d9df98e040b3c9539961518ca58d10377b9debd204a81d17e18dc5a44bec843d

Analysis

max time kernel
137s
max time network
135s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
30-06-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d9df98e040b3c9539961518ca58d10377b9debd204a81d17e18dc5a44bec843d.apk
Size

1.8MB
MD5

be51439499a88c59a614f62bec25f6ba
SHA1

f86b7a0124b871ece97c00b50d552d5045951bf9
SHA256

d9df98e040b3c9539961518ca58d10377b9debd204a81d17e18dc5a44bec843d
SHA512

d36185b6c7c6ca7593c446af2e5549fa16bfe1a83719d90f96e732b6ededc9d95bd018c495fd4590000169ef0e17c13c5943b337ffc7908b3a0f273974ac5e70
SSDEEP

24576:VY1JtfmsTMkxsVcQKLaL/+xh31Zs0qVDfTIqjTsjM1BEc79w2P5GlcOyPzIz2h1p:VY1WsAkquRL+/+L3LqZLItjKdc2B

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:5052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
76af94e7f400150caac3bb69a87bbdda

SHA1
dc16802b06121c8d81dd97eb53ed6e78080a48de

SHA256
5810a0a49486e0b9772a54cf201a7b06208056db02215806ed4d5e30c46ef6be

SHA512
8fcaade40dc797135bbe2400fc91ac3009c42e93fb72ef4e30d5ecbf42177f8b1f2cb7bffb50993ae67b8bdebc6a8e504831ba19e64bacd0ccc5cc9b081f4221

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
56fa34a699abfd2dbb0d02068d707cf4

SHA1
78c5ac413696b007990d308897c8a9a4ef66c532

SHA256
921f0e0e8b35a3c346892da5698ea87f92e5d1bf5dbb370737e25fdef8d96c81

SHA512
ae3177a9b2857a7f5d5ba23f9464b88ebd7299ced64f8889ca30975a752285cc0c442a1f2e04d98c7f31e42d200c8bede008f8ceb15ad388822136f3513dce8a

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
30e8f9f0d065da376c5f929b00d66d99

SHA1
30e1cf6db1af33a5179c7c2bd00ee5f3e1176433

SHA256
6f1a126d9dc2045a00e1b20c233ca64d1d86bea7c005f01392d9cd8ad9aa53ce

SHA512
d5c0489bb984bc30ff90fc2455d2cb39b7c202d9f2c615ab2acc8198225b3339e117310f417a5830a363087b63b1c84515a7148ff94b0e5136bd61014ed3ee52

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
0d6fae29801b1575d8389f7f74cc4c75

SHA1
c08409167f57d26259da9ca9db0d712cb171e1d9

SHA256
9cfe62845aa6201721795fd31e74b1d43a62e655b4db767b88def55e6e6f9d6e

SHA512
aa7ef23dd831965f40de1c8fbddcfdf220d6996e094870edffe6317245ff4a957816aabce8b92b90e14b034cb85ee2bef0e60f833be178bcf9e83f47c87c835a

Download Submit