92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
06-02-2025 02:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4255

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
718e9e68353f016eb7971d2a3e40774e

SHA1
05c3ce911e4bb415c36d506533fe23465d1349fd

SHA256
121fafb25e4aaf87619da292d7a371a8d26591d4138c9af12b97f8a87f95348b

SHA512
d90e912c1622f717538b25fe1915434d9508fed8108e1887cd796d305bf607e2095ba7582b79a0bba731b13e9802dc3191a9e17761e4e28884c1637819af037f

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
26cea50a8654d7104ea8ff5cdeb32adc

SHA1
2a6045c19ca61ad8da382313a6984a8694aaf0c3

SHA256
e09643b15d688a3f2a6edbb45c111a131b96d8478691e5148642d939d5a0f041

SHA512
947fc9e6de6f85369721bd1e545d403b3940c1bf069691e4d9e751641b0a1834c82afa4564cb3226e8868587795e2487bba1f1b942fb58d7abe8678188f6df3e

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d386e54d42b99897fc94625e3c02c6f6

SHA1
63aabb4d8cff38e572e522711f1e8d454b2c4a71

SHA256
ef3665b4e392443386ce7f65350dde964695488d865afa7712c0f46b1cea578e

SHA512
8e56b5f1249ed5a44a9bf6cb7fa07e049f502f7f08dfe471a26ad20ed5baf981af12ccbfbdaf2074aee8e4fc73f54bad844a4c6fe7ae9f52d6ca8a56565d8100

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bf6b338239e7c019926a24ce33407d95

SHA1
dc7d082f889065603ef6b044ffc949af0ce8e13a

SHA256
4e2a3975f26dffd4e4d6dec0950a56ac04be0a1a8a0db853dc7ff749f80bf70f

SHA512
339850c743e703f27368758c068623a6c553a628081c6d443274fe3a177ad6c1e502f40fa1b4a73316eb515cbbe7e49b1bfadd308899f3bdfce28e325c153640

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8c9d9785a2f3b3cd757499db98c6d3f9

SHA1
e2158057a7b9bc87d2cfc4545774cd0725850a8b

SHA256
33fed5e57bf3049c59d520c2ab5febc7a1934aa2f7fad4f82220088441fa0342

SHA512
7d1fb8dc6088d0b208b993eff8d12d06d5d9fce3e19ee4a63996b4d353784504624f1617f668b8c0a6fdc276fe3ae6145a82ed55ebbb48fc1edd5b64fb39b97f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d5792763008fb719b2b11f0f05f45ef0

SHA1
216aa1444ed0785fb84caa64e9f1a022755a0f9f

SHA256
d53af299161b259e2c0faaddc62ab9d47256eb9442fda7b3609fcb2dec575da7

SHA512
70528a0de72023087f1fd157f8e41c9fc60878d241a801c58490690ad4e11aee30e4e7a0c1050ced848374ce22c1438251fb29cdde5f5e958ab9212a332772ec

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
98805e51f6cc58b9a0d5f673f6e74852

SHA1
19b924f7744f9680956fc7d0e4362326466ce4f6

SHA256
713c01aa3dfc694f8508a7dd615668645473de4b5168c780324f3b56041de2af

SHA512
aec6d4c7980df30429306e855cff695572c8b817906b5a0746179ed2856ae3013e1f2848b4743808a34d7a70d9dd8ef50e7299851347c6dda990334cfc7c49af

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
3d9e7069ac725d38ff4e56a0e65cb5b8

SHA1
6775777934e048a66b20c2305dbb9927dc94b686

SHA256
9e4e940298760d675e069b8c69d126375b7f20f30fb67a940b66961c4b55b65b

SHA512
97dcc4a733c3e08b62c9210b98e5bf9dcc526c07ea2bd4ed8c11150fd76935ef1bf4740abd0cee03a2d20283beb4992a42842976c7166c72630a5f2a537076f4

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fcfcec4b7fe3ccd20e21fadc1a76735c

SHA1
d3ae08d72bba3f0bb2a0c5a04b5d3f3326d3d2e9

SHA256
43cbccd886fdbf98fb9199332208a0feff54463a134d4d05bd61bd3be39cf94c

SHA512
6f1a54e736395870912894ea9ccf27e2854996ede0438f782a2f0bd6fd7a808590c88fa94cf59b99d950d99d5e80ffc737666c73e071bfcbdb4b798ae42e0262

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
591eb7c0ceeae2dcc765f92e85ae3e4d

SHA1
c5e391bb108c8b8180c91b0208ecd3f99cf9b288

SHA256
624f7c7f94568d1d6d4ac82057b736f724ffdf3ad8f3ea634dfb8a712d76b0e2

SHA512
1066e34bed1c861afa0d49893e9a1876f355ed902b30892df9e716ba0b69023f99d235aa1b50ee8b12117904f32fb3d758972f2802ed8a0a89b564ac26cef99b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
24ee73ebd339e2ffee4dcd265e391e46

SHA1
b3a094308b19aab6c66ae3c9efb17671bff3d8a9

SHA256
3fd2d8603657aec2cd938215f33b7a8ccea28d9edc6cf787c4856136d25d0531

SHA512
0103d1bc1bd8867c877ea2ca4ca835ac22043e50c769ddd0fef3c027df04fcfbf7e7957a1b51ba33eba9b1ea5499042c8cfc6b16227934f51ae2095f37e1dff0

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e7e1a08e6d4b85681ef98601f1feea6c

SHA1
d0f4a43cc64618dbc82394f44192f083f16e197e

SHA256
793b176de8aac7ef610a16479ddbb701726efc7e2db0e18b7d74c0823b87431a

SHA512
3ea5b893d8ef6bb7fa67008586faf347f52fa0229f5508c523c00713e773b0ccb4180ae6f707c57cb827c39a703812814696d15b1ac2150467f845d7623a1a96

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
cce4016029f8a1b1102bf655c613ac72

SHA1
9252affabeb885aa0d853393f36f142ca93f6bb4

SHA256
a62376ac5bb9f04dbceb8562d7f9e5f6878ae46b2bf54b6439293f6224c06a61

SHA512
3839425ccc73e77b786cd980a1b4ba34d73ddcecfba36390bcd1a8c57a70e8a8d261eb8500cd9acecd015f53e81312b65ea9d7a8beccd2b7194d940a75078cb2

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8471471884344650423tmp

Filesize
90B

MD5
4527c67c24375457cbda95810363b03f

SHA1
e4f467b3b26a77a0e566dc33c57288e11cdb81dc

SHA256
8c6116324e90ef60a8b3d73aca95951f33ae39f4535f4efb0adef4a4c8735ee3

SHA512
d8711393960fc8b640881a176a81a887c6f16fea2bab9da548f942c4d3dea48bac29aaa81461df7ca6141d880d13770ea112e2eb419a150731fb3c9215361814

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8576651505757483826tmp

Filesize
553B

MD5
f4c61c456d8b6e04bf45372dc2821a72

SHA1
746183cfbed906ba09a0752a94fc2bc5f502a84f

SHA256
e1cd1a75a79307298b4d34eb50440d367906e24154c93e4c474e03007f61aa98

SHA512
f5d559798284bf2e5e4de834e562c750ead66377500277d063b5636b0c652ef31702738b4b468a931055dc9a269ede9d8aaa9b827791872ff640eafdd75148f0

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
70427934924a52ff0736f761c528fcad

SHA1
6bed3ac16bab794d4cf353b42e739d8cca2854f4

SHA256
e48c923422fa9ca72c7c7b7afd01fb05cbb8091d07b5667f633d60af511dd5ad

SHA512
93512a86572ac85787f70a829e86b3a141e73f8ecda102b7d74d9a2ca8c3f8e48787ccaa8cdbf280a17813c38b3667b16249c50ef3457f66987ac6bb9db17fc0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads