92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
134s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11-01-2025 02:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4248

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
3ccfd0f0224baedd68130edeb8655d9a

SHA1
1f224a2d6abf9b8ee82b550defd5954443c0858c

SHA256
4620777615a130c16d94064c9f11908ddfed946812b4c889f7ede1ae1568b492

SHA512
a1241e841ac214659a455846b8d4ddb3bf273b353f9fc1a6d1c413d0b4e7603e0ab78deaddf4184e549c32ae5e7d4c8aa283f1f7652aacc012a698747a4d0b4f

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
0056be4b1bfa2f63de3c3de2d5ca50ad

SHA1
a884afa35a1f4273cc28d58b0f54dcd82029af41

SHA256
746759642830d9729a305ec787fca30c99ada4ad86c8ee124f8201789deaa7d9

SHA512
78e5c687bead6812cb9ef2d36f16f3680ed9abde005a72ee8291529b38d81d3a42b081c594f38d8928e82b26bd128d834c2c6d6735689fc6965563e2244ba8c9

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
54c82ebdc755b28cce96fc3c2fdc2196

SHA1
2fc9e8323db5879d45bd51dce87db9e269e4fa3b

SHA256
caf2e6df7e28f4f9e6e4da26fb5f9d0a08b08f6a2aae7f19b257624e602cc7b7

SHA512
201758894e919d931868d203dcc57276d05f94aab80140044082ad354fa8fcc29b12b732b181febe6ee2b48c34e2f1430004ded01ff6311fe5cb389510e667cc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f3ce60aced5aeaeab5ddb011217ffea5

SHA1
a3ec493a5f70b787e597c5fe82403df1bc74eff1

SHA256
5688670fc0883b705cbf39cf0ad671b4d1a0aa905740f72a09c73caa747d7065

SHA512
c07409ad03d61445a7cbe153a89141309d036303c2f12e7ec60e4a0e305e2a37d42f44070f85be939fe985f0cadd87d76edcc9ee4cef3cdc8c7a798763627463

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8c4f976947d7e4ef7d45f0db865c3791

SHA1
5def2228cd7f0f004aaa67a33248b330e110b63d

SHA256
8d2a0be9dbea380823c67f57c5401fee2b4c40b41601a8b5e03428c0c7b5d101

SHA512
e3091d37b5e5330fd4670bf402acfa5c769585755a4d35463db1ba69e12aa5c686be5f3a51170c034c6f5bd4429317fde86bd0f8f09425394299b79258bab398

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e01c2caaaae918cc888314c60e5bd8d9

SHA1
7ba003b2be3d097e6ca296951f175d437bd4059e

SHA256
8c732d865e2672bb7488971d84e87c16bb03b09476e75acc498181a0e682e792

SHA512
5da7de542a907144116c109313e706432ceef2313f88b8b2dd565231716236a49383c422511ecfc3f53173c18821d6208324b958dde8d3f0b915e9ca2de10918

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
455adf32c1c19e81743390c650c0f2d8

SHA1
632dd8b64b12e004537a46d9c3ee7b37d3f39e02

SHA256
40443771e5decd1b698a6d53dcf5ccbc9df169b4273e04782033c14ca813bfaa

SHA512
ecd6e8882988f02082a1b27e1066f29eb4f308839260a5857c5fb594b93125dade5633f95911b24fbad9002fc5c9f7d7234cb0c65dbf40547feaf67fc583b2f0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
c254f8cc54fb0c01f27221ea3b97aa31

SHA1
50b8927d6a774916735614e253de77a1bc9a582b

SHA256
6992fc4a82be32ec49563a20c9e4361b8d2b57dea6b0e06c7db2a69683e2753f

SHA512
c1fd0ea60a7dab37ddcfacfd158184c35dfb835581e15f6417d80d8d01582f8f57ad2acd82a73a2e056d3a83ee4a4290cbbd43fa50bde443a5e4a811b7471f02

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
91e0ce39e2deeafa98d86ca3e4591572

SHA1
f1588e79ce454f65fb41cf7f1bea330cc80b50ff

SHA256
f6969622070b14fc15983c0514af0ce5d23231f3266dba1088689c49ed26b1a2

SHA512
893689c8b557321ff3b4acf59474f36ad785aa6f2e8e26748b3fc841a482419243c6dba72ba8b12617eb9bae1e2f8db83d8a88af14a6e2b364240535ec763e65

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a2d4cbc053bd0e3ae56a4005db3ee376

SHA1
5e81caabd2e3df2a7c8ea9900faee0c386645a9f

SHA256
672208eb51223e546e6e79cd9a0018954f451e4d3e7141511a3bfc5268fb8290

SHA512
17225ba6948bc5113ebd69d70471c8db51cae93692e452ea642e72a8ba79982dec9cf16631197a25168c514ec7db81cb2337c396f2360d474d72ed7620fc3fd1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bbe90d33be92145e2a95d3cf772c9615

SHA1
7af73a06dbd81349f94736e947beab86fe6e9c97

SHA256
c33e70b759e5f481e93a62f2370d0b543a4d0153558ceb6cc00889ae48cd5110

SHA512
8f530635058ce10f3b60a9fc0ee7840a91d7ec0a1248be257dc9715c082ccef778c02e08593326ce3633ff0975157c131f7c981d5d41524a555eba98dc2507cb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e0b5e3469a0424de69b07713f1b3af5b

SHA1
3c30e8c6e8199c937c92284118df8106f1abef67

SHA256
1fb0bb25cc432c13c2f24416853f6f484b89563ec34a08ac3272eb521d7f2b1e

SHA512
90436d9d4649dae0bcb1c096333e611f0f9c2fc0f7be3e8c081268f64c8c7f20db2c200fa45512ffced8465de7c4a27bdce9d4a447f369e135d4d88b18739973

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4219a808485810a8a08625ecb8501cc2

SHA1
2c338a1d598189370d4c9164c6980a410c2716be

SHA256
f59199b38eb492b47177773c4e8d25b7768def0ccb15aa671e080975efeaf987

SHA512
3b9b46e1611bac268f449a4c9f4fc517fd3fe4a9b71e3e9c6bb9caa874c08b2332f856fa6fb6771fd17d5ddc901564a1d6512844a4bdc437d88efdcda3850f6b

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3456092475021079792tmp

Filesize
90B

MD5
5cc06c5f6b997f41842734f6f47acfdd

SHA1
aa2835f53c1ab26673b036a979808691850bd3df

SHA256
e79f2d304f8b4d182db0ff44369e505a7ecaf25073133034a47b2658fedca6df

SHA512
63ff29869e8def68cd5b580b9e9989760ed0afc81b784aa561350e3e4f6392cb4ca2b61bd35ef947869bc86c4df731651d05934299501b4c5b31a4b600db8623

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5081491434538647973tmp

Filesize
556B

MD5
c89a6abc334a4e182bff8d16d42300f5

SHA1
df21cee7152bb4c3fe2975dac3e3906dc8e3835f

SHA256
5ff985b5d7e5f3788fd1594b238b3e3d3d00a111e68b7990a74cb051adcfc2f6

SHA512
56211fe6547deb1aa6169325a9c6a9b70d981bba698f055b41d1be5646dea3dd1c2a9eb064d5190ccb336e69c490a51cbbb410499d48ad72dac82ef990f457bd

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
fc3c1fa1ac7ac546b39cff3dc87d78b7

SHA1
3dcf5b21f41421bff147f3cf6054b43d21236e12

SHA256
bd969540ab8b9123e26c9481aeeaed1a83aa57c91dcae552f91a3f8c1b429da7

SHA512
83d9fee30c0f44a4b0e8f84e73d911929b0aac163db91228ddeb3a313f5d3acac49dd785e844320914b06d9e8ed93069015ffcfb8225acd4001b73f2ec43226e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads