92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
16s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
26/12/2024, 02:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4259

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
91b4e3e25bdb3521adca5ac7dc0b8b9e

SHA1
ce67a4615f64ef71c428b1b2647276bef54c7d03

SHA256
87c3fa259d9cd5299b8d605884b483edbbb9c9229094184f0565207f3d5e3ede

SHA512
b4e177913a9064e4fb2f3b19ae23da01debe05a7d99ea5c09bfda21d456edb6bc37ab3b7133028fdd57c1f9021c7af4239f560adfd31bc4744d70a48a5c18051

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
e6fd0b3b93cd0d81a08cf3a2f07de754

SHA1
87327d9624bed0bf59fb030ab436ca5a7dbac57d

SHA256
2e1cb697ad2451316a53ea77c93d76ed7ae220f2551368ac4f2bfcca3f6f381b

SHA512
cebf9977418592ab1d87638728b9aaa6d4240b41a3d1a6602e04cdd1db9fe19e1dc33cffa9f840326a3215357eab5592e990e7d249ea9b1c5cc40a06d33c67f9

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
463ad44ba093a8b0c6df3232528389c3

SHA1
74b0cc757a258b16ee97e425d3ae6f4036b5ddab

SHA256
9d9ec15b4d3c87200091dc450abc36ea0aa47d7da2ca71af62397812768b210e

SHA512
8635c8d2592343a59bd431a4ef2d3d1d683d11fa7ef7fc265afad19d937e554b08cddcb54f75707f13fe81ad9526e4372040c454d8dd9f171bf0948b9f9f154b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0d8bf773bed9e17eb6a46ce469491f63

SHA1
067c05503e420b0db964839df0ab10082e973f60

SHA256
ab1472ae4e54788b32e0ffb4e04c8e649882e2cfe71d3059f1ced575d0d55290

SHA512
5eb6546c5b34d617e1a2bfaef8ce9c37c8949a04c1d015a5701b58391018a42ead91fd76004cca34934c92eb5d9c4133f152dd04cefdd34baa3c1f472efbc67e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
13f34e03583f82edae43b6c93c687c21

SHA1
9e3c307663e504e38d8a03f0d3908aec8a4ba360

SHA256
4e3933a22a50fe2b2c638980d01d1a34f9e62867dbf8000a20c1d474a2d3c9ce

SHA512
9bd82930793b3d6ec0f4528bd672d687b847fec589eb22e66f4b4fcce9dd04a70111210e99e4139df3a4d1e1789f947dfc0e0dd93adc563e9de9a95afc4a1b38

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1e4865888bef560f1463aa48a7e916f3

SHA1
171c0f2fce19927a84a6f433537889afbfe0f14a

SHA256
f1e5c3cae0368eb3d4bdcff09da66607acbba55f523c38a70ce9bf1658d436c1

SHA512
a8276097214548549636a9839c4e0c5073e1642811e66ecf74c778892396322a4128037fd8229b3834237ce5f7230015654aeee3f0de5b6796141d980924e2fc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
110de2a2890f607b08ff223592031d8c

SHA1
98ee6a792e07bfe12a67d95afae2f8618ca1a660

SHA256
c0ca638fd84197673f5f65238cadf7afbc86aa40968a4c7af618a65e3afdcba6

SHA512
3af2d3e082cdad166ed54429d629fb3c45ca1dcb1679e80de28963f790239510b09a273e0b513fe7965d1a310781df086dcfacfb04c352a9be5a6fd4546a2c30

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
110684b4b57a603d337af8f82913414c

SHA1
d4fe8157952e3cf25c21779753b724902dcfdd0e

SHA256
603e08308bd9f225f42b3375ef1ec77b74734013a1fb8275cb0768ae9531f806

SHA512
ed0b2120ea8d0a11d5ab095244cfd7f52991eaa0a739e61b428c378efb835f74e3e0b5c5eed9d204235dc1f3135e50b17062311d5714a3cf4cda08dcf66490f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d567c56bf30df8e5b84d79b899b8e7c0

SHA1
7b3978cccab61c8c08832898223326f451a7b187

SHA256
90b334de364b285cc68ff02d2ef7acf652750efe9be35ec7975de0fe7f893676

SHA512
123d21102f6387332170cfcee2460dc61ad1010bf473d4173046c06ba1bc90cf8e8d9077e64ce6112c5dbc61b555f4c4946979af2c1312dfa42944d2349c9de3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
09fa865d1a9b5f491122f88f4d8aa039

SHA1
b13f6b6dfdd875779930e8610ed4ea5d232d59dc

SHA256
a66c636e14ce49c31bca86d5ddb5f52987164fa1c4c4be59ef6b74ee3b0e1ccf

SHA512
baf6d43abfa43aae78586ae635ac48cd8ad4079da34927813cbb71d1da5ce1aefac5266254539eb612c9e13e6937a5565149aa62b8dd43a3409af1fb8e6972e4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
eee23109cae104cc4260413412d94a86

SHA1
1a690e3e12eb739bf7ee47ba9353616de793f773

SHA256
449410fd492092c81b21dc8ba1e0398b35d87eaf7e54f2dc2af05c42dfad15bd

SHA512
f0f07beb3cf98aa42a83087b4cf9d0cdf91fedccc12c0c2e721eb86a7d2db4308eec2220e3fc9ee55f8f4e840d35afb09fc8c7fe92c280dc98100439bf2e45b6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
9004cd872c3cc3a88d3358112c9b75f5

SHA1
40cfc53db10c9af26b98b7ef2b281ce7b5992e55

SHA256
2119340b98dcc001b8c89accb1dff054bd313cf8396903ccc418bacc07e6fd85

SHA512
ac96e8a96a97d2d0ecaad7ada86e000ae9cb98c1e5f72748967f114f78a55412916067a1d028dafe78fd754c3c04f638a596096fa3830ab35e435e2bbd4afaf7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
79d36345d5e86fce30fa46949b7247c6

SHA1
990881da0f4866e3f1c0fc54234d066f08c68142

SHA256
c91180307bd85d7d2cc30d89de3f8a3a714761833bc7f37ad2f24d1ef8559a3a

SHA512
b62dd78f65893ced7c7ec84668f47d154a1d19fbb0161883e15907cb1d61f736449e473766635ef6b2a71762866e1493462e8c284b87600d6de2479144f4fcfe

Download Submit
/data/data/com.systemservice/files/PersistedInstallation1190466229091006856tmp

Filesize
90B

MD5
4f0f64f2e874260c6dc04c811bc8c75b

SHA1
1df9dd35395c9e08a626b2ff7e41a3e3b530a500

SHA256
fc457e65f50e227cb7221cd3d07641fbe1c6e403eafa30f7e789c4dd5eb6a812

SHA512
406716539def82f6753a288e249efc36151d811d7d39ba05b03eb7caa9ae599ae14a0b32616fdf17a831abc52873187428f370b54b709b8fe2b83b98b865fd66

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3374496853603395604tmp

Filesize
557B

MD5
1b305553fd4967eb97e91f7e43cebaa6

SHA1
0f5dc457a3b6179484c550f2a9a80a1ea7956a7a

SHA256
34beddcb6d659f46196d5eef3bfe58d4613e4ad91d83795b74b102633905b032

SHA512
0522b6c6ddf46f22a8110be79b30623140f663d08c48486fb4fa877e0e6c5f1283ab900e7f982235a8b1780f8b489c134471a810f133e96a9e598a83a15081ef

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
6KB

MD5
aaf5af4db2be305e7e4bb3be41beed89

SHA1
05ab57282fc776170fda0fa6a5544672be566fee

SHA256
a0687e3f6c5e658f5b786d544df7bd0ab974e14d2cc083b3f646d5762c62561f

SHA512
04bc76752bd70cc87f59ea1d4e087a9ea8cf9ca3eeb6682c37bd289b04e7b69312c4d9b3f8c9a5b0e42fe73a30e8455384057ee01a692f94fe919d2688c36c12

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads