Overview

overview

10

Static

static

10

Bank Of Ma...n .apk

android-9-x86

1

Bank Of Ma...n .apk

android-10-x64

1

Bank Of Ma...n .apk

android-11-x64

1

base.apk

android-9-x86

7

base.apk

android-11-x64

7

Analysis

  • max time kernel
    6s
  • max time network
    150s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    31/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    base.apk

  • Size

    9.7MB

  • MD5

    1897e95e7c55f3a3677228ad14420940

  • SHA1

    f6032a14df0b3aedbd68807a344219b13955b775

  • SHA256

    f2ed4cb875591cbaf9d0bd41c0b5c0c3ab958939dca07d4f9ec709b0f5d040dd

  • SHA512

    e64a0736210bc2fb5224f5c34fc51b074038d6b3dda8377bf8229d58f12dbb95aa2c7b832fc0da68a94ec0620e1b70eaec93f0301c4a09319211411abb2ee250

  • SSDEEP

    196608:5aXKxoChLzu1HQSBqLqUyb+G+TEbxYuyof0fCYuBGIQcdlcn:ieowYHr/bWEdYXe0uBGIQ6cn

Score
7/10
bankerdefense_evasiondiscoveryimpactpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries the phone number (MSISDN for GSM devices) 1 TTPs
    discovery
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.abc.a1march2025bankofmaharashtra
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4298

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.abc.a1march2025bankofmaharashtra/files/PersistedInstallation1892384598252654416tmp
    Filesize

    90B

    MD5

    c501523a2c9659ebd8b98e28d891d968

    SHA1

    db43ef0a823c1d16cfb29a5f323894819980c782

    SHA256

    5c1b8938594f5936ef46c03db00f8e30dffba85bd48a3ec522f9e3004a7edffe

    SHA512

    40e68fbec2cc7879810ed6c26da4c9f6d2254141f4080160d719a0345f20265824863bb725ec0e914e1f585fc480b2fb421c72710ba72ae32763b4a68ba2f2c0

    Download Submit

  • /data/data/com.abc.a1march2025bankofmaharashtra/files/PersistedInstallation3672050437698970031tmp
    Filesize

    569B

    MD5

    de8a8308e0088858ca1e1e794144f00f

    SHA1

    b634b4b3d3379bbe69fd646b8ea6f8754635f2bc

    SHA256

    cb619e929aa8d994b07553d561a0f7a72ca6e35a6515b485a63842c1769c6801

    SHA512

    229fa82c74c4678c2807caa563d0c9258be95edc3cf4d6d007ff183e9fb9436515d27890e23d7234eff5d748e1e4821dd874b46d250637094800d4ad6e57af16

    Download Submit

  • /data/data/com.abc.a1march2025bankofmaharashtra/files/profileInstalled
    Filesize

    24B

    MD5

    8816b42d55dd5cb05707abfbb749e2c6

    SHA1

    868696c80a8b36821ea34fd20484177d72434420

    SHA256

    f6e58387960997ecdcff7b5acbedd2186880ef77834337c4892fb28042bf22e3

    SHA512

    c75b2c4728dfd534dde12525b2f142e41e312fef3ae1ec3ef912dd4e4db1f0590f85781b43e0959adcbd9c84d5007b31c55ba1cab6290940b1945652ac7779c1

    Download Submit

  • /data/data/com.abc.a1march2025bankofmaharashtra/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫
    Filesize

    2.6MB

    MD5

    56af653a1167dee85cccb63e50196653

    SHA1

    844c41a452d07cd06b4f6e08e29525984052e48b

    SHA256

    7db334d7f96965e34833db559a295d1f03cc66d7c65712564ac260ff349156ff

    SHA512

    cd83f581f95a2f4f7cd43d1c55f712e1bcd68755e82cd6f79683084ddee8fbbcee266494a2639e494b82d0f3e6aab4d0d79fbeefb5dc43187f64a978d9b7c3ca

    Download Submit

  • /data/data/com.abc.a1march2025bankofmaharashtra/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫/ۦۖ۫.
    Filesize

    8B

    MD5

    4fd360accc599e62d0a022e1d879419d

    SHA1

    f1c590d31d146162dd657e3bcb6797e63cc21c68

    SHA256

    d75d49c645c11dcf8a8e562ab992ba6dfe15a2564ab4a11c6bcd4aa8b1702c52

    SHA512

    daad74474e76c10e103cdadf0e85c60195c617d04fadee5ec06592f24644b843cedcd209d42377ca66a0dc726919058c3e9623f1b8de92c43a7db581a3be7ab3

    Download Submit