f50e4fb2b5379ee57eb31ee123e19c89da0201a1e1401a8a4b34d9ae5b5fa694

Analysis

max time kernel
118s
max time network
121s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21-12-2024 11:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

client.apk
Size

754KB
MD5

7b1643918f5d26fa70d5fb8ce8e8fa5c
SHA1

9fc18c7328b54c5c3aa9f2bf5af8e247165638de
SHA256

f50e4fb2b5379ee57eb31ee123e19c89da0201a1e1401a8a4b34d9ae5b5fa694
SHA512

4226bcad473adec7c5c9ac69a0b38702488d239b2aab56077872efa8ea61ebce3e485d46dd7b6e39c6463f6e84d82839a27831c05b7f40bbce18295ca2a75304
SSDEEP

12288:1byOB902b/u6LtOmKthmSoEQWPvdVDqFntOS37vY:1byE902a6BpKthmSoEBvdJCp37Q

Score

8^/10

banker discovery evasion persistence stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
5061	com.android.tester

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.android.tester

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.android.tester

com.android.tester
1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5061

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android Tester/config21-12-2024.log

Filesize
1KB

MD5
6e6adeccacf631669feba16faed63116

SHA1
8e52b462eeef7580ab4d2fd7057b9ebac3268bd2

SHA256
3346b2f22a787b510f13af62a5eca3ad5f972696df147149a74b0f4de6aa6fd8

SHA512
42fdd2391a70028d0a70e5b4e471075237d689f67ecb28b5ee4bf1fe4974d15a1ebfbfef6c121ae8a2d005d5444373d58c81f58e2aeab503fa38445751d98a08

Download Submit
/storage/emulated/0/Android Tester/config21-12-2024.log

Filesize
1KB

MD5
681ecbd9a62f9504530e81e2f5403a4b

SHA1
462680e9554a7a4633524a7845eb239a061b8882

SHA256
04c607af7463ba988dff8e251b4734a8f550b554c7d66b2b81ccf71cc91e58ee

SHA512
63fab195a969c935e4c901bc49daa7a45a0f7405a94b268590e199c09293209203de5b011855990412aadc31dd020e79cf30b8bed2be0f90ba4a1dd786ca4e9c

Download Submit
/storage/emulated/0/Android Tester/config21-12-2024.log

Filesize
85B

MD5
1e2d56bf2a23fec51a104f3510c0ec73

SHA1
b8ad0d44c5d0f2fc5302b3846ee3002293cf0795

SHA256
63a98ae6a79233829d9e747346617f632e709bdeff8723686153d5b6f9db598d

SHA512
a4e0abff45d7378ab055b90953ff5a4ee157b9c18c9ebb3f737d748cfd24892d01f0b16356853b640c079f8b131da5149e5a0df28a582684eb2f21929db3dd06

Download Submit
/storage/emulated/0/Android Tester/config21-12-2024.log

Filesize
1KB

MD5
1fe2604c8c8cd30139821530196c6a6f

SHA1
0c4cc3657de1e1e49d611f352fc511d67faef405

SHA256
8e84155864e22be524a66c4af19b80569664f75fedfc2aee93ad33c79e04c4c5

SHA512
d9464ca39d3c7490031632f9a6f11f99a59a07e1bd4dbad73b5b22a712768e9ea1873b98bbb3e35ba83351ca749be2374d1036eda21b52e40bbd24d814e3e183

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads