92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
02-02-2025 02:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4314

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
4fd578b3572acd4bd3caa1bc106d7bb7

SHA1
be048dd82ab536b3f6dfc13565941a7a864387c4

SHA256
3f67e64d0c66876bec673c09c18b5bd56ce5add5437135e152f1c490c80d7676

SHA512
b4d48d5b07cefdf12b099ef2a3e037fd74ed439989ed37963b39de81b2dbaf45837ff1ceec3a55d3490d103166704b806ce63c894ef59631115987ce6ed0901b

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
e71db629a08fa089194332818be97fb1

SHA1
d774d94f34a812204a08a384d9153458896179d3

SHA256
705574d48423eff6ab1bde217266279b4143f7db86879da96b5fe50d7407e8e5

SHA512
e07fc7df54bd39ecc5626d5b5254d9a4b5b6702b79c8ebb6b52a655ab21d6af43335193f6cf9795a27071317383aeca94bbcbff80f8a4735243d4768dbff280e

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bab8ec586478dc5a3c0a61d2259e4784

SHA1
f6424e77999a0d64f311fe76b6dbd60bfcc306d0

SHA256
804876a39527ab469c3e56551a97d50581cd6a1cd1790b836dd5a5535fad98d2

SHA512
abf8014b4fcf5304e1d5fb32022352caf2f69a8dfaded5b9373820b6ed84559ae50550919806e02353e767d7419f8dce93a43c97a22578f5f32c37278f1ead37

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8c9e05fe3cb67bfb2b5705952c062135

SHA1
43154fbb77d01e6999857197f36cf5e45dbb4ea6

SHA256
60dcc4a452b5c64113cd30bb862d594aa34a27dd194d95328055f1d26edd54f3

SHA512
fdfdcef09330436ebb637b5a5226ff817c227f00743c72333adbb2e8e5fe198a21fa9eaceb30679da6cfcc264732d85c0733326a682e1b657c8823d2b07fa1ab

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2a9faa4a5c894d8c84f94c1f302d5f39

SHA1
1bf3367019189e19ab959227ac9c0bae11a31822

SHA256
559646bf0f3eb4d8592f6a9e3962dd3c5bb2418bad0879150c035b9085326baf

SHA512
577fa0850f1fe7b136ab7e48beffd7a55530b66740bed6cddd0dace24fbdae1ef4bbf2f41621996983d2990247c0a2348b456a7fc20e5a9f40e93d2817ae7817

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f6f3c62b3d7b47e66091ac881dd925c9

SHA1
eddfff177a12e03a10dc0d65cb8506090e07a6bc

SHA256
92e3a1e220bca869113a568b65a1321fbeca729fd2bd22eb69367447bce530a5

SHA512
28040d4369d882fcf4978b19b197040cbf30021a7b8e4d7d45835ced4e90f30e8f9dee6366b5dfb87f104b196bb4df16701ed937b4c43282a104c2c36ac5afce

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
7b1b991a5fefe0b62281ee69adf3bdd7

SHA1
9af83bb9bdb55e1c3fce14e1a20e34a16a78eab8

SHA256
905a61d993aa29cbc452d7f88aebc33e8b5d843ca18ff8f6c7744f8ebd07a16e

SHA512
15eb0e978d6383ecf80db3cfcedba123c0b867b4209d9615c27d532818c9a6daa54d6aba4251152c7550004c88d4ce11d79bbfa15d9f95b0ab1f639e955f3e6d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
475be577f89808a36840bd33646969df

SHA1
9c6c0c0399b1a663320c3c942b9b0f4eccfaf466

SHA256
ebc4ed939c54757aedf8685dc94b3a10c3728e146f01ba04c1993df63ac984da

SHA512
d421f3463ad7ae5903d93165acd9fdfa4a337254434fe0216d48eaef0c97427194f5a5076e99042836d0398cf96b3689677cf37980e995696ac423339e4a171b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bd02b817382f331c6a8777d1aa93ef2e

SHA1
56674fd4942f4eb261f2c4025a4135ec36e8976d

SHA256
0acb9be2305aed5541c3343d687e7bbb9e2178726386f6fb47943209805eaeae

SHA512
9dff024c9bb2dcdddae2e1c3463907382e60434409b9a95146180da622dab6855c3ea91daa824528335340740ea537cbb63fd3e398fd1145b080fd7dac530994

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8983035c54f18e25d31bab8860f7b9c1

SHA1
187728a71ef9a448354fe81c76ab6372462bd974

SHA256
9a4e9694252311ce88e7dde7983e4257779a404d29c6c3e4ef6bb05f1fd6c23d

SHA512
c496620d865c36e55aa62cc06207fed01db4af7ba7cd58dc0334cf3fc5a13b2d3765296c116903d5ac8387d1ca53cbe2fe3b69051e43547c338846523dd15c4c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ccfbc04e6ac0f25b99aa7dde0e7be586

SHA1
f4d3235b183ee05b5ae26b1a1b00aaed0fe03686

SHA256
14f9070b4c73b77ad20bb0db12ac0bf60573f85fcb7ecc80f790246a85606ba9

SHA512
27501607352bee874bbe0ec7b830ffc9a1a91f0f299e5bc92860197487ccd7c8c2a88c3477d823596ba27798dddd2448f70532f5a5f51c086b6840b6502b09d1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d60c721f58cabdf5538454b709fe1407

SHA1
1df77a68d998e42b972d002684249970d13387a7

SHA256
f9cabca0a6aceb3c957b47541425f8196f05d8e4959534d7b8a0e7c3aebf6d7e

SHA512
d3a33d356455101026c502ab53f9747130206743d3eacab25b889990832e6b4bad274cecec1cf89e1b3d171c656623254a2acd29957b90d5502af553e49a9121

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
31f87c530ce74b4c2a8dd82a8a64d9d4

SHA1
8aaa32f26e1d635ba91d5a64b05e4edb16e197b0

SHA256
fba0ca77b5f80c136d9466bc16af058cbdf1bdd19d65ca3ec440e69d88678e44

SHA512
933b3f8d201cf2674c837791a005a9a3c43a904196b07c68c54b4d0f0833c89e261e8e452d3c7b21ce78ce06cb549b7e0a8380d7bc92f4ebf8269e86bcef7f6e

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2824155626279761200tmp

Filesize
556B

MD5
ad48a2715dc60fa9a4da8d85e46c6fcb

SHA1
9a4cdc2574fa442a18aaf7c0245d98112c0df677

SHA256
7b1c6684544590822ac52feea9c6a15401bdba4eeedd498909b670ddb24de20a

SHA512
969f9cc0a6c529c21645352e198f4d9ce8bec9969919c656554f4456ff958a630782b155917c3d7922215135db9ac1ba1996f5a9ec61ac6bcc0a941d00f57bf3

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8413334886943511037tmp

Filesize
90B

MD5
e6e489b69c3768e11f0324dab656593b

SHA1
26945b6117e82ead778d9165b2bef68f832f0181

SHA256
3d76d66f2680f0533f738ade4991544a6f8837aca2ab68d1ae1cc0c76da260bc

SHA512
a7b396e122333262a103bc133f878135bc14a7c75e805c10ab5c58da81f1d144f9d1f6e3020c60a6880a81634a595d8f2f046cc65d71e118848c681ea016e63a

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
4KB

MD5
0d63d18bed046d2cc9d60fb687ae74c2

SHA1
804d7d81915b27904a6f2984b11b2d5084d1ea5b

SHA256
aa4e846975ffb02344f7422219ef555622076d23118583544728a33f951a553b

SHA512
52a09c5b71c29cda3ab205a84633d18cf031666d6c00bdab32393ecb00540bc210d45d1e4a79f298857194f7edb671a573109f1f1ab46f0171106ef48b268fe8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads