Analysis
-
max time kernel
12s -
max time network
152s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
23-12-2024 16:54
Behavioral task
behavioral1
Sample
81a8aa082b4ff194f7a77e294c22df5bb83cd43024e90fc7cfe9cde37b188b78.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
81a8aa082b4ff194f7a77e294c22df5bb83cd43024e90fc7cfe9cde37b188b78.apk
Resource
android-x86-arm-20240624-en
General
-
Target
81a8aa082b4ff194f7a77e294c22df5bb83cd43024e90fc7cfe9cde37b188b78.apk
-
Size
4.9MB
-
MD5
c65a69ba8afe5b4f80a04d26b8b6b78e
-
SHA1
0ab8a12c2dde9ac88e755a39fa6562bb423fb454
-
SHA256
81a8aa082b4ff194f7a77e294c22df5bb83cd43024e90fc7cfe9cde37b188b78
-
SHA512
8b587e133eacfc42e946d9e2c4c9195c1f8d2485c99ebe0ef3a45f7037d792eef7113d287ba242993f9ee68eb4aedc79d7d48881d88b841059fe902497c4574e
-
SSDEEP
98304:HPfQWnSNff2dCFZuM876xK9yx3qpA2DSaX+SAYLat7i0rJDi0:HAQv76oIx3qO2DeSAYLajh
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.arzdigitals -
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
description ioc Process Framework service call android.accounts.IAccountManager.getAccounts com.arzdigitals -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the contacts stored on the device. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://com.android.contacts/contacts com.arzdigitals -
Reads the content of the call log. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://call_log/calls com.arzdigitals -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground com.arzdigitals -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.arzdigitals -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.arzdigitals -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.arzdigitals -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.arzdigitals -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.arzdigitals
Processes
-
com.arzdigitals1⤵
- Obtains sensitive information copied to the device clipboard
- Queries account information for other applications stored on the device
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4205
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
System Information Discovery
2System Network Configuration Discovery
2System Network Connections Discovery
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
94B
MD513d4dd8e558fe4734d9d2275a503acd1
SHA1a1dca3bacc3237ceb368f91441b07a8b018fbe87
SHA2562a762cb8e9d0b6ac149f7819757bd839c77ce84cd2744c3a09ff9711d5eebc93
SHA512f281c80708783954c69462514c8407590450be34a711d3a572bce1702cb5c2d8652d023373980064d870bdc9fdfc0e7dc86602d9ee08eae6d284a281ac04fdec
-
Filesize
227B
MD56c3e27e3adf807783dadb36203616af9
SHA10dd3dc5fa4fe0e497449719df448a6c86ce43f34
SHA256779314ca4b9217c8f5b0050811783d037e3ceb68aad04a010e200c434031caa7
SHA512d00de8c5052eb742d8640e16765c8da6405111fd2e81e0efbfcad0aae15259091c1389e1a747eb1d02241c8d7352141c3a501655af42322d36606051ddd18b23
-
Filesize
51B
MD548927a01477a90d1b4db9d510850d0ab
SHA1408d28935d9857a2367ea34f9c9dc5585ae2ae20
SHA2560a57af2953775e299467b6750f39c1c958df497e599415696d677d6550663b37
SHA512500562b4e09dd57a0d812b24cab2cc82bffe79eea326a167538c6a9727614bbda93c5cb7c70b62bf148232f98664ef560bbf7ba44e62666620790cc4e1fc59e5
-
Filesize
51B
MD51827a31c69715aa80d5714f34272921b
SHA174c84e5975c855c8aab742a516fe4f97dfcc714d
SHA25632f82f8524ad09948ed56a09abc353ab5e35bdda0ce88073d2da25ac52d845e2
SHA512e58d64ae108ad47d6a5b5eabda2841ac7d1efe65cfca359d970464db661546f480a784887879236f2ad8fd4a37e8f9d39dc42eebe824d15a4c2580648cdd1eb6
-
Filesize
51B
MD5aa0c692955ace8f06f7f9a6c85947f09
SHA13ebc62c7fd2feafa3ec1fc0cec4303096cfc29d7
SHA2561e7271ddf23afa68bbc9b659162a24ad5359be0c191a87b6222aa9fb7361a415
SHA512979f9c1e4fb02456fde01448cb6585b5d421ae280e696e999f24824358270e085a40d5a17432e886aeb41701651d80de7110aa591dfddbce107a1ed12bbda254
-
Filesize
51B
MD5d39b5692e1994f7ac7db90c1581f9758
SHA1ded114ccd3ad69c62335ef90a4acaa831a16fc6d
SHA256a7cad294582d24241ef99bee79d252ba18024120478dd647c6a843852f3d89ab
SHA51274134871585afc44cb50639b717650b0b2b9a7b4e1785d314f1718dab4159fa87274f6f44c541f58e255f9ac6a478191b2f7e68f0c9d79ed6d1529660af3c489
-
Filesize
368B
MD56bff6f3758a3ec8629e0aa9882d61978
SHA143c70fd996308b03575848ae694d9bf04dfe7e88
SHA25607a7a9d3ee4f333d6f18544b32ceef36b4a2bc4986e54030d7f1de52e16bd9eb
SHA51262ec5127f8bc9c26a83c05f936bfee7873b5254c5a4a5cc1b29dac5943a82c48a2290dea4e0f669ae6c85900bc2412dba2c49344b37d70dd4bd4b48d9c167f1c
-
Filesize
362B
MD5eae0b7021913838fe44cb0704308887a
SHA1647dc6e5468c4a95c85cb7d263129af5cb0c8463
SHA25682082b99277943bd8b57674451289383dfacc645aa34ed6f9ecb2422f5e7ac08
SHA51292163972959a52a3d1f57d0a73859666cad9b28811763cfa93d0bd0326d0fada7c0824fe0a41a34fc9f880af672ad905fe103efcab8ca90f1d704864a4c722b0
-
Filesize
256B
MD51e788535f2fcb1cab1c18b94b64fa1fa
SHA14cc865da410f78894636cc38166006fa9aedc853
SHA256ba546a044d5bacb3f5febd7e56a0cd118a340f53b8bba5023fe77c3c3e071c2a
SHA512a886c0797126744212c6951d63f7a14be39e71478a0c5795333c10074f62525b0665888019f8a14d1aefeaa13b3116fc077cd3d53e66e4a1f2f77c758ceaacab
-
Filesize
241B
MD5177d86ac39b697a0cb57ce7b60cef18b
SHA1e67c3899e88f574dc31da7b9433b21b3edc96526
SHA256b8408849dc200ea59a6ee552d80434a5019c3eefd84c879340e137c055f4d540
SHA5121cf8e7a3a3f7104238a78a8194c292f7f6f97176e023b03fec14e351aac8601cefe8dfcc74314df426b490d210d0a786a4425f51d90890410a5af3a151ad3e60
-
Filesize
256B
MD5abeed4b80beb525c0ecb5d0e917212f8
SHA18570e485096395f146fac45f276d0a6aacba962e
SHA25669ed22509c2ae337180b7f5649fd9bbdfb4a18359a3d19925c0f96becce7716d
SHA5127aea032ef27a2e464ca3ee0c3b9ab0bfe5f11a6dae7ad1a1e5465afb968ae0c2829e286f73af2d0b3bd6a77bab10e09b0d981568b6e39a8b4e6fdd953469077e
-
Filesize
241B
MD53bb6ee736707fee96ff6e120b83673f0
SHA19d259e7cd87c79554bac0b2ce66242b01e15d30b
SHA256350bb5159ff64d43a47a856477928c6fc96665f14454bedde910d8eb0101b88f
SHA512b6f06dca8797b9ef2249f578395eda48fca18ccc3a3cc4dfedb38c71a83d7977ba41c4078b1c5eea234b183463801f3db5793a8aab7839a21df90c7460f36c92
-
Filesize
256B
MD5b9ee19f663e9f712a93d940bc7007b1d
SHA137465715dccd3f883822f3db933c9ce6ef858305
SHA2562c919a81907a11ff1dda53d0f5e39859581657557b38240155ec256aacaf2ffe
SHA5129e2e2f68beb127f057719216c6de7391d145a2e79a1a0e8041413e850090fa41eaf03c131127565c093972dcdf4107c1003495400cb37761f0fa861b076c762f
-
Filesize
241B
MD5f27ee4908310fc97cf840a0a59767973
SHA1b7c1fc043b0ab8f5bd0276e5c709a7ac14d7fff7
SHA256b2a337fc3ef19b09869cc8ebcddb044d9c776d5ecf2fea6a0447c1d3a0629092
SHA5122c37eaa6c147717dec3b8663f8f79ad7738a0986cd0c0a078036e9b0a8ddb4cfde01a2181950e063a7d65c10ca7d13334f00ff6301074b8c52c8a48d52657c4b
-
Filesize
256B
MD57c27a26b017724540c6b4fc21611f91d
SHA15833a6f80fa99d7aff6b8f82a8c78625fbfb0f56
SHA256486f04f72bfae8b5dd74fd32f580e15c07f6380862f7df37797a2a5fd7cc233a
SHA5123be930f9b280e8815fb519ab3fd4b30b08b478b435a893b5a7065b4f98521d39c449661bd10c650a3ddc99b9f1570fd1a514cb6182f7f652ed484f352879292c
-
Filesize
241B
MD5c0a027c8544e9742c5562cbdb1a67f01
SHA173739f10234aeb35aa3e475d509f603de719e9dd
SHA256fb883636d202ad1c9f15d496236453d27b798d9d1f822e4988328f8b5577fe49
SHA5128202e66aff572ee5a3ecc4fe3394cff4e276b62fc491e0924c9aa1f00189cda1bf4de04aa4eea0eb598bcba021dcc8fc24ea5a36c4dd48255d7cd6a1c39806c4