ba5a2e2f4397cd8d420fb8a6213747a8fe56476b1f3eab95571e58864a04c09b

Analysis

max time kernel
140s
max time network
131s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
29-06-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ba5a2e2f4397cd8d420fb8a6213747a8fe56476b1f3eab95571e58864a04c09b.apk
Size

1.8MB
MD5

19f1f17702ef1144959fa26b5b0f4468
SHA1

6084e55d660218159824aeeee8dd5958c5d57edf
SHA256

ba5a2e2f4397cd8d420fb8a6213747a8fe56476b1f3eab95571e58864a04c09b
SHA512

2a486335b23586e3d09495822662dd81fe03f08aca6b816eed8e6442339b5f768bef255e3e526bffab76e8f3cc016f7170fa69b08646acf457b08dcabf0ceb21
SSDEEP

49152:LY1NHvuVwrLOhxmy01diL4tHN4JgAaG9FwzmpuT:oHvuVkihwyadN+aG9FzpQ

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:5059

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
29e32e6bb41c2a06d999d32ffab1f648

SHA1
913d0e6843d7e1ce742687adede488fc618152ab

SHA256
ed7464ea3dc20ac469f8b067e4ea567fff43befc6d8a77e84049cdc701515b7a

SHA512
ad77d6e187e08431eaf149e1b2d69b2135394d25ec120df5591e7fe7cabd9e719460aac8f248c237b8f393df97c6484b122be4c715197c07d33fbc366f82a1bc

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
70fddc2550284055180c44218c710389

SHA1
0a44118e46a11e522bcb4031bedf96c7c95009a6

SHA256
6633242ad07ec44aff60f378bcb37c4d80e8ec1f836f194d8ec54d0360fd9662

SHA512
17236f8207bb20e461db09f49619a6129074ea454b12c496f73a5106c90f96d3b44ae41f1d06d6a0170041e2368d2fe06b586adb940e0ab58aa4a810cabd519c

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
40a0ece232cbd40bc6cf78d1750f38e9

SHA1
8cf340da7992d92185e1e3419cf7dc12fc10fda3

SHA256
904c69fe49e0328704786de5d22332c19ebeaaf223f43979c1a0b95f7008b4e1

SHA512
913bfe02938abf3d52bd74e236f4fcd27c2e3dacdf25b55b49f9c130be18f6a1e22341a1924140f24331fcfca20a028a088da8fb6318ae50409b97f08376d383

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
3fccb3003ebbb583053c4c89c5d41f20

SHA1
785367394f2931fb31eb3df2a67bfad0b52e16d9

SHA256
c2a15804ebb1de90674fd58678349c95af540140a4ac8dcacab434467a23eb0c

SHA512
a8fc9d041700403c75e25a5ff9e620e06487d11841c9103ba2848aab41e67b0aa02b4ba4d0c29002d045903cf1fff5724cd12080f095759a832de65d851f48ea

Download Submit