92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
12-01-2025 02:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
7f5acda918091b1039e5e63cff659e48

SHA1
6d1fb651ecd41b82ee597999dcf845c8ee909072

SHA256
74066890986b9c25b26b5f56d90831a144b01f38dec0cb5de936eb7ebdd6914b

SHA512
aa0a68df01f9add683b2c4eaa7c2814ce6fd0700f423f8d8e2e63ddcbb616adcb76b48825bf430fdd51abec207f4d6d6f08558cdd24d10b5518845ea6c7c62b7

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
c50767af34d19829ac8466ec0cf01443

SHA1
bb9715814a5a1f581721f30fde1e51b2c948373b

SHA256
c96f7e625fdf37b87d97d2317462e44ff5e9abab369597f33fdebdc62f3af875

SHA512
631526d4c65f6f0914dfa4c40b551f14dcfffdac6aed6e40647db9294b65c15c98e9db7b921d7b6a769fd353fd928d2ea618f88823bfc23b635df503f4983f62

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
10c2dc0571c39ffef5ed752e6d9c533f

SHA1
df25ea25a3f2179b9abae1dbdd5a7eee31de19c6

SHA256
19f39e65b02d26e8bb17b95e2cc23fbd08bc2ad20fd138502fcb5acf9605d16e

SHA512
a7dfacde3b4bdffe192b44f7a4fabe73872954b59695a0230d60a5194ebf1e6ef90061a1035fc0735d63e5647b60f0bba9ca1279c86c7303ecaf8dc97ce48ee6

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
96cc3a6dd77f1e61dc852952ecf46487

SHA1
90be7536ae809d44d755bd2b45e2207246e832d4

SHA256
237b64be56032207a67f7dfec88f2939e2f781d4eb932d9296a43678607035ef

SHA512
6b3d3c6c80de47644227fa09e51be260fc6cdbd1d9f3599db02defb78bb80fb4ba79d59b1df78bc7b1f1f1cb8de319ecebf28a2e799714a611c7c90ee3eadfc4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2a7199703f37c29aff256d9f630116ae

SHA1
a58880702b93d26bc792a279b43dc8bba1a6cf8d

SHA256
fbd033d976cc9109a953c80dacc53ef7d285c1a553f79b2f420f22cf1f7717a3

SHA512
63887e1fe7970a4df90bac19e7d5f1b7eda62544404cda127519f2bc26075cfaa9c92a78c38e2b41aab88bbe5e85faa181b8dac326dcd2c771fd6adffa3dc3e0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b19906c457913d1522e5bf824726bea8

SHA1
f8eb0c04e5d0e4e19aaf9a37e2fca5007fae5be7

SHA256
e564306f023e33f7c33028b3cf639a1ee5f26e24b6d9ed7e29ecad5cad9791a4

SHA512
a3ab7a9293579cf91909972b1bbcadaed0b3782cebeb54e01cccd3844ace9f8044dcc72fc9c14aacfd4d0ca56b762106802ecef690e4759318fd33c9d02b2542

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
62fd53d232a3b90f9f26d3b2934f83c3

SHA1
c3cb4ae1b4fb9b12c53d0761611815c6434442e7

SHA256
172820cda2fe6ae2ff42edfc7947dd70f41a97c964098449244e6e1b40a13c81

SHA512
a6536f03c6d58c37ed04444113e1b40433cd9ff4d36275a9080b47ac5198cba1b5f218db67e7442903e3d02f0253fa567c44f91e122277873482515b5871544b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
d286f45dd5f5550f1b140505f4931944

SHA1
26d17a8a4303790b52d4d7a672881d547c335471

SHA256
5de9b37aaf5c3adcf98bd05bc4b1768bfa6168f45f15e4f51b19c6df386bf6f0

SHA512
9e4cf4f9ec4b1810c4772eb6d5028b673ac0386eb154900577c73baf83a31ae121cf64deb263dbda9b1c07f36694738a9de5bc3b6be233907c2aa06cbb7afbb3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6ef0179c3ef1051ba94b090243126340

SHA1
92ccd831d1b9499c717dfc27baaf671e8dd020e0

SHA256
dfd19c7706bc8f38dc0462641f5e48a68b2a635575836b37146470ae300d12ce

SHA512
88ee4726ebee888e67b6e20b8a733f9e0d5954f05f84dd3bfa4532526e5752ecbc3c4ccc2b6065813798a7ce0be63e0f58a71f2aff88f374e36ca84e5f9c1780

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
995e8c994219a0388cf62407cf588255

SHA1
892e47a278b64edbfd4609a1e68c50c547a76251

SHA256
4ba2fd183816f2cad53e959eb64ceb71d4b1223d99cf408eaffebdc5f0bd7b5b

SHA512
a25cea0c915ad85b07b46d4b9bd1026847423990413b878f87728405b740813b72113db1d72c146a2a3886bb8f5cef59431a65c3d427cb469c7fa261655ecabb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
81f174ada4217833ac9b0fba089c847d

SHA1
5d9f1d0b5173ac7e26144ce734254da1933f529a

SHA256
8b93cd6e6ad1a833de780d7269a85d0251cb3a59e89f0813c9d218a57bbdc74e

SHA512
6c9962d6807a261990ec9fa6763b4ae5b882389fcb49dcb37c7bed3cf78a38ab0b60e01ea301e33d32ca0f3e988090bdb8e74ee2ebcfe7a650b65d94a9f4aff0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
caaad3dc2e62d73efbc0448a879ba3b3

SHA1
c00c44829499a20a225dc8f71ae0f9c2ac89a557

SHA256
13e49732addb8e15d54754f42f1a31d9c512c1a786f074b2e129635e5f77762b

SHA512
ceaba7be189e3c73c7d84154e8942777ba473004eff5de35c8471f8572c72780ec6dfb2e06cd4ef4bf2c1647f879aead558b04a7e5efdd1ed8a01c139124a5c1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
41125de21cfa9e24f85fa76ab48cc736

SHA1
b2bfcc2ed22315ab59d1f745f7e6c92ccf6f6e59

SHA256
1532e44de070e5d650d7fa02bf8c716738fb7289af049a19fdcdc578b2014561

SHA512
eb61ff6c8dcab55a5b594d9b4b4dcd6e57891b556f81bfd31dd78b0d3b5a5981c81026d683bbea495bf32e05b5407f5d51625b8dc958c3310529d63f2af78fcc

Download Submit
/data/data/com.systemservice/files/PersistedInstallation6829769557599937262tmp

Filesize
556B

MD5
7c5ba75ad74bf3f0761b8376e4d4c900

SHA1
6359187c77cf7d9c80994b9d793499bba9c52d49

SHA256
58fa099f7a28b422cbd3cfe3b5ea0148ad02b06d28d8f38f55616f61270c28cf

SHA512
2befa0c41c88dc11a326be74c954081fc71987acad00eb66103d284b73e488ed74bf051be110e58c52228c21fb4060b66d85b94ba1d99af0b21e907506208dc8

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7226557806373958297tmp

Filesize
90B

MD5
494db5eca78eeca4ee1b19ee42f6c3b5

SHA1
792c021858284050177dc43ac3f707a467c2bd34

SHA256
afe17915cd8067c2af7d6f50640181f4c178413ba8a280b5ae7e324c3e0ecbec

SHA512
ab4b0c9421d8d17d6b2e908bfa50153653cf4c2d83f1bcb4050af773b47971ffdfae31c88f705af07610b073e3de17a1d055939771921f117aff5d66851ec7f3

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
4c8cd4ac94178042726478ba2a65a491

SHA1
20c88fcc1fd8177feb141974a85048baad400079

SHA256
f1970928592e4610586a8ac511069d3562beb4b766e83ff6ce838427d31bb467

SHA512
bc5047da25c55b531595d9895a200a1dfd0b6502d166a3c313fc66b0e361ca03e3333a17d991ca2fe92955d503d346aa38a516cc78fb8ef0b71e64501f410660

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads