09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f

Analysis

max time kernel
7s
max time network
152s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
28/03/2025, 22:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f.apk
Size

3.7MB
MD5

36990bdc96888e3208cf66f48a0753c0
SHA1

7e9edb033481a067233a98ec5d44cc6865b50d40
SHA256

09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f
SHA512

6158e7c06a34c7e120fb8793abe542cee65fa602cce40d7cb4e39b5f37d040277214b95427b7e529cd2e6371651124a57a48de48499190d3284a45b4cba4ea6a
SSDEEP

98304:bd2ZrsgEiIK/z2fHENYVCXKrtmkQcaWqpL:QDIi2fkNz4tmkfaWqx

Score

7^/10

banker defense_evasion discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

defense_evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.testtest.qwizzserial

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.testtest.qwizzserial

com.testtest.qwizzserial
1⤵
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4220

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/data/com.testtest.qwizzserial/files/uz7a83efc6ceb643ddb74eb78a0e40ee4a_sms_messages.zip

Filesize
638B

MD5
26cddc4e5daf1d691c83ea91c34e950e

SHA1
2c88e7d203b20b309132b91ff2bb4bb840e9d293

SHA256
45b7a6e60249becc0894fb19181fb36989d63e14abb79c618cd9bac12a4e5990

SHA512
d2a61711f1383f711188b53bc620ecda912a94e671979e44cf4e0ef9080bb90508dd18bf2796a6742a02d15e90e37799e531ac60331a7557fbbbea9baeeff5db

Download Submit