d9df98e040b3c9539961518ca58d10377b9debd204a81d17e18dc5a44bec843d

Analysis

max time kernel
140s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
30-06-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d9df98e040b3c9539961518ca58d10377b9debd204a81d17e18dc5a44bec843d.apk
Size

1.8MB
MD5

be51439499a88c59a614f62bec25f6ba
SHA1

f86b7a0124b871ece97c00b50d552d5045951bf9
SHA256

d9df98e040b3c9539961518ca58d10377b9debd204a81d17e18dc5a44bec843d
SHA512

d36185b6c7c6ca7593c446af2e5549fa16bfe1a83719d90f96e732b6ededc9d95bd018c495fd4590000169ef0e17c13c5943b337ffc7908b3a0f273974ac5e70
SSDEEP

24576:VY1JtfmsTMkxsVcQKLaL/+xh31Zs0qVDfTIqjTsjM1BEc79w2P5GlcOyPzIz2h1p:VY1WsAkquRL+/+L3LqZLItjKdc2B

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
198b7a4e9c971056a9510600ecf3abe8

SHA1
579f4cba84c747e98addd5a342c04008b173f514

SHA256
22d08b12be50d537367565406fb600919941e216692e90e0cf6121cc165d3fc9

SHA512
d953b297ac21882c42d43144934984bb3d825ebf0b9fabd7a50f3d453dab2663da5ed94429563c621d763b7b398f6c694b5a1e119c24c4f01c140315d21d9a86

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
19dddc1137faa31563138cb9beafc7a2

SHA1
f4f6d37429eab876f50f85f2f62ae6dc4725937f

SHA256
1695369f2c986596f8c5515bba028970edbeccaedfa9cfa0178a2c277fef3d2b

SHA512
6f41f715ab617edc88d8f058f624287d76e859b46d5c6a27ecff3cf204437f88f90e809d25375f7564347ac6f20813c366035fd842e476735d46d96e2758e5fc

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
30e8f9f0d065da376c5f929b00d66d99

SHA1
30e1cf6db1af33a5179c7c2bd00ee5f3e1176433

SHA256
6f1a126d9dc2045a00e1b20c233ca64d1d86bea7c005f01392d9cd8ad9aa53ce

SHA512
d5c0489bb984bc30ff90fc2455d2cb39b7c202d9f2c615ab2acc8198225b3339e117310f417a5830a363087b63b1c84515a7148ff94b0e5136bd61014ed3ee52

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
7a0f3957e7af4d671e20dc8a7208bf57

SHA1
705292df936e5135b2ce3def1406f678c6db42e2

SHA256
9af0d99345de6731264c0e67397b1b131edb72beb08ed25fbaccea1094d847bf

SHA512
bf6c780de9abeacc771e4073dac8ddd0ab8723098f8d4304300a4b2c740529a078027e2a966831a4901cfb89e6f3f2d21bff5aca11897e7f708b908fd1a68206

Download Submit