Overview

overview

10

Static

static

10

99f467c30f...e5.apk

android-9-x86

7

99f467c30f...e5.apk

android-10-x64

7

99f467c30f...e5.apk

android-11-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    08-02-2025 02:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99f467c30f21644ce9d7e060330cafdf082c9798dc151226271309071c83c6e5.apk

  • Size

    775KB

  • MD5

    8d2b88688ed3d7950ccff78679fe1be6

  • SHA1

    afa616d624875bf2c0bc966b0afdaf52d3b3409d

  • SHA256

    99f467c30f21644ce9d7e060330cafdf082c9798dc151226271309071c83c6e5

  • SHA512

    b8b5a369a26676a3ec601cf078962aa31470f5083ae90fed190a954208ba969eca0a6b41dea2eb9b5debc75a7515335e1b34e06b820ff2ff8627b7e3b251e400

  • SSDEEP

    12288:U4XuJ6sgRwLzODskNNYOX5WmpYshXZPbGwidNpgX2:UnJ6sbLzODpNaOX5WmD9idNpN

Score
7/10
bankerdefense_evasiondiscoverypersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • cmf0.c3b5bm90zq.patch
    1⤵
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4312

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads