92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
19/01/2025, 02:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4255

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d67d2b9a5757df40e7848f6f43da0835

SHA1
1f17ff4cc62002ac44d3db36a54985b9111b5c6b

SHA256
165bdbff550978c7ad606b3dc728900b1f3e4ad643af791e5281b5735cbd13a3

SHA512
ee96c1e7674e58c7aadf79905d03d96c1a43a766b12576ab6d44a06eab89f47c5655f74cb90c3dc9f0f51c2425c397ac701ef76c1e43ce1e3785edde092f45ef

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
e2e1fa6d7ba5d5d7a17251406c7c8419

SHA1
16c38097facb552062f4946197ff256d86388c67

SHA256
c4abc19bb944a6d65a8664bc69d5c2fafd3fa787f09160abf784e6840b9aace1

SHA512
b5947887e4c81cee68fc7fe0c7967e42639bc24cd238a315797b552500a3f48c28ca412931436dc48a9b8760c19cf2318300af1f23b236e6d8a3cea593c50dd1

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
071c2c8273d5b8f71b2f291e8f647417

SHA1
c922374193220ab268e9f4071da9591be76aef2c

SHA256
2ef019c28826d9caeccb4d6743f285316fda449b0d178fb1f13dcfd9b117dd7a

SHA512
18665c10225bebbf64a09c00ce4316e85ff373664a9cd61538553194b78c56f984f6813bb5b9bf499fc6cd91aa39d3512829deec42e0794682c423bdb02ab04b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5169e5032a5cd75fc9fc66f219c5343a

SHA1
2838fbd76fe9eba55497c9ff748049a58d3bbb82

SHA256
4f4bf7c32cd5c01d8a5fd40732a49f6fffd7c25e35dfab9b05f705449a2df971

SHA512
9f4c43dc8b251b9b7afd6fa6e37e08dde9e6034bc217eda828dee5892c380548362f426e388960dd2d2d19ed3934f435c1fc24c98d16997c5c41976ebf79152f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
093881f1f9c71d0c5e6e70c161e9a553

SHA1
3c21c75a9bb9f12ba6838def2d19c122a906cd74

SHA256
9fb986f2fb3ce60d4326957e3ab5c30749ef224bd7074b4ce53c20656c2fd2db

SHA512
208106d268f76118eda124a1573160ebb46a8fc2d72a936998c9b8cbd098850411546e16f37f7b8f480dd367677aa686b7e1fb2695405b85b1fac987cb2dc1eb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
61d545b43fed7b97649f61f97710077b

SHA1
e6bddbdabc8e7f6a4a0a9fcfbbd834d93cd64c68

SHA256
5e871137fba829f876c308770b41aa57033c100631bffd064f6568e142c86d06

SHA512
96d587c02e7dd924668351208680b62776759bd6cd428dd278f620c9576af56cefaaa60b6fd5b165b33150ab8a11c57206e739e93953d31e3142964b0afc397a

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
658f827449fc3c5da90e6caa18023032

SHA1
143f35e5c48671dfcf3ae8bf6a9e652804ca1309

SHA256
cba720d0bdf462ec62d8b97a9953a6703dd54818aa2e37efd472b4b1714f5bce

SHA512
8947dadb3cf87e4afc66565acd5e9d767b59d69c17d5ae49fcc10e96c6f29ae3993f46e1d9eacb3fdc1e83a93a69482b4d4c822451bfc49b94563e3a0c9f8db9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
b35ce80c621ec1795611c3b687d77935

SHA1
823877d118ee8e6bd753d5231fe884317c264264

SHA256
fb07acaa4e5a47e5c02cc5a5adeeac3d84b46fa75313b7ee8ff33b9320aad4c7

SHA512
deed6d5c294b00aca98c13dd640d5e545762b311240b555c8103cc56171fbe668c7cb01c3b739ac4fbde3002dce0451adb966d7105d551e3f641c0e8bf434cbc

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
29a28646ea9d2faf5508ef70257907b9

SHA1
0f87987a0290874308cc06fa431fe208767329de

SHA256
849806b5e87a1bb7fc3a5cb65ac390b8ca6befdee81649abcca39f09b78945ba

SHA512
a027ec47654d4726df8853bcc0e0d41c516b7316a8771105fd738fd8d9e7c6007a87e0243b50384f55ecbbd4906607db7c68352ea22040c5210cd01eb3f7088b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
846824ee3a163f9f9f0718d703ccd825

SHA1
3026183191fe37061ee7eb97b53cb92c59bccec7

SHA256
e898cee47a6360abbc5337bddafd4ea527f457095fa84059ab7d32074f138473

SHA512
bbceb8fc7bcd9413cbd3897982642129ea6be119a3eae50fe039bc9cfdfa34ac75e6f0e24f7a83fbae965ce950cc16638a7a06888b0adfcf540fc891d3946753

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a50115310527a4bf4f69b62919e321bd

SHA1
4d64b62f061ffdaac6c712afdf35acda32ed8794

SHA256
309c2dba08093f52ecdf58bbafb69f8f7768eb98a296ca45b51a96ed740b83c1

SHA512
cf45284f0bf150a344b1a52e25467b5d1a1dd88e8d4b4c45a198c99cce29a98e93e2a7a489bb512cfbcd5345fe8208c073fa984f2648a15e1e171687ea9f6fb3

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
610a6638b9209850b97e838774922a08

SHA1
ed3e58a4d734ce6d18367647a76177dc268a6354

SHA256
aaba726427f6e4435727446f9c9c1879b5c3edac760eb6dee931f3d9e3c21410

SHA512
587807c952f046b436b95eb9707b2ce57346862f7f8ee16a4122d2451f95acf2cd4a902597c2f29bf3b9503644a2bba2666128b426d3e55b36fd0e6584366f6d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6a5e92256df179834a9dc26e9e37a3ab

SHA1
6efdabc9d441ef1ca06c8ed6517f1bee0ec6ecc6

SHA256
3fff1a6f2dcb39e3a035318ca2cd2e362a18cfebd5046d117f354006f8eea63e

SHA512
c168a69c7166909fcdcc1ca07b4f13ced97b760021c96faf58f951b208588acdde18f9f7d38ffb690e8ecac0a03cb8d4976af3769ab1be91efcdbed461366456

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2171524090152174399tmp

Filesize
556B

MD5
aef75091af07d2a99a89f4d892de6b0f

SHA1
a0a9107da1819903bccb327f0cdbc6e9286ffb8e

SHA256
bdf037ad501be952660045f913b096df5fad278b611be6617c16eb24362c09f3

SHA512
650c0d36873086f9bb3377d1932523acc4f54766b5c628c2d5a896cd76cac136a0b6787b753c41df3e51128d160c7657d34ce90772575565f848539e4fe857b2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2977929909411410766tmp

Filesize
90B

MD5
04f646ad38002649b6eb2999382fcf87

SHA1
0e586358accd2d184b7031a48c2a368b6d98e325

SHA256
f302e8389a964bce978aecd13d205991b103be85188f5e4f166a708565b0da3b

SHA512
6e1c33c1ae6e320cd2fb4cf6ff7145c02ad6ebf8a31a593cc0eafa1e92d78c42a0267d0cd334fbd7d32cc07471d2e62d4124abeefec748b621695ec253593446

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
b75522e2b81c7ed0360b48e7507fd188

SHA1
3a380b7c6f5c49c85b903aac33300b3dbb02dc22

SHA256
1f74e442743ef35578bdd385046845c3f0a811379c92c31c5af5bc506bea3ab2

SHA512
373a68f20ad51441d5179399c4505186c0444fe9d9adcc1e0bcd6b73c84b86cdf668c5068cbeff1ae2cd85caae6e94a04b76b33be7cdfdabf17b919cfc80be9c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads