62edd681bc2ca0192ad1290ff14a65a507418df74e07ebcc2222432847b1ee24

Analysis

max time kernel
127s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
30-06-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

62edd681bc2ca0192ad1290ff14a65a507418df74e07ebcc2222432847b1ee24.apk
Size

1.8MB
MD5

1c12d0bca98b75364a883aad0e537be2
SHA1

599d2ec3e9716e182e930c91d685c83ab911cfd5
SHA256

62edd681bc2ca0192ad1290ff14a65a507418df74e07ebcc2222432847b1ee24
SHA512

0685c3391e9dc7d503ce43fabbe4a9883a2416a62c35e8d38ddcd086078a62da2b05aba3009c23292831a89a4094daeb1fafe9297cddbfbef85f9be5044e04ce
SSDEEP

49152:UY1K80SgiuWt0QAUAyD5SRtIlzFvb0Auh:YZS3t0n94SMlzFIAk

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:4255

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
4a53a3b830d5a7913d95ece362cf1e68

SHA1
e9667e519f961ef20b829ad2c7545f14ee1919aa

SHA256
d5f2fc0178c5b489e16467b21f4c2a02f605f1167b3f23f9d98c64b99a1a8d28

SHA512
b9e8b44dd7ead3ef2e2115a2b43cf4a773d33096b7f44a4513307a587e25f2be852b1a12f8d5ad8737a1958f6fc7ff98f7f233b26fc9d73106358914cdb8879b

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
a8e635c7f8ca924dec85e2a9541fdb76

SHA1
c9667d3fbacf52113377e5b886656d165c257702

SHA256
ac5d832feb507041c5ee431ba81bf5de24cd46ed36f06fcdea0924a45c529c86

SHA512
9d764c0698906cd4e2389a7cc46ef1bfe2df60efc23432ecd14b2e83fb3290c710e16c44e87189ca0954b3a14625aee4855e1ecef66c8eedf2b53d40f99a3636

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
185e15460b52cadea98c630f25a806d5

SHA1
2425571ee6b4bc8935986dd144ff1ab93eaea513

SHA256
c1880c0160d9d693ce0e561ffc732a839b68af08b7ae1ac07f9bce2be6c4c019

SHA512
18ab22132d95c9f99c2071e9de6a17591270c5caf4e0b12415740b26c227f291ff0a440a3583b25272e87b1c21a9ed9e9fd90bb04db2515420562a525c5a9c05

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
f22490ca71f1e1712eff9c630e17d909

SHA1
eb62c01f66bdbb02de515728cbb5c23a1f94a987

SHA256
e3889451646f3b4998699ebbcd85e03a1780efe23aebdaaf2ed1822c55e1830c

SHA512
a33833ea38ced42c7595bedcc976da699493c801916af98b24efe646f3592ac01ea8c8e435d57ffd06a5a9dc85f7d1f11fa8535ef0d6c79ccac8767136cad22b

Download Submit