Analysis
-
max time kernel
47s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
30-06-2024 22:00
Static task
static1
Behavioral task
behavioral1
Sample
0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c.apk
-
Size
2.9MB
-
MD5
8deef0a73ea4f56d9957af7fe7ebd125
-
SHA1
de6a11ec18f32ed335e45634b144632228ed2fa4
-
SHA256
0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c
-
SHA512
a91582879757a9bc10a2bd8884f4b0e5dbc46ea97749124320740f29bc67e074417889980a080ce80b4574ca5494956a8220193f9303b4a05f6a2294058c10e9
-
SSDEEP
49152:sfF2qTze4bjhmBinGJkVVeKVuvYfTsLJgIyohOrd1C:sf4mJUI3xuveshhOrdI
Malware Config
Signatures
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
kyc.pk.rblbanknewdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone kyc.pk.rblbanknew -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
kyc.pk.rblbanknewdescription ioc process Framework service call android.app.IActivityManager.registerReceiver kyc.pk.rblbanknew -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/kyc.pk.rblbanknew/files/profileInstalledFilesize
24B
MD568fec471b7c2f4bdd533929f0689dcf8
SHA1b38a387e0e5e2b7749b3e7f7171142bacd5bb903
SHA256ed33c6e87beeda0a62c15c93433a346fec163e1b5cd225fa93114b3cf97ecb07
SHA5128ac2a64305e6e6dcf5838ed20d7f2220699a4e07728d5bef6bd15f97e3e8ec61033547db6b22652d2ab365cee503bd1415acf52502846d2afb856c7b8affeceb
-
/data/data/kyc.pk.rblbanknew/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5a3c45e4b303dcc04ec41be8f2e60c6e4
SHA1a5726ad894e2c269b2f4c274cbdfc42deac6dfd2
SHA256fbfba06eb45dd2729933dc53b0936dacac7d6fac6dd36dabca0e3658236a77d1
SHA5129710d344ff396f6e710625619e6ad02d338978bcba08118060bdb5cd9a629a5257020e544913afe2fe9c9309b229487a8715b0739daff0c43fb1b4f200ab52fa
-
/data/misc/profiles/cur/0/kyc.pk.rblbanknew/primary.profFilesize
1KB
MD595c454793016ea827b29e8ed872754b0
SHA1e3ab798ca4f0aa27882fab5c3e60bdc12ee3908b
SHA256a8be3be88e3a8cc1fe96b780ca1c0d0dc7db7f43374b9d003358e8afc68fba09
SHA512f08dadc474e29f425a4a9388c70b2394dcacb0631c2f737fc7f886dbc940cddaf30f0f50d78c493cd64389f22e1390ea0dcd6dffde5fe535dcd4e717e4522b6f
-
/data/misc/profiles/cur/0/kyc.pk.rblbanknew/primary.profFilesize
3KB
MD5e760dc6fd02b7d8911d6188526c85841
SHA14aefa84ca726e3313f12b0847df4979453e7297f
SHA25636ec1cb1b2ce01fa780a9cb7756dcbbd5cb03607e1f90ffa09955df6b76d977b
SHA5120f6961386e1c91d4d369d52957aed2b00dd3f984be717221244f4534a646ed417dfed60cead6b3d6ad4fce49d6f698a2aafdabfdf3a536aea2863b7af38ff278