Overview

overview

10

Static

static

10

Ayugram 11 beta.apk

android-9-x86

7

Ayugram 11 beta.apk

android-10-x64

7

Ayugram 11 beta.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    01-12-2024 15:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ayugram 11 beta.apk

  • Size

    4.4MB

  • MD5

    feedafe4c66cde1f66f961bc7754867d

  • SHA1

    e1dbe1085de47e4ee009ffb741aad4139d85378c

  • SHA256

    838ede639600416ee0bdff08ca17386481d0f4fcc988c7d48b40f239bcb1d1c2

  • SHA512

    e4fee7caa7f8d4f41fd4b1d5ffddf34c53c0dbcb5adf401e9d518e9a2dffef7c2502e95380560a001cb455d5db1a6947e86952755190f5d4d19a202e3c2d75dc

  • SSDEEP

    98304:EsxT04V/PAfCSKqWGmwCx7CmzrzBVTo0tEmoN6h:E7FEGmwCx7tzzT2A

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • expanded.powerful.ln
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Schedules tasks to execute at a specified time
    PID:4498

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-12-01.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-12-01.txt
    Filesize

    33B

    MD5

    670fca6f75d33f98d97c7ebf37cb1b26

    SHA1

    67d8207f948456a3b94f3858ffc0257cf64f8ad1

    SHA256

    86ea4faee5fbd67186b6874589156233923f2beb5e7806e55315e3dd40d1d5f3

    SHA512

    8b1872f155741e169e14b4a51ce8051d9e642b85fd179fba7fd98d479e1d5361bf8caa6ee4ca9139af013a77e1c72e6143dba65df60bc0d469d096253b9efe7a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-12-01.txt
    Filesize

    33B

    MD5

    99fe1c139a4a82bb13535f02cd9f8d9a

    SHA1

    e5fed6c55c884b8f938a04918b5922c91681f795

    SHA256

    b65340f5f9513c06f3e02065d259cd9a3de109fdf0563300c163b06e77704348

    SHA512

    edfa69c0fcc4da64eaed539e4748886694e31a031b8822d85b993c067597bb12231d0af973e2ee7aff56ceca73c09ff1a8a96613193ec60d7097011434206509

    Download Submit