Overview

overview

10

Static

static

10

cde634ac24...31.apk

android-9-x86

8

Resubmissions

11/03/2025, 05:19

250311-fz4hbasqx8 10

11/03/2025, 05:17

250311-fyy67stvew 10

11/03/2025, 05:15

250311-fxq47sspz6 10

10/03/2025, 22:02

250310-1xw1nsz1av 10

Analysis

  • max time kernel
    48s
  • max time network
    367s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    11/03/2025, 05:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cde634ac2435441a5bef4befaf4b4acc68393bf02380ac0cdebd5104be99cf31.apk

  • Size

    4.4MB

  • MD5

    a993c52e3f70025fe896428a4b43d9a6

  • SHA1

    4a156e2db4319c3e20a1678277237e323a0c963c

  • SHA256

    cde634ac2435441a5bef4befaf4b4acc68393bf02380ac0cdebd5104be99cf31

  • SHA512

    056515f44cca830987d41aa1d5f932f5bb5920556b9cfbaa405da28459d18362eff714852f5912122ded92b4d89b653abf37b0a60a9d68b75688706d4e54a590

  • SSDEEP

    98304:pdDPNsl3JKkr5J+ZGdAt1sFIPp00HcKhQcfLTbBFjOj6rH:fDPNa5KklgodFiG0JQcfL3Lb

Score
8/10
bankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionpersistencestealthtrojan

Malware Config

Signatures

Processes

  • com.tencent.mm
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's Accessibility service
    • Queries account information for other applications stored on the device
    • Reads the contacts stored on the device.
    • Reads the content of the calendar entry data.
    • Reads the content of the call log.
    • Requests cell location
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    PID:4267

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

1
T1603

Persistence

Event Triggered Execution

1
T1624

Broadcast Receivers

1
T1624.001

Foreground Persistence

1
T1541

Scheduled Task/Job

1
T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

1
T1627

Geofencing

1
T1627.001

Foreground Persistence

1
T1541

Hide Artifacts

2
T1628

Suppress Application Icon

1
T1628.001

User Evasion

1
T1628.002

Input Injection

1
T1516

Credential Access

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Discovery

Location Tracking

1
T1430

Software Discovery

1
T1418

Security Software Discovery

1
T1418.001

System Network Configuration Discovery

3
T1422

System Network Connections Discovery

2
T1421

Lateral Movement

Collection

Input Capture

2
T1417

GUI Input Capture

1
T1417.002

Keylogging

1
T1417.001

Location Tracking

1
T1430

Protected User Data

3
T1636

Calendar Entries

1
T1636.001

Call Log

1
T1636.002

Contact List

1
T1636.003

Screen Capture

1
T1513

Stored Application Data

1
T1409

Command and Control

Exfiltration

Impact

Input Injection

1
T1516

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tencent.mm/databases/Dname-journal
    Filesize

    512B

    MD5

    d260eeb8a2a584299cf98606a3f1b3ae

    SHA1

    0ea0783a808dc131cb104638252c28c46618803b

    SHA256

    4c75608e2448c78cb3641e77f03048cbdc9f183d51fb4762652a35a2d4a7287d

    SHA512

    4d20b4cb58112a9b5141fb47b7312e74b3c010830f69df0e301e810a7f4935fed332cfb46eca6840b4ba593e1294b5e607c73fbe2ce697464c01e206a3355dfe

    Download Submit

  • /data/data/com.tencent.mm/databases/Dname-wal
    Filesize

    60KB

    MD5

    387e424569d25fa535e17a85de021931

    SHA1

    b0b10a2035f5a7c2ff3ae9ae753764de59442132

    SHA256

    2bdeb0216e2af5e44e677edf010e651da1f5d8915120b6cdb9b2bbf25b12a3bc

    SHA512

    fbb6fb2cbaec0745a2445af05f0d14f0b3acf56f94605e7624a15f4d34e45b0e7cfa859fa50406cbf2f1b63532d7db27cfef37533dcd52c4fd3b793052b10020

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-journal
    Filesize

    512B

    MD5

    d73d46b15551a955a653fd92133c478e

    SHA1

    cebc10cb4093d0cb18ad75d51eeb7d9a05d15852

    SHA256

    172d78263c67cee7dfe5dc4ce2002473281ba0a0a2e6e1e60bc06b645ee5d81e

    SHA512

    783deaf33954c5b874dcd2e3ea66c051e42791d0b32ddfe73b807e334b1958cd6c02dbf82ab0849eac89bda701e63b8bc017cd877cbc60ec701ea0ab1694b6bb

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.tencent.mm/databases/evernote_jobs.db-wal
    Filesize

    56KB

    MD5

    0fd6f198dcc7a1adc8cae61b62218efc

    SHA1

    848ad86c270af06c0b7d440b1fb6b34cdffb02ef

    SHA256

    8f0577b50286936cd0c2d1f50e0a7c879136e1ea306b2524498176ad00985727

    SHA512

    f0995cbfccd887eda451497526178bb029936e915b9973ee36ef7afd97fde993f0b8ef1077b11c04d851a0252c3e753e16f57a732a0f37146efbaffa1a12b006

    Download Submit

  • /data/data/com.tencent.mm/files/CallLogs.txt
    Filesize

    3B

    MD5

    58e0494c51d30eb3494f7c9198986bb9

    SHA1

    cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d

    SHA256

    37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

    SHA512

    b7a9336ed3a424b5d4d59d9b20d0bbc33217207b584db6b758fddb9a70b99e7c8c9f8387ef318a6b2039e62f09a3a2592bf5c76d6947a6ea1d107b924d7461f4

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    116B

    MD5

    f1b951869b6c11b2cd71c150abcdf424

    SHA1

    c1b018206683a5c1d2569ded6df95bb752381717

    SHA256

    22a59474170ee6a942d0de218b3b4d1a9e5d4e66be9746b0021657ec5049cafd

    SHA512

    19a732d353e3edd852d5044ad986cb9a8ea12913eae1db7e6e15617f39c49b461b3c3b54d93dab8aba96660cbbabe93942f18735f8fc0eb13365e9c1ea615cdc

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    126B

    MD5

    cc200da8cf0e6a648f205744c18c6da0

    SHA1

    5c60ef7632036481b17b4d9db9716f0ba7a205a2

    SHA256

    60480200ff7bc9df1a3ed9082ef9d3ea4497ad1076bb3bb54d0b44a810372640

    SHA512

    c65fd19cdf4cd8ea5fa2b344bfc843dff9cae9465d4e1edb3a5a4f517deccfe9d6fff4b88a9bf5e91000d15a5b10020d64dcf9198ee90a7f4f071b1b90248b48

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    116B

    MD5

    8a4b5e6b7cb049a09315666395ade794

    SHA1

    be3afe16e99d034d64a055cab685fd58dda4a422

    SHA256

    ce27d3bebb3182a823ee1b210480e5d7d8e675c5057d662224f6636a8c0f6149

    SHA512

    644261818f94947e11661dd9ae3ca4df8118e0297c501fb38fd03b84d892c4478417e93241c582eb8939c92cdc6f6596d7721e0e98d109dcd89d8cb407de14c8

    Download Submit

  • /data/data/com.tencent.mm/files/GP.txt
    Filesize

    126B

    MD5

    ff820691c4407e94f0f51f63c158fb8c

    SHA1

    99679808ebd7a0d9d31c28d581167d6b7878b942

    SHA256

    a876f75e19f4db95a25ba6733f908035cdc105308e73ec41c234bb3afbd41e5f

    SHA512

    7999a6dd9aa867cc234b03d95ef4c84ccb99c46a3cd164656b9e97cac45646f16ca50f81ba634b1001f1e1cbac7c433da9de49e4615554f53629b15a2a38538d

    Download Submit

  • /data/data/com.tencent.mm/files/Tree.txt
    Filesize

    282B

    MD5

    3247ffccfeec093b9abca4abe6a7ee65

    SHA1

    3de1875305af4ce3b4480016066f88fc9ce30312

    SHA256

    98cb8f445f3879d2acfd34d5383fa742c4c91f630b222f643ac0870b496cb722

    SHA512

    fba2b7f3f8171e96513626e8b8db17ca924932430ad1901ee3f6827106eb007e79bda013279174fe300ff93dd034d2a434db6bc48bce9a8279c862425e3d3422

    Download Submit

  • /data/data/com.tencent.mm/files/accounts.txt
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/data/com.tencent.mm/files/netinfo.txt
    Filesize

    609B

    MD5

    4064935e40ab93d58975b53428b48038

    SHA1

    4acd792b7eebfe3fcc472ca5ba70522cd7955dd3

    SHA256

    caff0f3b2c12b372e43d3e9e51b22baedfb511f1d9d923bfe9bb071ec0afa3ff

    SHA512

    f722d89639416f35480920cca6ac2b9fd1e82f388767662979266aa8f83609ff6f7d88d1afd35745641d7f4c18778209822e2410c6c3560b82c65330131eb057

    Download Submit

  • /data/data/com.tencent.mm/files/netinfo.txt
    Filesize

    609B

    MD5

    429ea89352137768962dc8ec36b99e91

    SHA1

    cdd022b79d5251f721bc1d12aec293ce6d1309b0

    SHA256

    35c6140133380f5d33e7d160aa94c3e04a739d80689a11f1b3c10adadd4ee21a

    SHA512

    c21f4c1675b7b0480dd7a11636360dba90a36bd4befb79f710e2e044e6984c3bc9036d26225c3af104147bfe5be5ecf79e9014396ac447a540b7bb8db7268684

    Download Submit

  • /data/data/com.tencent.mm/files/pkinfo.txt
    Filesize

    5KB

    MD5

    9857c0caa99fde5d0bf47c0ee0fd821b

    SHA1

    ef4629899e6ebbdbaf45ca4885f5b960da25538f

    SHA256

    d68311a5561ada62ee327cda3a9b29c41ed0d7bc16586f9af6d5595a96d497a8

    SHA512

    312c11c7b41384fd5a7ef466f06813c09f6c661ade0ed4ffe6e8e88969f2ba31257a90333b13ce8d4b2ab0692318b638f06aecfea11aeb2df3739580e635a148

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2025-03-11.txt
    Filesize

    267B

    MD5

    5fedf0a61e77a1d0f1403b327ef4517d

    SHA1

    d43fdb67b775735e4f270574b578b0f0c5e24f18

    SHA256

    dff0cbcc8d0cc662587055469b877c3a44d76315b76e16a69a87fadfd36371a2

    SHA512

    a597c0abdf534ee3c5aa850a48bd0e1a16a509e74345b76261004411792db737175d143826dfe301e0645aec00bf267524657708a9f1c4bcacffbbfefb167bb7

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2025-03-11.txt
    Filesize

    12B

    MD5

    a9256f55737b655c8cff95418411997c

    SHA1

    d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

    SHA256

    bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

    SHA512

    10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2025-03-11.txt
    Filesize

    12B

    MD5

    e48057c3603c907cacbe1568a7dbfc41

    SHA1

    6e100086b53e20e499a9be069aa1b452faf82ba3

    SHA256

    4b36685dbf772b2de007f4c98f824966f4f3a132075692d3d3d8f11e84e5468e

    SHA512

    787e1140832e8c308039f0287ee801c00040544d5241425b0c0c8e8dc19ecf3feefa50706723f7a21be209c13b24ab3dbe0691ec42118fdfe18611b13155fb9a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2025-03-11.txt
    Filesize

    24B

    MD5

    7099f4ee2f4da21cbdc88de0d1ee3d7e

    SHA1

    42e61998c15bd2924ae485d6525ae46e2380290a

    SHA256

    ba606813d6c59c6ecaa8f2ff9ae1c31f9820d1526ded195f90ddf561eef0cb6d

    SHA512

    8b8ab2a2b74a21ad29fbede7f385fcfe1500cc2bf4a720da8b689d081d8eb60602e8f999d6783744344cd3c0b980c9d6c206846cebed69f89d7e92f4c74d7d4c

    Download Submit