92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
22/12/2024, 02:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4246

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
f08d167dcf6de5cd6f64139b24022852

SHA1
6b1f8034f77826af77c90b63091489d9ff59dc78

SHA256
cafd5f15881da0475cc6739fc434e8fced0938c8db207c4bec314481a626200a

SHA512
2be1707bb8e03d7a734c0f7d557d99ed612e2271f2fe5acfb229678334a6cc55d077e28ed2922c67a919735a62278e0fda754df4ae1c11a07edb584d4af61292

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
890609e65bc6ad2e1b03f67d2365beae

SHA1
505fc373680e152460c75363f78e69cee2408fd7

SHA256
136d56a1971ca62a8c34ad89caedc7a80ebaa3e2e9925b5142aedff8b1b8b21c

SHA512
514ad46323751d67799489b3044cfdd1e39bb9a6e9e738b2468d8d4a2b41a0ef240d88a4318061d1a2bfbb9b0b737d1571cc8d71c7e9db6a774bece0c0d7bc42

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
278af2d8dc9b3eb005fd1ee71625c7c7

SHA1
f5b4ced47dea111fbbf26a72933f755b4b38fce3

SHA256
2545bb39b5a4dbe0e1bda0cd253ee2c332813491069464e5dec1bd5feecdf1c5

SHA512
9e8853da0e6767fca30ad50e81a4ec5bfa8349717e2f3a2b3e0a09e5a5d09aeb641c09a4487064f81d62eac6effb8ba483cce1dcb3edd20748b3791df0ec8f95

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0a61f1b746743a0869fad5c0dcc6dcdb

SHA1
741c21a2845f58c547e620be2c3c5bf0ad715dc5

SHA256
3916d697297df284063cd61d7c642bd8cbcac71a80ab2b120e4218af4f86e376

SHA512
c651e6c237588e21ea7bb41543bf069658a9af619acc467213710c69b9d610ebfc9bcafa6bc49789c8c688af27863c7baf6298a1faf4aa7873889b45c93b549f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0912beb9b6216e10afd89d726e8dd956

SHA1
db4ffdf54d40ab034bde369af5bef169044fb48f

SHA256
54c0174ca742dca6aacd8cce0c8f9f2978c2d330f621567ffd43abeb232312c8

SHA512
948db4834f7c3bddf916b9fbf491f5ed9312339cae82b6be51a5dc7106833d09095dfd6358702cf4b70acfe8b3ee5121338e528968d71c9ad96bff0ed72a5b00

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fa1c2624665384f6d5135fea70d1aa0f

SHA1
dd49c49cd8c9314e809780b3dc38279d52568eac

SHA256
ef60eaabf7386cef32821fdfe4498078262d312605a9a2f0e81405dc35d1ab7e

SHA512
b91ad59368bb234dc2fa8874f2782c9197c078c4363e0f1a19145ec73cd793de60c6bc346a0b6efa54dd959887121228f72f55f243eb6e46026ef69681d2224b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
b36f55d6a4dc663bdf0e9a96e8d91c4a

SHA1
70021ac57cd30397634e57553d32915d320651b4

SHA256
3b4866123cb30b29b6edbd86a222526aa18e80786656491672b1ca05b021c137

SHA512
c953619706a0014bf4c67396953aabbaf50b8cd1ac07e5c0b06b615aba288c3464fd9e5e9f2f38ef158d7d7c9a7e4831a8f74287ec13511777d380be07f7d690

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
eaeb5e199c2f728ad2c26cb39d59a14e

SHA1
3ec83232d3753e195cbb8302f8b3684d87b7bbaa

SHA256
6b1ad7e15aa35e919175ce889582a963358a6bfaca8f7b022d39e7d6e4e190d3

SHA512
f6edd16f4ee5bde8a5c5a378daa8238cadcd1ef8eb060096ff6888297019db69f4433e426242f49ded6d9ee1e121b4b92bbdef8d3ea243f68bad6c46a182ddeb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
096b95656de5b3c8a2cac346607ac7fb

SHA1
b64aa9087192fac3862df33395109d4c0be84adf

SHA256
a73dce4f526c2dc310f48cb8c74da73f81d1818ea24f2be1fe7babded2326475

SHA512
7c1a0e59e18ed36a4369d3f0b69f2c6ff9adb58ccf919d76078a5731aae09fe318bef4ac4ad81c2a4f706823f162f186280f990aae9eeb0631523add4e251db2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c92ef1d05914f55724b1d2dccfe95865

SHA1
5d80d73ddeb0bce2ba50b9af03d8a9956804b751

SHA256
ec09623c0063fb94910af15560a3aa88c3f30be00d68705f2c2666516d65aa19

SHA512
217be4bf31875c72188d1382c8d416ba3e242bfb382305d1595c3a5864be7db576915bfbe890c8c9773502de7f3768d5163121370b5c9272e86c36f2f1676ae5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
618b6cac38d5d7313137aa3527056c8a

SHA1
f5aac1209bab608aab354a8e2b6e660aef1108d1

SHA256
8e323c2f811c8a21bc09ef69996cff1362885e5a2fc79819cf5e695ab4f1e677

SHA512
148b546fdac6f61b8a62c50fd250f37d3a9e4dcbe84ca5899cb0836d40e887326a0671fe3b73586b378dec61d905344b758b61c67dc60dc5eb4851eb7fec0e9f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ff4d7b8ff0ef7c333a62fe4943e97040

SHA1
cdd2937d297aa4ce17fa972d6c2ccd62135f179e

SHA256
1499d680721d61b970edd03a4587892ac698848215c9d3885c2bd2fa4693bc3c

SHA512
fba9a06483b398d8490df5284aa2441992aa83c468e4ee21e251f456a14d43c12e810074c4f91c9c78d73ee77a404108780b892429f05f73ad2648b866959bf7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a61b47aedd4086b826a0272a75eeb326

SHA1
74855f2de217b3e8e5361833b1bc2c37072344dc

SHA256
00d87d42add0cb46692c56829b1281b3793e20358c8eef0b46ef1ea0b6d385ac

SHA512
db0f46d97f9a2b39eab8f31887f691f5d11fa4baeb790cc9e6e98be5a67f3ee5ae9340079330001467add34090630ea0c3437a9babf54a79fa6c9a02530cac51

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3168795462474063256tmp

Filesize
554B

MD5
0ab461171675175a58ddaf5eb10149f0

SHA1
909b7c3a65f2291174cf8cd5eabbe49e503af97c

SHA256
4cbba48d4551a977c1ad7032fdeb70560f214a09a84912b5a4e2ed56dc7cab95

SHA512
0ffa24b588d19ed91083fedecb1c831700ec0754184e2fb0c65314226c0d7e023280ac6dce06de1eae2803e92cae9d0089572870947e7e943b2b90b555a2694a

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6521048407607472242tmp

Filesize
90B

MD5
bf4de87456bfa6b6f867e700193807ee

SHA1
b096fb1a282a3dd77d79a6986b83476eaf5b930b

SHA256
0c9c51c8faccbacb9a286c137c8d9d725496632849fe41405e7347853dc2c030

SHA512
5e2478831256d311bde71fb4e44e7054799336ecf18bbd9dff0c0adad1a1195e3840034d11a2ca1c3858f78123593ea83be9a3661e3d65d13725665b96014829

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
78214a06355df3cdc9ed42f28e2eadde

SHA1
aa2da221efde2d0f3a76fc7f3cd714e6c74847d3

SHA256
70ad4328416a62a46ab706ccf07bbf8eea2ed4a5184b180b63b41cfaecc738ad

SHA512
36c094e759bcb44e7ea75e7bfdad77103481e0b9b804113ef773676711377b54ae9c2ba0f28d5800f68391e3935f5297822320583cf63bcd446f1df027389a04

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads