92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c

Analysis

max time kernel
17s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
22/02/2025, 02:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Size

3.6MB
MD5

0366ae0abf0ada8aed90322bfe07dfd5
SHA1

2f0779ce64f02944e87674745cb446c5bc620607
SHA256

92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
SHA512

52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
SSDEEP

98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc

Score

7^/10

banker collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.systemservice

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.systemservice

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.systemservice

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.systemservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.systemservice

com.systemservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4267

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Clipboard Data

T1414

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.systemservice/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
ce52b9308b0f0583139dc9bb8d84324d

SHA1
5e000d0de338058f2dac609d85788a99e759a2df

SHA256
b1218fbb69a307fe6516f8c00c9280102a35f3d1fd3192a626c691a697ad8f04

SHA512
cb347defa9895a1d6a4c3b39779f1b7c415ee63bce7cfa49af785bb817ec9685f7829e72443c108c587cccf455b7e7968544e26b0c1197c9347bd2561ee7ab54

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.systemservice/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
05fe658c096f16652b23ee9ef46831ed

SHA1
3697b8011c33e63018f4df4b876b7c0115cf761d

SHA256
b798f72175442f7ab8e4c29edc582f61bc046676a23aa397ba9f20164316d4b7

SHA512
ddcd70f8c75283068dd77f46202c7f9d8c2e0437dda30c8977c314a9b598ad53737b342887f0accf2e58c101586447fe79ebc899b411a7a002bf91676a395041

Download Submit
/data/data/com.systemservice/databases/core.db

Filesize
36KB

MD5
045489a0639eee27bca52f48828cd93d

SHA1
436e7966e7c019273c44faa4d8c5709b816dfda3

SHA256
0151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e

SHA512
c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c004d42a565720594ad2c7158a7cd01c

SHA1
647056307f4069ecb9821648da35877ac429a51c

SHA256
3494c8de187bbed2d89bd761989f22c786e4a04575328536d2db434c2eae7a84

SHA512
79fd12c07793d7fd1482743a887753dde4b1e55d0ac1064841f86df7adeb51728465e27ca1544f8d292e96501ee4033e8d68fd9e3d80579a463454a7201b7513

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
db461474714d877d0abf1a17f666e377

SHA1
259937ca721df9650dba7809dae28aba314e4003

SHA256
0b4ab32841989f74e023a919b9fcf52a15983e59958287c85ea992661b24949d

SHA512
32a6dd56625daa45fd45e4694d2c0c0ce1fa603c3015f0e21b303c70745b049412f3059cecdbd3a73011fb1c472452a347952b55aa1ef5bf84b4cdc330e4783b

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5befb1c0e416586866cabb5373953025

SHA1
f42ea68dc21e56e8ad59af07c8b85856b0c3a0e1

SHA256
a5c6d9a0454f1125d9b2571e823a12a1b41b495691df7c3392ac19b7b2e65891

SHA512
833c5b0a07e1b07904a97a746d9654447545126d636b0dc06fcb511d79cef87bacfed2d356779b52faf9535a8dd98101b3e5561c7b6d31d7d275410606437f1f

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5763ab5f0c9c4ece8b27f6d7d76cec2b

SHA1
8985744c76572fa3b34c0297ee11c3fbd4d67790

SHA256
389ce10e422a75b9b0ce8a9fc34190e965ab36f9bafe75626d56353125df64fd

SHA512
9db5ea5e3dcc65518f5435fe1c0ea54c6911ad92968fe51c025eb00c5b7cd820379a2272bbd9c16bf0706f8d908b864b7119ef91c8851212b5129e2b34af57b5

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db

Filesize
16KB

MD5
835cfc7decf507cdc5e54f602e3f9699

SHA1
4a55d424cb32e766554672cb2d0b3804fc47552f

SHA256
29257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852

SHA512
2ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c30a784fdded8e0c79d1c3cbf2cdaf20

SHA1
84f9d9cf6581be49e4042a79af91a125dba3ac28

SHA256
77594898762083220a6d024b44094952ac94acbd9779fe95d2af9618df641807

SHA512
86f750307a6ca82f4c706301c4c83d49c0163726c7652625b2f4f6fbf3c71ace23534a02acd632d31d497424b43a2c316a671ff56fd2c87cdca1a6ca4e939020

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
2ed166d1e0cc02e87d8bcfbdf4e6d9cd

SHA1
0ea88f3bce18d4f43663fd084f8d72a6fb8b16c1

SHA256
37f2d7547085387c29af45bc9f033f3422367b9d787d1c25af7c4e368d892ae5

SHA512
6c8f67c00653b0e049355824a5fcdc0790a926c54e4b2cb26bd8a962ab390837b6a2a5bbec025ea5c5dbdef23ef1fce4a526c33e33aabfea4edd8c92b57034c7

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4b83369f9aadcb27957854ac13a8db73

SHA1
f838bcf62ccc6ea276644ac06a5e9be1de550af7

SHA256
22959a5a44eda6bfa333f0c856b6510bee26e4a64bff6c9d2886a466b82dbf5c

SHA512
bd92c23fd140c419e214fa91cc13b261b17351ef99c064653c7ed42ee3ef30233db7ec0124d8d96263c80fabbd8562909c37016b539a55a95dfc30222af3ca5c

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
5f72f9be47dcaf5345c3c4b1ea450589

SHA1
8e46a29134a0314cb2a26e70255a79f04d01d883

SHA256
104f0f34a886ca76160a1d2610adaa4c4191c168f755719f7342c30d1376008a

SHA512
4a6d436bca14b0d00010e30b91d64304d3bcb1874a5ea1057ddb562543e37fddb5607ee6cf3fa7b5cfb615b26132322700f87c0abe2b70b56311983d255b47ce

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
25a6720137f1fae1b7d65d05d5b83b52

SHA1
41e91c5ce0a3040fbc8c1d1207ace580f932e556

SHA256
314f8318d8204e00cc2cb921d2f0e9d74211c59868283725faca3bddbe619140

SHA512
ca1f3f8720806dfe12fccac17b18d54cfc984993a748a68caf06dc322e68868fe989f4df5c6c36db15fcf578687249e4764b09d792991048758b7b7cfba428ee

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2b6654371a80536cab1c44b400cc1da8

SHA1
6f3eae5f7466856b07bc70bf7586391e15242112

SHA256
a3c216ac751316f6599a417caa0b0297a656849f164bb9c8f19facb2c5dd1f10

SHA512
fe642602e3196470001c4b58f1ff8c196e98c5bbee1d6cbc182378965b042d026eaebf36312ab2861ed56529d7f6d29df33297fccf2ff4c63cde49bf7f7c7b8d

Download Submit
/data/data/com.systemservice/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c59c0e487ac4c0c72a9e411443a24c28

SHA1
29ed11bf09898c4f294db6d040e47b4c75597b76

SHA256
14b369be7932a13ad5cf1eac4a0fa572a975ab1454bec94144c4f9534dcdd27a

SHA512
366610f5045fe22959876f439e0206cb125a29fd8d2ffebd95cc75230f2c54d77634536f01ab1088c5e6b785bbb0cede77559c28410fd7ba2e792bcbf209cfad

Download Submit
/data/data/com.systemservice/files/PersistedInstallation7402497915201117165tmp

Filesize
556B

MD5
49f3498342120344de8f6750ecc75cdd

SHA1
6b81d7ac23baf05a487e40a57f650f2576e29f15

SHA256
3e710dfe11063d42024122a6823941e0cba3f195b5b12442e084ea8abadacd32

SHA512
b8c1c0de32c27ba68b20ccd925eac9fde77032090c44b0c82c990f5ab714bed0878df6854b28c1a5ec5fbba74cfb8dd1ae5bfa2f8f9359fd8330ea163cd9b74c

Download Submit
/data/data/com.systemservice/files/PersistedInstallation8900059376526641607tmp

Filesize
90B

MD5
2cdafbff8788d32b68a05aeb5c466e2f

SHA1
d53859a99e2cc1dcf6ea5ad2e8e234023a8d5a6a

SHA256
9c278ff47e931a48596838cb0c5a620ddf3e400dc35d3dbd0bba6a26c9e7d632

SHA512
ca3e606eab28eebdb80cafe1ad236807cdc8391cbe639adfc18d9f79614f75234f9e3db6868a3d8945a07ed69782841584f713b1bad7ab8ceca9c32bd72114a6

Download Submit
/data/data/com.systemservice/log/log4j.txt

Filesize
3KB

MD5
6079d24bcabe79497c3a3ec065545980

SHA1
565d7318dba5c68d9a5b1be0cb433f99d2bc8756

SHA256
c089d1d371b4a7906d1944432e071c4adbef32c5353daa5f7ac80d4be74e9066

SHA512
06e5af0e59fd57f35b400cbafc6e494731bcfc546322878552e42581669964bd7736693963453f94eba492be147fcaed75e34caea2d6e07fe4997a40923b1328

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads