aed0c977175c0704b9934a3d80a04120593d71777c2e838b1c47fe7bafcd92f6

Analysis

max time kernel
140s
max time network
145s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
30-06-2024 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aed0c977175c0704b9934a3d80a04120593d71777c2e838b1c47fe7bafcd92f6.apk
Size

1.8MB
MD5

af6d8b27181b104634e11dcebe2b35b7
SHA1

acfb9251eae04b2934c7ae467f3c3ec43ec9d8f7
SHA256

aed0c977175c0704b9934a3d80a04120593d71777c2e838b1c47fe7bafcd92f6
SHA512

65c9d13ae8902e799663a0fec915c5df1a080bfc47a62e28aa6ba446b732bf1d05ba5b4834ac047131799214ae87a5e480151a0430f797af32f5d4db2344644e
SSDEEP

24576:CY1lHIMS6P5yP99hH/9VgESEzUnoUXuvzsy8UZSyLFjozs8FmR9a54V5b7+dHuM0:CY1ZjPkF3/vUoHzsdUQ6FEfFah/Ou7

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4939

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
ce740bd526f16953e5743f25376ddbaa

SHA1
2680a523e7217498c3c0c06f75d1cc37a502517e

SHA256
b23d560b22ba3cec807c2b3151931c8506fff92b86993dfcb57a16c05282221e

SHA512
045bb7801dbaff86b4f46db6abdae9fbdca6d827fe4016aedee6e07c78f6371fcb171257299081b75c5e49aef72708b913167b1277c6d466274ee7d0f020a0ed

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
37ba6650d2d64e397f15403b990193d5

SHA1
d764d260d8325a0b76abfd6f8cf953e0d0ca84c8

SHA256
128b43df4a9547b8f84fb3e9566969088e2a7bde5b28dcd068d828307ec19a50

SHA512
774aa5fae63033b0b4125ae1a84a2a31fad7781ff3bfdcbb07e563d4c5ce73b4e4a6b33461c4853341ed468f7c46c3cb1b882bb30a5de84a03d3f559436ac05b

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
9e61479c0c7984569c978f3643c2e493

SHA1
d6787785608235b4ee139774464429e7d1e341f4

SHA256
de276f4ea7c2ccfc36618816990dad1200da078ea6f0042fcdf0e9f1e1b731b4

SHA512
45789b1d4abaf6b39566032a33e9061fc05d06e46a73df572292369de30b3fb5e6573d603bcce2024bdc3b0b31ce8480c694e68a03da328522f0bc34572c8b4a

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
d6d9a1897fbd7eb4fbde24301493fe22

SHA1
2a2b9730a5f1f67bd95192b8d939a9ce6a8b190c

SHA256
ec1648bab0e846c5eb7f25f8df3e836e176c34e0a2d30b50d7c4768c7c952cc2

SHA512
2f36fb6b72286d9accb1a6afdf8b702560b0dda09b1b0f8eafcc06ca964655e6c14d14bd810156a7a326e9dc21f223a53964686a6d4b4649215ac5beb7e90428

Download Submit