92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
132s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21/02/2025, 02:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4264

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
2a7824b7f3f71eba135eb94a78a60135

SHA1
79c36edfad01c749850f3f8e5159ecd64d8e3a04

SHA256
7900181a36cbba4ad57c54f9decfae2580164814be2dc30ab2dd68bba5314df5

SHA512
7016d3fcd5819492703a6841abcc8f73fd3448a4da130cc922f8fa166f1ae3b9cc73e1d2d73b73e2e1411f3d2d299e68c225dbd3fa222b3054f3ae7ff114e701

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
ecb163a2048be535114f4355df8cdeee

SHA1
ec4224aa97b0e939c59e6209633e8f7e904bb511

SHA256
a8b9a63c536cdb174a9db2fe662c222f6e08e5b6b51bdd95e759288960cea83b

SHA512
f575d3eb3fcce941ad5fe92d72109673301164fbc1a5dad5794f3144e8f6e94c622316524313664edf2fb7cfd44f17c2729cb978ff33ab7cdb493044d8b7cdd0

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9bad77ce23aca98a4200ba658ad88c3a

SHA1
74790fea3cea9582221527f7763b575afb8deab7

SHA256
e66927c7c2f23375b9bc568d3c680ee0faad8a381b5b2e5d18523de79d51a957

SHA512
5486cb98f6693306c1ee3a5d93e246d2e4e24e324d8bb49051136fc6f5f07cd820fcd341ab8fbf4dbb08d82c2d691e010f341fcd45f745a69aafd730ade04205

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c43dfa2b26751474794b5a57ddb757a0

SHA1
f1beb4803f12a2a8a8b06dadc9699ca7d3664f7a

SHA256
99b127a26ba4303dd2fc917db2a2b8c034d6171de0954c047d1ff4e4e0e09664

SHA512
42565cfe122860647d5419eb753d9228daa4c910f79481caef39fcf084b9bbe2b55fd98bc918bdcda357ea4a2adc7e9e7b094439f3c8d37d4cecebdadb0bbaac

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d660cbb595036c9fd14c0b4d7ce5814e

SHA1
058618ab761bc6b80dc4a7bd813247134885b33d

SHA256
2266cc7ee587e99595ad47ea65ecd9175645e275bbd0fce1e4e81f357d0a1062

SHA512
6f9b8c9fbab196d2e3a111076c55f80fe8dff691626dd8fcec39d2cb2ebb337bf3009027b2aa9c239f097c379157a137d28fc5397c853937559ec4b9c31291c7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f8857e94040ff9494d500542006d6232

SHA1
64c65010f80231471df4ccd58acd35f0825bf109

SHA256
6921e2ee45569fefcaa4e44a1057642b20b77c5bc7b45ac5258134e64ad347b8

SHA512
1dc349877c5545cd2d099660c69b94bb416bf0dec2bc9558c07f17d6a0e813192fd1fbf919da13b871112caf5cf9ea94852962a68ff28f998a77c31731339a48

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
026c18df1768e2a72858dba8d190905c

SHA1
5b09ed461833693946fa689fb9c9a8c4415551ec

SHA256
8e773fffef1280e56d671d226de624838a39327bdf0056714d4daa2909945cb1

SHA512
babb68d9adab80950609c7651b3dfcabf7034d67526d8ccc213c6b230ce3679922b3c8351c27a92a1bbc5b9fade70447198ee018202ea7fd88075c6f892a2c96

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
f50bf63de73910b33eb904dd9a400e69

SHA1
885846cac72093489a3757c171a7cc21450f004c

SHA256
3c3aabaaa539524e337307c31fb26add7605ddece66bbf9f6bf3da898213d252

SHA512
9c5c7775da482501ed750973ed1a76e588862524a4cc7532be16eef90c95ef7ae2c04d8268cece077d516952a78e7f0316058d91181cd9d862c258aee7520923

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
513698e0c74f8186a2537a7146d1f842

SHA1
9e0c179b829b7502cb0e237bcae7ab0c9a8be9b3

SHA256
c40d4722f2a569f5e894747b0cc604206812909c03a22e9f1509fbd5904b9ea9

SHA512
a69bff8fc9ec56ca07580a4a8a0eb769f6c6393c45b46c518eeadf4129b206cf5c936c2dd5a7412f2853774aa2363aa568dc887db8f09785f751dcab33151f17

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b5516a1bf21f6bc97c6d0c41edd037bf

SHA1
0360f5bd4952ffadef252aef76eb3e4594da0926

SHA256
46839acece2b8cd7a50aee917338d840734dffe77c8a8b3ed453e241b259b60b

SHA512
b71f75e740ea2350f190837b01bed985f52973d6d69829e1682b72fba3bee71f25f11918cef62c25f911b4cc26b7af917b88cc17df18a7f2e0f0563e1951baa5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
1f862bf3a960cf1a56261a7ea42b1933

SHA1
789f15d612738e8685b4331242f9f6a62ff06684

SHA256
52c41c3a559e5e5a902d328227c9230647318686095418f61c702d30491531ae

SHA512
49031093a63a9ff984606d7f6de86bf8d9f1025ba626cf1828e7708d5dd9e60515120b5be1cbc83380d7eb627f05b99d4c478e515b92686d06994578368e529e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
51dc8d9ef5fd2856b71f0316928ceca6

SHA1
377d78913f0fbb0636c4dbcb0589318371b52b9f

SHA256
2aa30f00577cb830ba451a0c81fab99af1f855fe8db4c2b550c5ed9e15c3c255

SHA512
cc1ffe979007243cfc0f0acdf467af8d21aedbfe7739f9ad683ad17b99be7c3bfa5c11fb44ac056c90e9d7482fc0013386679bf9eb4aaa1f53be43d3132fadcf

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ec73ff0e87d7a8acf304d739f4155f1a

SHA1
8820cb28bf297af72c589858f4f843cce6a0d8dc

SHA256
e7cdbabc439e2e23700f0a3857da845580c88208081837b4bf0678db0a0b2c5c

SHA512
e7a05709e163e9d3a55ab238ef9c87935cc8f2a5c8cdc27c9f0982d818e42d290367682e8fa7bde7ab0b48aa42b9bdaf4855d0fcf8ed08a7fada8d91b826f500

Download Submit
/data/data/com.systemservice/files/PersistedInstallation4315577343880692592tmp

Filesize
90B

MD5
384c4f8e2ef27a9b222af0f0a01dfb2e

SHA1
94cd77ffa6a73f8ef84efac44008c6dfa7bbdd3e

SHA256
f8e09b27af14f2277dca7b3f29203b2b9c7ac9ced6f8102a345682333fababdb

SHA512
f8ae5208a04d9027fb649940e2520e8a3a5986823ba37612691a2cff3668ee12ab9e3f1338da1f7a77a2ed50af8e11333ecdc509da5ffb8fdcd2af74111f30c4

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7894871719874222735tmp

Filesize
553B

MD5
cbb1d6f49f23a1345da321d6ef59db0d

SHA1
8abf7ff7960efb2f4f9d8a0a7c4015fac9a2b0a0

SHA256
c1950a10ea7c52a71dbcba91fbf25360cdee0befa5ffbcd786298095612ea454

SHA512
f941ebbe5fd09e4f657a374001ef8a26f7303079de051f8004c8f5cf4d0f6b85718dd450b4d0436fe0e88c3b79b39a2c9f3aa89ab92315da77b374ca7b5a6580

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
e538630f40ee4f83017ede0c41617de8

SHA1
c673129b427c091f037f8df00eae97da9e42aef8

SHA256
eee518f50f88828e5b244ca1cbe31da9eae082c17574ad6a5e88b5fb27987b5d

SHA512
9e7ef4778c15272babd2eb0e791b8b0a21c94a955d55fe02b4cc824048685c8453adffc616bbaf7d5699040859ea731b3dddc68425d5521ac55c94e584f14c40

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads