92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
29/01/2025, 02:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4252

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
9812c480abac801cc89aadccab18b6b6

SHA1
8bba775da1eef627db9b3d52e489bbf4f27c359d

SHA256
2a663c37f9cf0dcfb55eeb706458e8fc520e9f8e2eef2722528897c8ce5b29f8

SHA512
9d6e2e635851d97be0db83197a1b2ffbf6b0b262535492c1753620f508bb3e9ff395ccaddadeae47c60b0e9c225c4a217b63f9ee7e8a160c9cf87b91c2734f5d

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
0c29ed5b6a7e9971edffa6421c724f92

SHA1
f90144b7d543186a248f2be14ff23ea9738d11e9

SHA256
0fef4503e00af3bc88e5118eb290ad2e16c9fa0fe9138dfdcdc55de489c223c8

SHA512
0f2c56c44c62595a86d17f41339c75bb495d1d695e374c70b3b8a72a4f63188fa46ce72a8f285482ef7928b229d7b1125b23d10b6130f6665d2da9384fab7f2f

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
85bef543050af06ceff1091aafbaafff

SHA1
361cade1cc9669b2c65962f77f8aa0bf3c4333ec

SHA256
1ba47d6db2f925bea32a20d24e7bc5740df6adfd2e4e28a47d6be4f54cd7fb26

SHA512
a669f01ec87894569b5e08959b9e93f4f805823e30c6e2483aaeca15032e1fa7549411b4c964947133341b0f2dc14ac1996ce0c952168af16ce9a65aef6c334f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
32ed7cee0ce443053244625ba2240a8a

SHA1
ee1e096260b8d11f9adfb60f048c6d4bc4a19709

SHA256
fcb2066b03822d17df0be2ef1a97735d21bfb9585a53d5d3bbd947013ffa93e1

SHA512
de479725aea033b920efec14eabe34fd0e148ccfbcf262a7a9c567483ab816f4373728bd525436cbe0ee96fc00b35f99e8afaac306a080045b4681d14b2fd1f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dad5a1664b75df3b1899a8036fd4c894

SHA1
8a1cb862a1e9dff6a22b5af74e8aeacd807ca1b7

SHA256
00db73b72dd4e93f4151cd9f1d38e30f800e8aad6abc5da7882b57afa4dddae7

SHA512
43304bd6078b7649d04e5b80da99d0db4652d3feda6e0e44e5983dbc0eefa7cccb5e1f7758d9bc49b7539230ac2ebf91b9fa80cb32d27e52574e2c4910c39f04

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e8f89e9d8aa5c2c27fc70c03340b1ae8

SHA1
13b251d7ad9f3e28e32243e1e0f6a626c9ac058f

SHA256
0483b41ff36d7236c14df16ea585e26523d202e0c8527468742ed06f6b6c3069

SHA512
0e85adc95a03f6c28abb5d14c3846ba45ec5cd6471f3c982da783300071660cd1f05bbcbda1c4a3a22261cf739ab376621d7e96c56fb3b5b54399306ad4207ab

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
14aeba62fccc5d3b37ab714a061847db

SHA1
fc87ccba2cdcb3cc0a237057d43324594952c6ea

SHA256
494af50650f9a7e496955b6e728d37ea18776ae247af7c1afa361580817be4d2

SHA512
efeaea398a469f94df91bdc879793d20ff15c627bd4d259b14f8643c92aa05958601cf71f3b0d1c55d473e82728d78824352cf042825c64a214051d538dda3b5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3c9b9b20a5c60cb8fdf61adb458f5197

SHA1
b5c241dd9ad5169a85337d3725d0637fcd279575

SHA256
d428552bae01d3e4b3f22198c4698fde85584036507c54b889ab391020efa41f

SHA512
56ce6c130bc2f6e54905a317b7b0a9fd5e03e7a3627de500f5a721c2b5f3dd57774c006934c9c946b22a614819bd4a29883da8e6e97ff992e0c2e3b03ab1dbf9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5a697bd5f31cf6150cc3462dfad116da

SHA1
76f4c409e75fbb1ad105bd6d947d8e380d0320f0

SHA256
8281a0e9200fa0c4088b8d07b8bed15a6ff3d9a8c86dc31c8cb124aeda7b8216

SHA512
08402200abb583e6dd911c8fb5b89b94b9006670bd3e0c5f3a13cf8d1f3ad619a4749adfcd2056c3c6b20a4ce9901e6a5a22ae34aa38619c4c58d19fb4bb0878

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
36d37df673f305d40327b2f43385225e

SHA1
4293885f3c115eee3e595a86fe9f99e4247fef69

SHA256
2185e0eae929901922956289bedaee4b11049043279ceed55173e9514fce8f23

SHA512
9af80cf7bce11216be3ce5098d8177de06916044751f83ee4c187c30e43f31b69e7a060033b4b1ba21ff5cfbe4b145ac0e3993f09692f3deed454b86173f2637

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5a8e1a8423921a8d379c7048f72eb16f

SHA1
66fbca41f05179153c17355798314241b248aba0

SHA256
dc8d8537044d3176abadb889030bf065332ac243d52f7ae44a160e3ee351c309

SHA512
5303035866cbc37230189a7ffc6909ebdfae0f356fd3ea1653ba1efe06f0862b9910985ad6128f9e10519f311e5f0b3a7c83a55d186604a424ae96b3ab4f5131

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bfdd1471a449523eb7874206b318d551

SHA1
aba0b3f330d6bb46c5c73968fcd651949944c566

SHA256
fa7546b12b6ebb94f8a4e08e0d81fab8ffd557146893572e5e3f9780edb91492

SHA512
12e429a3fc34da9ae589ee89f6260a6698531a0eafd0f30c4de0b25bd002d8a44091dd28ee3f1c2fe8e99e956b0a93564e9443954717bf65c42f59ce20e67bcb

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
32637c11bf06e03716847866e6c18d6c

SHA1
217dfc0fa25bad9f967a808d8d448f46b95d9715

SHA256
853f381ff6d0e68b6ea7b77a1aac3ebdf620a37b3b97fa3728684db4b769d2e7

SHA512
1f16ae752cb0caf39e7e7deb9c0b0f93f44d2f80876ee4a9530b74d6d09d1e6f94d4580d3a096a626ab3852a9619b1be13be121b86cb1e5118bec925070c0c21

Download Submit
/data/data/com.systemservice/files/PersistedInstallation3862550328149125665tmp

Filesize
557B

MD5
7630b49c8ca86c0bc6876dae8c3e08c4

SHA1
ada09743fa42c0ed2f74c24d4989810b87ef98c2

SHA256
07bc64c17f39246b26374c1ac70493ab2cbaf04a903c11c1ff94fbb161bb379d

SHA512
e7cc16696311ec049f2a32797eda5f25ce3ff8fbc17b991e5b26f3e637fb49369bfb406966a91962ad5d8bd27a79423558ef08088895a692440fd63710ea6779

Download Submit
/data/data/com.systemservice/files/PersistedInstallation5264568737925124309tmp

Filesize
90B

MD5
dc133ba103d43129ebe6aa14d2a20177

SHA1
abc79bc39bbcaab8e6521447491b37058c459f20

SHA256
67d02d0952ccbb8895d842aab10fce7b45e5734c5c0c5fa2099b8a8b5c9eab4c

SHA512
b0bf2376db120c0d0e91def5b2f43eadef3b7908a823e58c8f76c58cb8cd7281899d77d5deba9467eda6b8899f750fc1b61ebb88d3656b06f3158cd24f0e1f90

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
e60945324337ad2a7479e75e61dbffd4

SHA1
bbfca34da2219e5b4642c9551cf39a288429c504

SHA256
e0b7ce7468cf48cc6d704e26b574083b5293be0b3b0656bef7f7cf3b95051ab6

SHA512
f64bed524601e3666d89e4c85e7f46561ec15ec2ad6a70826f7482aabde5b44f25e61139f36019350b30e2dd9e5fcc58ab2415991344afd190c2c6fd957002e7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads