Analysis
-
max time kernel
126s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system -
submitted
30/03/2025, 11:06
Behavioral task
behavioral1
Sample
a614bc357cc781f979fda829aebf8480.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral2
Sample
a614bc357cc781f979fda829aebf8480.apk
Resource
android-33-x64-arm64-20240910-en
Behavioral task
behavioral3
Sample
base.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral4
Sample
base.apk
Resource
android-33-x64-arm64-20240910-en
General
-
Target
base.apk
-
Size
15.1MB
-
MD5
b1c7c797891873f82992d328a32d0953
-
SHA1
396171fe6da60d4e9fd6944a90f51992eb97067d
-
SHA256
0dbf16e9260a8ff029075503c719734f61b47b21b54e230b9f41fb6b0bc234bf
-
SHA512
95f553393ba02bbe4d6c304113aa807e14535ea893d12b92511c4636cb48e01bfd9498af3eff980319fd3826e63ed62eafa04eb6b1c5e4283ab2f386b57d83d6
-
SSDEEP
393216:jxZ+M1HtgNrQBMIvabjC38MJAjrz75kWx:OyHtmUM6gjC3bW775kW
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.abc.pmkisanyojna6december2024 -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground com.abc.pmkisanyojna6december2024 -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.abc.pmkisanyojna6december2024 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.abc.pmkisanyojna6december2024
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
569B
MD567e887f2551ea55aa3a60014b4cbc15a
SHA18f84d6b96cd3772ae922d6064129587e62d92324
SHA2560950ddf78ef90bbef789274ab5a1e1828b75846efc0eaddc882edd471c99b407
SHA512937943935501be5b863b10186595ebca9856ee0f429eee7cea2aab80f4d545db96d88e5141953182706066195cf0cc8e00b23b52f41830a2411ccbd15411b1ca
-
Filesize
90B
MD55262413fc9906bb1f61848ebc63a8910
SHA165399c8c5e87a41cc4c83ad53eb4681c50aa3c78
SHA256baf7083a3dacf95b1b46e181e29ad60cf5216408052679eb579ae7818f82560f
SHA512039c13df8b8ca46d068d97d56b8fb63526effca6d7976d943e0c770490fb4fc666756fc10c99cb511d2c51379b8f81f200da0a74dbe14bf445c669d35b4ae4ee
-
Filesize
4.5MB
MD577f4f724a07a656ddded49f01c2089ef
SHA135169e245cc050a7e7a205f6e6a8afd571d98113
SHA2564ca1861d3ec4742ce4a971f3dc396acf4dfaf8b5ba2ccec8deed0151deb2ed6a
SHA512fdf419f70c41f8ef73f27189eae1a217b618958e68c37e7b95785ef2cfbd40fb1fd6668ecc7528b1177ce74ac8fcf279c978c52aba723e23eeb8d7f66b5dbd01
-
Filesize
8B
MD58a12f8a4ad6ee575ad2fc366833308c1
SHA18e33195a473f613dc4263f38a3ab8123e0443c5f
SHA25625c4f53aa912a6378b7d0a7b8734472893bf9228ab6a148c217a61c6d9cb787d
SHA512e59b591713dc3ce15306fbaa1a28c8ead7baa824f9b2378ae231d8e8277ce87a907e4608bc02a6c303e37ea09c54e64becadb7627eb70d4f0db1beef5f75ae3b