92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
05/02/2025, 02:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4317

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
6f4921cb287519b2f4d9b1783ef229cb

SHA1
9a5b25e1f7a711bae77ebb2032f9b8e4894d5bd6

SHA256
f67dd3bb5288aac79bf8eb86f69772500e06df0c303b12057f62841b62fcf953

SHA512
5f0c22152ef9a820466624557b272202743bf5456e0fe3a1082af20b16ea6356b05d9d83412b02000190228af56dfa2f748ea86207990c18486eb75e0545e17d

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
1a8aef1c0d18e13321a7f33979c2053e

SHA1
335bca1bdcd75f96f7ab83421e68e76cd36c40ce

SHA256
a51b651c18549d302483be67ee8a85044fa86d4df98c1673fd23512a4617b656

SHA512
b6f16d9bb29d8a44caf9d5e83e7f088b9e5781fdbabf5eb0b085f1cf03a6d5282297f692767e9150752493012913e5ac682961703c7d7c36a0e5f8e3290141d2

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b379214be4aeab870afc913446f15fa4

SHA1
550c6d94fcdfedeae25dbbfcb5526a8f37bbc7f6

SHA256
095c08fbd532384209f35096b52be2a682e6ec44c83bcf4122182ff03fbd9517

SHA512
08c44bca507dc89463f94cda9a758f72ba0f4287f6708b004c02a42811d8a4989f583b1eec894778a05195fb74bb9a95a034edbd17c2682b42b5b0b670222c9c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5ef2bde3409d4623a02a7be957e60d3a

SHA1
8474014a22be1aa53d08cd85dfd327985cc171e1

SHA256
0036a929cb40d7cd831cbc53e896e2305258845749c9334eda4536b89aa943f2

SHA512
78ffece52c35623beedf75c3404856cfaefd07e47d33a631a9581ce918b5eb293155c94e48e82e1dc545677107b2ce8c4920650bc3a3b3623b19a9f2ef548234

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1ce7fd0782f07800ff63285a69571b78

SHA1
2d1e11d2c57013dc4b9718f2dada7fd21aec092c

SHA256
59ecbfd686100a94030ac374efbbaa970ce7c32e64bf92b476761025498b5141

SHA512
18d9012085294477efe69e79bc53f189b080d305f48e0839bdbaa658c7ac4c8429bab932286051335d29ef9f24776f7085244783f16ddefa82357fa6829971b9

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a4f6e5fa8a8cfb3b5253c9aea43061c8

SHA1
2428b8bd7940c458abf444eb2204f82952cc6aea

SHA256
04109a3e8042745ddcbe98d125ebd2ddc72d7e44352ebe5150a059378589d540

SHA512
4c466fb0a852a21194c9e9dab13863a77823ebcd17382c5d05cfffacae92743e91dce6ecf783bf82335c38d13ce4b2ee5417345abc1a6ae38a2669bc6a00e420

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
902aaf1be761c1abcc68ff0474306a6f

SHA1
a0ca475f33f822be683ed3e8d7131992116ed02e

SHA256
795ac9fcd9687da7567efcea3aa6a9ac82e51ac31a4af4367417b93599ad42f2

SHA512
f10a944b25699f4f597be9f6e57719dca36998f2aaea6f05d78d8985a5315cd613c57f2284d3884844724a1ce7a397c3939b0b0b9ec30f630c2ec2c0af9ae254

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
c03402df2c06b908ac46014622151fd2

SHA1
04a405230faaed802e8074d51b2e49553d3079b0

SHA256
7e5f28d1b26febca823efc738aa1c867a73b407b97ce1d64970e9504e1b77a97

SHA512
4a0786c409f6a15894bbb4c96ede28ae66b27dd59d80e9f344c60ea853c625c33baa858a9621a87b9f6cc8aa8c107a629524d33c13b349ee2111bf82379a2fa1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4a19795dd8d5bcf3bd5884cc74f619d3

SHA1
9485a0b4a648469a9b8bcdf065eeb90944d463aa

SHA256
fd184907811711a2303c605898e91c6cd92ec7c91da08b3144f6820009efbfd8

SHA512
64c197c66ce001d41db25b4689e3658ed2d8445620c64ee7593c39faac724254b86ec87407ab28286bde384d9cb1365c331af794fedb19fe96f592af63bebbf2

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5f007e98efc95a7951667d8e4748ecbd

SHA1
97c657ff5043e92f67f5aa0a24192e0ca5e04704

SHA256
870f4312fb00acaa43776588e492fe37e19ea593b507c0ded7ec063d45003efb

SHA512
8e30b8686d07a5066ce5a2aa38c5c87d5e4017ebaac924ea632fd384334e05a49261b9f6155ef8987d9e6f6fed6b7ca6228ef504fc367a32d3b9519561d39097

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
da4b3a1b8d951c8cbb6533a59590802c

SHA1
d13485adabb41df7306ba35d52c6afc561a68708

SHA256
ee38e4ad29a97288fcd63787e172da8169fb5626eb90ee0ba9a98ee37f68c207

SHA512
ccc3fb433811b156de4b13354cfe876b890f6ad57bc91fb3b2e9a22acd9e9fd148e53ff679ab004097ee102e36f1588ff0d5190476e971c3f0eb63cdee152cde

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7b388c3b47fcd8d84bf5d46410b614a2

SHA1
2ab84cb53572b56454ef3cf2a065f7f85e4fd2bc

SHA256
b979d392dbce1d36f0f6072f102bb1353dc8ce86bf254ad2eda4012943a92fe5

SHA512
d2dcdff9a150619d1ada6a477f95d882b162219f2923c638c392ff3123971b3e3e92729d1d6d02f9262da878a5413b5d514ea41fea6ebbeb722e348453e3b2e1

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6a8ec57c346633848429ab3743460240

SHA1
20d9c18bf3f9784a1bc56ab8d5e028c0352df2c7

SHA256
838671c3f365034a29a5bde08b6ad2472e6aa56bced32b62cb390a94c93756c4

SHA512
e5d2ea20483f949c14485f7e3874f6b18d92939bbf2d02786c0cfa60ff539d041e97a5c92ea8320edebbe97b43272d1bb4b6992d732866fc326dbc9cd24fa1f9

Download Submit
/data/data/com.systemservice/files/PersistedInstallation2671458989621029059tmp

Filesize
90B

MD5
914e1109ecd4cf97b7f84390bf7e79dc

SHA1
6d05cdfb8bde53af03ae9fdd5743c2dd4b704c0f

SHA256
0fcadf057ac5e9afbcae0c1cba1589bb89330e574bd20ba198cfd76d2631e913

SHA512
4644b91459a07f08089b56e0f6a03a58d1f22802b717393ab30baedd7914ce052de26521bcd3462f434ccc5d210c9ae1193fd45ef960a43a9fd68558249d9824

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4735057129311584685tmp

Filesize
555B

MD5
a6f458c97e71adbaf0f88b8e0b6be444

SHA1
ea31e76952723d242df1a293276a8888675766ca

SHA256
c4367107390c834fcc8b83644b5bb2fd5a0da2e7e3baba26c6eaca1f3d619e89

SHA512
bad5f1f93e1e2d634a57f2a87027963ca41bb9838429f865356cbae24200a6906ec2c0ef080a2757b61db55703f6223240a6d7ae409ab9f28d252e2485aade61

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
83a64784c90d6a65ecd32af3b866e399

SHA1
50d0468cd367f940e59b862e024035c07924d9b9

SHA256
2908f4d2f0f1c6529813400f4fb030fc79bb07f3633448d3604a3cd81351282c

SHA512
40c40e1d46116db37e7fd543b223852d3162217b25c1bab32d83abec6b6fa9868ed410266f4749bd2a105a61a66e36c82332d0c094ec4dae5d358f38fb9e0fb2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads