ba5a2e2f4397cd8d420fb8a6213747a8fe56476b1f3eab95571e58864a04c09b

Analysis

max time kernel
151s
max time network
154s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
29-06-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ba5a2e2f4397cd8d420fb8a6213747a8fe56476b1f3eab95571e58864a04c09b.apk
Size

1.8MB
MD5

19f1f17702ef1144959fa26b5b0f4468
SHA1

6084e55d660218159824aeeee8dd5958c5d57edf
SHA256

ba5a2e2f4397cd8d420fb8a6213747a8fe56476b1f3eab95571e58864a04c09b
SHA512

2a486335b23586e3d09495822662dd81fe03f08aca6b816eed8e6442339b5f768bef255e3e526bffab76e8f3cc016f7170fa69b08646acf457b08dcabf0ceb21
SSDEEP

49152:LY1NHvuVwrLOhxmy01diL4tHN4JgAaG9FwzmpuT:oHvuVkihwyadN+aG9FzpQ

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
bdf3eade7d1519ff0e4f21736555b2ef

SHA1
a3530936d411cc3064afde4306958db06992b131

SHA256
694c70307f8ec6b8b8e7490fc05588781bda48a61233de08af87cd29a8c24cb3

SHA512
e7c0d68a33899facb5580831cd58f88310d124d1679298e65c072c2fce47914d6d668ddb38649d4e81b4dd72fe89bb7e960b82b780d33796d128581f72886c6a

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
8ae9aaab8247408cb11de96e55d4cc5f

SHA1
ab6e9388adb8da78cbf9f9c5aebcf53daf025e0e

SHA256
7ed2a8ce4166e3dcc381c514c68bdda3361c871cde9ef1c5eee96a0970bbd45c

SHA512
5c3cf5d1484844ee80c47f96c0b03a973c8b76c8f98c316e04de4be1fac80341af487a56faa76b6bc3e39971c341b47aeafc0562d761e1b3f24c1d5f6395d696

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
40a0ece232cbd40bc6cf78d1750f38e9

SHA1
8cf340da7992d92185e1e3419cf7dc12fc10fda3

SHA256
904c69fe49e0328704786de5d22332c19ebeaaf223f43979c1a0b95f7008b4e1

SHA512
913bfe02938abf3d52bd74e236f4fcd27c2e3dacdf25b55b49f9c130be18f6a1e22341a1924140f24331fcfca20a028a088da8fb6318ae50409b97f08376d383

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
4c992949791a564e5f4105deb703bb1c

SHA1
c767a25197b6e362672de3d82ab69ee3a012143f

SHA256
f08d67c4e0a011a0bbecd327fef405cce79f0ec24071d5f0965c9b624a66fa79

SHA512
88887db0d7e9d9db9cd6281ae53e03e6da946d41663236c41b24d96af7a4360d78b14d65be8a63d033df2c0b073d17145b4560c8df28c8185502584aba6f504f

Download Submit