opened for read	/proc/meminfo	com.errorforcode.netix

com.errorforcode.netix
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4997

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
7d7e13ca9259e4001719207adecddc06

SHA1
f7fa0fe3244bfc9550ec62f4c7bf2814926a294e

SHA256
b223b5b648f3ad8f1ba59dc4f79f3b40a6d3009ddd84773e19c01d341913e3af

SHA512
30b0accb7400abf71d7c3e3bd407bc15367ba5e09c87954ac4dff8d55a28a65fc09a63ffe0f894eaf91dc927c0e93e589740aa85f9c5ff0bb5d6164b00b0ca8b

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
266387328f2ec1dd059f354e537d0563

SHA1
4c7ae6dbc26a10da50d05cc7e4d94c8e2bd787f4

SHA256
c1de6eb9dcd9d89e9925dca0e6c9d88bc0ae15a308523a9857489426ec11f40f

SHA512
f099326078af2ee452486276d8c2dff5b3aba7e2718c1d8e329dcc228e302bb6208d27a08a6d7e6d7371b7af26a89adf31eddc0b006031dee166f196973c4444

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
f1d8fe9a603c98a85d510daeca0ed6a6

SHA1
c74b7aefcc21bf8e7441c268771fbcc2e00ddef4

SHA256
1b6e69d3b8243aca3a99255444a92fb853d2adfb6c137d17c5cbd158c685f9af

SHA512
a1ed9154e6843967065deeaa3181e14d0642fa990aeefab07e33afe3fa5e7c52c9455ac227867a50c751a410c75015ce73408958b0b94bec0c61f1b3531941f9

Download Submit
/data/data/com.errorforcode.netix/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
9261efb308dda7973f034ec4da29b782

SHA1
06853f5168c3f7c3a97ea519acd769cfe160ed73

SHA256
dda8cb30075b59d9c256f740482427df32609a0a663a532283e2c4afd37d2df1

SHA512
45043ffaa52bbf073d5c585229ca34cc0c4567388993f65646ce6b0794044fcc8049a32f8c59875ae6c4a6addf2743697370e0c6bfdac8a2e04b66d89cee3345

Download Submit
/data/data/com.errorforcode.netix/files/PersistedInstallation2090636576513436551tmp

Filesize
90B

MD5
7b4cc57c2acf344951ff32ad7bca3203

SHA1
479efad6a0c359a0829d58375b734ba91ba6a2e6

SHA256
6be6f2e08debd63e0ee4dd1de62fee987d8b6e21ef24091a3f8f42e6bf5cd55d

SHA512
eef72b4fcd56f2edd7517507332dd26a90a04413cc4c115bb2ab617712e7ad0fa991c4e571245b430302444694711ec91a75c8cbfb90414953fdb192c86dedba

Download Submit
/data/data/com.errorforcode.netix/files/PersistedInstallation6049387761566347318tmp

Filesize
567B

MD5
71cab33d7208a33b732f1b11c0496cca

SHA1
f4815c36a70d2a4da7dbfcaa7a924c56e4b0673c

SHA256
e3376a551c47c4e1f2407d89562ba5af1ab51ad2b55856f9f77c4a2a0f56f22b

SHA512
c73ac8919e2f4c4cf031db6581a473191efdcc3c178e5a075eb0933cd96fd93d9ac37553af725b624366abb49d84de5ee9a256bce402e2912abfaead58987af1

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
155B

MD5
a21010716df91852d71c8607c0656d67

SHA1
055831132454ce1aab919abfc18a3ee888097000

SHA256
a81ee85f5ef4a10c75c52b9f0b5a2093a3b7fdbd23b800210109f3e24f71bb31

SHA512
5b02ef9d06975f100382319d6b757c977ad945683761c6401c34ba3b2434ac5f18e415b6fe2a540689e2a6f079062dc22179ad9d51548d2e3fa1e301c452750d

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
214B

MD5
132166ba22fa3128272a4df4af1c7ffd

SHA1
b63e9d313c2bdef7ad386d5c067ee41417e8d9e5

SHA256
eb17d13ea3d776abbbb8386318e603b794f9e3056a59c6fae267717e5c1ff9d2

SHA512
5219634efbc3b38cb9d07cb61fcdee787ce52f72f8c04fd9e78fc17cb65a8dd63bc629456a9e97defd8a6391fdf4a71195aa9de05de47609dc4af75a07968bc6

Download Submit
/data/data/com.errorforcode.netix/files/database.db

Filesize
383B

MD5
1cc1203f0b7ffcc06a2ed5ed660a55c8

SHA1
cd9c29c1572f9ad7a7b6e85823314e507c669d41

SHA256
8a68ad7fba1fabf60494242517c25ae8065fe3b0d291eed5d06b27aebb43ef2f

SHA512
5a63673eb377509f985d32c9d3ca27220ce2a683460d913829848847b94c6f6149976fed020c26d82857706eac43d6b82ddb9acad38e501e5d21e160aec86593

Download Submit
/data/data/com.errorforcode.netix/files/profileInstalled

Filesize
24B

MD5
f52a708aac3b0f97d463f04761a8aba4

SHA1
fc4934b09900582a4b9bf1ff8e40357b0d155d16

SHA256
1c4a56c328ceafb47e0d96065807e0b43e7d2f9c2bb678909688d4711668e208

SHA512
541b6e5ad4b3926e06e7cce0dfb076d8bec4f17232c6d4a16ae26da83bc99a56e0f725fb52ef1b23d92f19f781955908aafac8973478767373350a09e3baa5fe

Download Submit
/data/data/com.errorforcode.netix/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
3ec11d76375b4c5d7449d5807684c436

SHA1
0061ea15bc6e676cb7451fd0c29bf8a12a7f293a

SHA256
0f571dcf9cb1ada0f3f1116089ae7588538bd167e3c4543a14877cb607281efb

SHA512
a63e04a7c7f7075f8cffafbb518f41329013f90a43494a53150287aa90b534e6611ff5dcc30974ad18e15c8b235311a3f08c7a13514ab87d74411c68af4e74b9

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
784c055f84802f54b87eb1fee1e6033a

SHA1
99f8e51d12433e9886d13a0951488fdfa1fe233b

SHA256
57f640c21164fc003b27720181307cfb9aa4a9c9e0964c595b1f37627c50e568

SHA512
2fb265b2464ed7044a1e5a985826bbe40e42bb404dab2d3879d054f263a1303d77c20eadd80fb22116a15839022284652cd8a5382643ed4428a45b319b28ed78

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
ede05954c7d782d331ff7e03f298437c

SHA1
425061f768a9c4d156b88103e959ecc328216b37

SHA256
b1a54a4267d24f35cb1784e3c132436932b7bfc0ab5b18e3a988de8edaf3004b

SHA512
d899f2cc83c7223fc08738475f21e72cf2a13ae8e1908613ba66fa666b7e3de69a248f9c313501b938f0e5a232b08ef4691964c689266bfe7293f7ce3be9ba2b

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
4efce10424b9b3e25763f4f7cda55a96

SHA1
c2fd8a6465e2955f6e7635324c4dea3d9266dff3

SHA256
35bdf20aca37e028998cfe3b2397e005268d24a319d345fcba4f309730288e41

SHA512
d89df0e41d4ca673ee585c07fb62172b17fe8ff080cba59b55a8aaf8138a71b046242ce8c90f26aecefbf2ae47ede003758e1736bc87800fb2b11f39228d9b1b

Download Submit
/data/data/com.errorforcode.netix/no_backup/androidx.work.workdb-wal

Filesize
124KB

MD5
afcdaf128a1bfefe688af7f71e3c7f51

SHA1
d23a2a0e5d8127d65f4fbbd953268b1cdf1d28d7

SHA256
6d329648b79fe2a00bdc0d0e43b6bed6639bbe2ddc8de3d8323d931533ade796

SHA512
2f13094b8c7cabe1c8db7ba8165091a0d0b1bda250a912a2c499ffe455472d1d8c17c914d98d7dff02a9623dec0a7a08e98e1e45b6e5a5407d1b24fb5ab6af2c

Download Submit
/data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

Filesize
1KB

MD5
aaa163108a7e79ae66fa54fd6020ef07

SHA1
591d01a1bcf3f82617a682561b0ceceff7a444a3

SHA256
5d379e396d8f70b05e8df2c54b8520a466d5687f3b2272fca18bfcf4a2faad42

SHA512
27d176b516b4070f289645e351b4e9fbe66cc1e47199492ea3c1f1c17b70621b93b1c164d940851417e7eb5763ec5d8f4f1389f330d397712758bbff80746ab1

Download Submit
/data/misc/profiles/cur/0/com.errorforcode.netix/primary.prof

Filesize
5KB

MD5
efcc78de33926d61091476b5cedbc624

SHA1
f3a9f855d7aa134144ada4c85f63767ba3a5373c

SHA256
8189ee2afae6590471c2b3288c61a24d6e7d6fdff869d61eb196d50035536d1a

SHA512
f1ca5a405ddb64e7a88ccbd9b9d79fdfaaf6a50f491e2e47db8e54388ca481d7611d4af989f6b3ddd1ca24255254eba24f95def185fecf68e816e7221a108f9f

Download Submit