aed0c977175c0704b9934a3d80a04120593d71777c2e838b1c47fe7bafcd92f6

Analysis

max time kernel
173s
max time network
126s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
30-06-2024 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aed0c977175c0704b9934a3d80a04120593d71777c2e838b1c47fe7bafcd92f6.apk
Size

1.8MB
MD5

af6d8b27181b104634e11dcebe2b35b7
SHA1

acfb9251eae04b2934c7ae467f3c3ec43ec9d8f7
SHA256

aed0c977175c0704b9934a3d80a04120593d71777c2e838b1c47fe7bafcd92f6
SHA512

65c9d13ae8902e799663a0fec915c5df1a080bfc47a62e28aa6ba446b732bf1d05ba5b4834ac047131799214ae87a5e480151a0430f797af32f5d4db2344644e
SSDEEP

24576:CY1lHIMS6P5yP99hH/9VgESEzUnoUXuvzsy8UZSyLFjozs8FmR9a54V5b7+dHuM0:CY1ZjPkF3/vUoHzsdUQ6FEfFah/Ou7

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4247

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
4e7aa04237ce5845528eed2edad7dd35

SHA1
775a3c03a3b2346d5d0d8fd694b0c5519889cbc7

SHA256
891b156fa3ecc16fda416c6d6360ee41c4b11865bc8c978e2a51fc1838867461

SHA512
36487e95dc44814531dff2d71fd1e6467c29b2becae12d0ee0328b16a4c1eb334327430e36e5628a9347b04dd1c41e77b9b5f46121be1eb50298575d3f38f1f0

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
39dc4ab5edd7e9dcb084bbc04e85e3d7

SHA1
77b9249dfd7b4820727c96523dcfcbcbbbfc6825

SHA256
08270749eae75f8dd6474aa84ab470f21ea8c8fdcf0d7e3581301245fc09a82d

SHA512
a608368807796667513046dfaff3541bc5aadba5deac2293c7c6b1a133c288d1c9d61115b8145a95b4d47f658f9f5a5f8281088f0819bab44b83f2cd74a1971e

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
9e61479c0c7984569c978f3643c2e493

SHA1
d6787785608235b4ee139774464429e7d1e341f4

SHA256
de276f4ea7c2ccfc36618816990dad1200da078ea6f0042fcdf0e9f1e1b731b4

SHA512
45789b1d4abaf6b39566032a33e9061fc05d06e46a73df572292369de30b3fb5e6573d603bcce2024bdc3b0b31ce8480c694e68a03da328522f0bc34572c8b4a

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
1407cbdc694684c5bfbc1d9288ff4e28

SHA1
d9408174841c98f295aaee3a98a56bc25e58a224

SHA256
c0614588af47bc4047a52d9816ada1bea21edc710740b5577199526b8d3a3d8c

SHA512
f8a392889a632ce7f79a4e797587ede5dea2a47e91bb6a96e9d5015bc030d970c70ec1fa766f3e2f4919afa553d607a52fc85b518636cbe71f40004dc1ee05d4

Download Submit