e319b82b8adc415ef334e6c679c1bd717bfabf45ec161f1f661231caae3700aa

Analysis

max time kernel
148s
max time network
151s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
04/02/2025, 22:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e319b82b8adc415ef334e6c679c1bd717bfabf45ec161f1f661231caae3700aa.apk
Size

760KB
MD5

0a6ac103e177256a53682ba02bdba735
SHA1

8e7a35dc4a657ca27d503c001cf606fdee0ef15f
SHA256

e319b82b8adc415ef334e6c679c1bd717bfabf45ec161f1f661231caae3700aa
SHA512

bd54bcd2f465c1c1a1a829c4a2affc8f8ec8d730cbda98a0d6eb5de34765a3ccceecaf564f26eabbba0b0bb333942f744f81c30583a49c4fe23771a6f91a2e19
SSDEEP

12288:FimpZMJ6sgR8LzLjbDHA4e5WmpYshXZPbGwidNpgGy:FiHJ6s1LzLbHA4e5WmD9idNpS

Score

7^/10

banker defense_evasion discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	cmf0.c3b5bm90zq.patch

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	cmf0.c3b5bm90zq.patch

cmf0.c3b5bm90zq.patch
1⤵
- Makes use of the framework's foreground persistence service
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4949

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/systeminformation.android.app/config04-02-2025.log

Filesize
63B

MD5
5d7b23bc389f620909498f156c7e9fcf

SHA1
89604c828b49cb63b2b338c2c421355c85982e6f

SHA256
3e91feb3543b19744160827bb7d10473943d326800996ba96459e8e96c1e9bc2

SHA512
66f0bfcc493aeb916b2bd7b89d4a22d60382bbe585c1672f7f3a8340eb01bf9b3d3bb8e789cbba6dcfc66f1e55975c651d967d05afead67b4489ea68bce239a6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads