aa044fafedef958c99e585315678779b590d7bb4b6f9018043ce32baf5c84702

Analysis

max time kernel
148s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
10-01-2025 22:01

Target

aa044fafedef958c99e585315678779b590d7bb4b6f9018043ce32baf5c84702.apk
Size

748KB
MD5

647b28e5b50870c13ca0b4076fcbab9d
SHA1

9ce6259ae8a73c91160a07579daac8f932aa4be7
SHA256

aa044fafedef958c99e585315678779b590d7bb4b6f9018043ce32baf5c84702
SHA512

d7532fd2cd8a091728e69b820875b009abaa08c9103a5c856a72e3d2d9b2dfa24a8bf9f39e9a48dce376ce784bb5dec1f23daadaa0b3423d14551a96e8d93160
SSDEEP

12288:GRhcwJ6sgRnLz4DqeUXtv5WmpYshXZPbGwidNpgLX:ChPJ6scLzI5UXtv5WmD9idNpk

Score

7^/10

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

Foreground Persistence

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	cmf0.c3b5bm90zq.patch

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	cmf0.c3b5bm90zq.patch

Tries to add a device administrator. 2 TTPs 1 IoCs

Device Administrator Permissions

Account Access Removal

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	cmf0.c3b5bm90zq.patch

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	cmf0.c3b5bm90zq.patch