92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
13/12/2024, 02:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
7cdf6542168ad0534e28d4a593c16119

SHA1
8157a435f2875f911305221e5288d5fc3ff5256f

SHA256
b9fcbc32e1b7e408283b377248f52023c337c65c5fd2d01017b73abd4b974ccb

SHA512
b3f440d2823eb6ade2015db10fa89d1a77b8370f6cc1bceee956f25930570c65f089c5850488662173806effa652b6a2887766f63560ac5a826decb548613304

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
19a46f82f139502c70d57dc970e53471

SHA1
cd05b0c5467383e5f11fa323375d6beca9ba9c27

SHA256
95903433f5f461434b5bb945bc1af6ae899c7ee287819468c6e5794ba4306db3

SHA512
c2649831641474e109af6439c78df3e390fc84b40867a36e4edf9fb147a93782d061d81bfc28a6c0a50753e44754dc2901a4618cf61f4efdd29b11f504f322c2

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
27c7da7670cdcd7319575b9b1ec9d803

SHA1
dcb2b7e8ee7e3d87b805eb3d2922d59764fb1567

SHA256
3dd987cd0c3e2e7ff822cbfbc7104120e3f18da18409aa7fbc0bdda9518e1348

SHA512
5dbc1d20e2191d2239e2bef8195a4023569d0ac7cfcd85b35e7e99a2a242d0515936e1f9dc3505b50f4782a1f1a31c9b82c5deffd442fbdcad1c647b21a837ac

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f4163750f94f907d8291107112feea41

SHA1
ac74bdda370d01d4ba5959ac9a3cf5ea42429d69

SHA256
75bd7a975dd83ab5379b38f421054b94c042d76b8e1745112a4ee3ba31747c1d

SHA512
627624a081ee75c227308b8513ee307de1118381b6a9c0a997f248e0b380c0e9579ff8c8cc3d9485719cc774e3e08bc30c81bfc0fd284890b445e557d590ea39

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f0849c1651439b12dcb5e08daa91d5b0

SHA1
fade1928f6ed32a1121244542a3128269ae33e8c

SHA256
4b5ff67edcc082f7d2e2dcdcb1511499ccf4b578ded5bdc15e6689f21dd14065

SHA512
e5f245e6240bf86d161e3b5a960c425fdb9672cf26b8329c737f3920e043535e106a2cb6d413f841fcc8eeacf45303e02d9ec9eae7e67ab7925d932ede15b84e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
267086a44566f67492d44b82a1488b14

SHA1
bc93863edf665769205d2b34d614d707b57d575c

SHA256
a76be5cb87253413db3fee4af4fa7cb263f45b56c6c858f31093e4db7badebaf

SHA512
eebeb0b5d51c7c4bbb3ba03b3f4c6959ac49c3ab3f2c864ec7ef22666a665cfb6d9c01106e0b786cacefc884dfbe6218b31aedc53ad52a21db1eb1cfdd5d77a0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e1df25ddc628a8d1234a311577042fa7

SHA1
fdc5d77190ba36ef9cece003347517657a8c2f99

SHA256
181dcb7289ec09a0f4e612bd2005d6999b2cdb0045eba9751f9eda3bb48d66b2

SHA512
385cfddce784faca9471a1531c4b9bac94104221792cfb8ef6169c433dd49327fcf158222ae4b037593dfaccb12271f0f9357910e53ad3c495517fecc0c3f06e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
dc420e02ac94bf609ba956d355eadd9e

SHA1
e48e105f2be1f921afa6805f66756f0471a40c06

SHA256
1f03651286c1299ed30f7daa70ad33b4bd01c524ba6728aed92488b0e5a6f6a6

SHA512
3bf386d6537c949014189916914cef809a36905bd560b0c74fc562733267191c99cc6889e39203bb9ef6fcf5782aa1ce8d1cb3a02cbeda4168de49a97f17bd5d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fdf78a3e883e1d7ebbf314c507a729d6

SHA1
bb486c1f73232341d58f03ef9a7976b0e1aeb029

SHA256
c7b7a1a9ea932f5be1a4b424828bf663c46ea902ecbdc139ac97143964c5126c

SHA512
148a4e2d44544590f522239c3f5dde3063c39ec42c7c98fe76d7b03109f3ac86a46d366b5de78e06d47629ff041d4da76b83de28fcc43c8301fedfab60a07b7a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
64557c2c03b46940283eb182c854cb20

SHA1
a5ac2dde49a2a899b82bdbcbd3ba681c7aa1d349

SHA256
9f9f32147eb43a7061a6f2b87a8ae449db15f8345c1e8448d6c2dfb006e4789d

SHA512
87d3176584f7c4a086674991cc1e0fbd2e512273d041215267e6ac53ae2c39ddcd9b540c51d8f86ded7fe9bfef8a83d7d200e2bb7c92b62197c45d409f71d780

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c3ceac58ba0cd63934f89e7cfca9d07f

SHA1
472fe0ff3fbfef58e159f738d23f055b81ecf12d

SHA256
7cfb7590ab4046fd640bb9782afabe666c3b64e4d45cd9a42e9b26193114a891

SHA512
fffd12de5965a99965da29d1eccea749fe95cea857ac343adb62b02492c247d6d75dacc60d5392d10c92857aa23eee111322db903ad207c19bc0f07c6a458f6d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
126772e9f1cdad4f9169894367cfcb87

SHA1
4c30d55173aa3c058507351508b02f5f0604527a

SHA256
35703869af2839eef2d2b806085bfedba772724dc6ef64e4fd9db29a341c148b

SHA512
776db52eec3db5c85b6ab7a95a79dc8b92ec3289b2177e6db16fca5edb633720148e8565c2cb42ae85436958d4d35b4f38e01b48035052fce00def93cbff8e0a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2fb8c95750f01833018acd2a116ffc69

SHA1
5001ab4f4d00e7e73a6cf425dfcb7488d28f43bc

SHA256
817c461354a175719e2dcff668aa3dea049f323d9b54a428bc0851372b4fb130

SHA512
f5475b4a17544231c79624fb3979d27855ff20192034b67c49ad86993ef98ed60faa94991dc5fd2b02dff4f3dc784c9491ac4b760ae8bb2a9f0464c7af649266

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2740937003416980915tmp

Filesize
555B

MD5
df66ce83161752b1bf503d7fe30a2875

SHA1
2b3656af53427bf90983a39ef082469a893c76a9

SHA256
54497d8e53c27eb227f5938c4a4c9b939777ac7ec8479aee29d2898a64d784c4

SHA512
5d439e255e5f2a3a9abbc56cf23e7fdc16d99671e82871d5cd34378c7fb7ec9b705828c44e56b4ea4e1937f8dda372b35178e2c5d50388308c03dd2e2d9d267d

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6733557871224581012tmp

Filesize
90B

MD5
4f8671acc80a4738172f0b5b2acb8121

SHA1
432d10436dfd4c9725a2b72152b896661e00af73

SHA256
936d294c6c86d15a0a14dd2ce4e7e49ef09597e050b46f527e1b4756b32dfeb2

SHA512
f70bbf0a40327a7f0b26d3022f0e0409e94ffd5c95c1cf3a035167e33fc4694624b0fd602fd9c024e4e6e7a18a65c65a28bad64f1d607b42b825fc699de6f8d5

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
eb76d32f8e4de5a6f0f65ed1c49cd37e

SHA1
5609426a808de15a0c4dadfa457b207e44b46eb7

SHA256
4beba7e09c1e7383b91dcc1e4228c1429e22fdf8b83d3c4fa8a88202664e8f7b

SHA512
bda3f57fd58b583cfb0179242ba9aa5a4960cab6efcc3e8f2b2c6bed43b42dd2c764b4253e5ea2efb14d24e648ea216b4f81f8c41518be62b40bb9ce5bbe2b6f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads