92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
20-12-2024 02:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4267

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
9c74bc9e5a16ca3a39fc354007c36ee8

SHA1
e9634101576e3d1f675c1532d9676eaab4e614ab

SHA256
ba059cd847b517b0b029feb1d3847e47d1ae95f12f47343f4e13b6baca66c47d

SHA512
a406b337bb738c70730f675ccd100dd440ff486e6177f4040b19485b34dbcca92ed7de480c86cd1faed70a3fc714c1a306fcd326e83ba024509e3e48d4560e3a

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
ed1abe32ec92c971d3f8e163415fe57b

SHA1
91ab8d62e961090ec933504b8b922b5d4597c8f8

SHA256
e3b0994ef1ce91451ff90c2dca4e7a565beae74c32ad4a2beaf4f663b5ff3491

SHA512
e8fbeca0928ebd05a67342ac65bb361ec2889ebf624478409c73db52720b2ce87a0ff700378fdfb6aa08275d45b72a896ef5d1873a0e4d3ac9aea094c883d6d1

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ad43ebcc27b3cc948b60c2771c6a9497

SHA1
bece9ab79cfa4b01c289c51b5621be4e72435f10

SHA256
78eca882e5b741635233b9f35b72f48f901f4e7c4cfb25f64c47cd71b6e6b820

SHA512
39e22163185fc87b8a252ff97f34d1b50dd00bb5d722fbe59ec2cd9f6df53ac6bc660dd2d5ce31bdb361b5a6dbb6c49fa5f03ecdad871aab21201bcdfe21bc2a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c1b30949c4232fb638de7cfe413e7d9c

SHA1
ce88de260da8dec7a3a5ff6f74cf778e4311bcff

SHA256
77bba66f9a57867dfd6aa5a37eca5a115530e99af1105d3952cf00d712ebee82

SHA512
9b6a887ea8eda456ab6e4871a70771124c785377c9e9447574a9235e5b51788406e800b9099d5366fff566874490d1ab906354983c715afb8a6b405774fbb62a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0eac05064cc0ac9dd60cefdb8827fe4f

SHA1
fb2e9740058d8b58c62b51df493c2f16c0558b67

SHA256
5f24af63af017c40951301f5a7e1768b8bb34d4c4a98326718be95ed4849cf0c

SHA512
3af69ea45d49daff28292841d820334ad1878ad611d427619950e1fe996b926ede1e7a087a7e4fc8c03624807671804d4f94047ae2387f950286498caf42f608

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c68abab8f578d0dac4d8897ebbaa1326

SHA1
51160b35083bc70fe0487586956ba720a7068c8d

SHA256
153d871941c26d1d37dd969fdd5fd9f30f33dd50673267d595d4e8fe78a3d8c6

SHA512
9f977becc35dadcb3894da77af9f568fa145cf4c379b3c9d501e28a16bfe493cb41be7fa76dcf7ff4806cc6fbd7e0a075ff2173ee9b71310da8ed5296ea38cf2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c6c588c842dfca22971e1d5c737cfced

SHA1
0aae9ede80aba4bcfe509845bdb81b99220d929f

SHA256
37c0ceb32550fc17579c8888129fc78a0a9c142f273048c815cce7de36c02ce4

SHA512
17a82ae93974051cbc2733eb1b0c78963cb3c4b5aa79fa3e7074a76d9458cd72cf7d00b8090b4efcca3be6f087d446153d020905c22825a4f0eeb676f66230ce

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
c96076c27380a74c26e8d1822abb2bdf

SHA1
bf384e12cd29cf86152d129e0fe0ec49440eba70

SHA256
fa37f464dffabe21d1b572b8a464a23abd7c0c0df19d3d157039f17da90a590b

SHA512
09d0bc13a7dac9919821ac9f044aaae6347ec1319092c59acc984aa7298dd00b6f642cf7982bd0577bfbc64595d5c8424a15a4de2dc7f59f7ce0660db61f49f8

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7810154147a080e27f7c3f21b9c7b0b4

SHA1
5227bc61feb833a9490a420f475ff0e413b0864e

SHA256
32901600c52a31454fa8ed22bf9788e80c362b5ef1b56cc30e5ee13def5580a2

SHA512
b0040de4de771587c6286b5a04b03c9c577b0ec963d6ca16f03eea1050560508448f0ebb990113a17c1a4e2d4569c22e290fe6f3483676583b09308018797a27

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ca59ac14ea53776963e14770a4c4ef41

SHA1
f912d5140be4915b328880d2df2f05d59c48348e

SHA256
e9b93bf5f099209a3cc1def82ecd6eefeaadff9f6ea40d234e1ee0888f747e76

SHA512
8719239047d82a88d298d45399090d87931eb0b1c0dcf05a6a5a87ee956b96685842cb61c1f54555813af8f2ec865dc6a019bf6438eab06fb8f70c99951a22a9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2488f9e0906cef597fe9e38bd52b170e

SHA1
831f974ec0eb9dc057e5a71d36ec61ef7493d1b2

SHA256
03edca28c6480f8099d4017f764004f2014d97ddd32d840c253c7f90c3f9a6d2

SHA512
3f04d833786e470e5c7c5569cd3d1cbc57827861b3dc0a045218bcaa52663ced5a0ca7868d8276c3b985a66da67efb0578358f54500b939ed2173764298b5067

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
243c448f586ea28227b6da3e93ac3f60

SHA1
6ad91565793dfedc0f0080bb5153c78d929a249d

SHA256
f675c38704e42fe3de2d21344c41e30e02256c7183ce7ac0a93099a01179c29b

SHA512
a01ceff13ec17c6cf3627e9ca65ca55abcea003356646426a9e093fd7eabd331a2057802060b920429b7a20b1f319cd152183391f2a81493e164acb3e6afb600

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c8cd81f874cb7ff6ce13dc7a4cafe82e

SHA1
99cbe6eac570be4e207c7052505ba4cd3521d2a8

SHA256
a198f11d995a2729dbda74f8bf082812f83432ec9557a58a2a7498cac8d95151

SHA512
8b09bebf77186356ac8580ccf92c5d071f4775dc00f47d456962201d511c47f5e2fd994d01ed98ce259f521f2b95a6921aabb52dec151096d5fcf03623936365

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5462590042199234564tmp

Filesize
90B

MD5
d4c93311923a50e835ebdc18f7c7108e

SHA1
ced813978ee9fe7c15061bf0548ef6154463c093

SHA256
e6c32cb1218a6451dca1614c4fce00ef8baaccdc6cf8f07f319b1925ffe85441

SHA512
7d00f45fd883d7d14d6fcc3d74034503d4f8d021b234f84780238a133bea3dfd52523032db8403aa2e6cad20f78d405852ae621e11f9ade0927c368ec35c2c11

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7911021357491670586tmp

Filesize
556B

MD5
3fe4e3a778c03196d633d7e6c62a09a0

SHA1
edf50b65c558f7c6e6480e001290dd926386aea5

SHA256
ff6f3aae6b828c682d6d95355b1540fa432cca377cda03a437911f63fff8ad15

SHA512
1412ed07c829ca8e0f7115e76f2ce48c72596bbd07414cac182619bfaec15e47821b3a9e4330dcdf01882ae4bc0b1ac72f191de7e9f37405624f96917a965df8

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
02c4065285ea92aa4147ed773efeb8a0

SHA1
d645743bb501aeb379341a2fd4ad5d03167ed350

SHA256
265e82cea725cee1fcec3e0e2ccca0cb8f7bbc578779a04f175aa5444abbfd22

SHA512
bf71c2040106ad41ddc50b56769918ed06ff19c41f25c0d43c76c05b6ebe2bf39d9f50e2a3efd669e36019a47cd1a102a63461b4c8a5ed1b33f1ea0100c527c7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads