06818925ff56be601315626f14ef841dbfcdedd08ea9ad375a6fb12796aa5443

Analysis

max time kernel
148s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08-12-2024 18:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

06818925ff56be601315626f14ef841dbfcdedd08ea9ad375a6fb12796aa5443.apk
Size

784KB
MD5

994cb80009c4a37803e659147ec3a069
SHA1

ff6fb98be98cbdb45732912fb07940b39d2c9ec1
SHA256

06818925ff56be601315626f14ef841dbfcdedd08ea9ad375a6fb12796aa5443
SHA512

2471ae2b3229554cb8404106fb1be03cde523cfa87eac4a41b365e4f14f423d26994a7022f1a7cb79be6359acb9ab70f357db34065b0c796b38c5aba2b7d94cc
SSDEEP

12288:LsZmRGkBX0yh2+x6FQDWjupqFDkeSJ902b/E6hz1GUt:LsZmJSywW6KDWjupqTm902o6hRGa

Score

8^/10

banker discovery evasion persistence stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4434	com.jbhb.hjjhbhj

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.jbhb.hjjhbhj

com.jbhb.hjjhbhj
1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's foreground persistence service
PID:4434

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads