34f27ea17a302b45b64db6ce03b9d284c5b5b812b7901a4081d4e6e2a24cac2c

Analysis

max time kernel
139s
max time network
148s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
03-07-2024 22:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

34f27ea17a302b45b64db6ce03b9d284c5b5b812b7901a4081d4e6e2a24cac2c.apk
Size

2.0MB
MD5

a164dc94e92ea935cd40918dc712604c
SHA1

1e33f856c70bdda3924ce60b7345e2b7e94a9442
SHA256

34f27ea17a302b45b64db6ce03b9d284c5b5b812b7901a4081d4e6e2a24cac2c
SHA512

60325af75a32fe92374ce9ae998ddb9d94e54a5e26e07763bd8239748404101d15044a2ed577f9c7da3ec092415f5a65fac4dd40555c4e4e303800cbf20ce599
SSDEEP

49152:TY18+RjKP2gMaDKzL1G0pujYvUJenSH0+:CRSVKzL16Uvz2

Score

7^/10

collection credential_access evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

collection evasion credential_access

Processes:

org.zzzz.aaa

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	org.zzzz.aaa
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	org.zzzz.aaa

org.zzzz.aaa
1⤵
- Makes use of the framework's Accessibility service
PID:5005

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.zzzz.aaa/files/profileInstalled
Filesize
24B

MD5
212a9629571b803d9ebdce2743d52f1d

SHA1
3d83896d092903702b410e608e63ee47d4ea426c

SHA256
5a6ed2e42806141b15506401c0a269aa87e00e698f27500dded12c8e912036de

SHA512
5ee3d6874c696b7e7ef44eac1e8a05a704cd56ad8cb4dd1a2ae8d4476b0b22f908b1330049aa6f1d0310a2a5289832f5a16440fcafca57bcb7e2ab4f4d11d5d1

Download Submit
/data/data/org.zzzz.aaa/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
2713fad2006cf8591924b0361baea6b5

SHA1
3fdcbfd2a889853e57390218624df77d6a250b2f

SHA256
634a2bb86ddc581fc05c90db943391da44b9fbb49150a40437d727dcac940c27

SHA512
70241a806e666a14817db7d52bbe0bd217ee443919b1db2d7899aa0584d7f755488f5934efd4a8e8b8b44f31c1b2b808d8e48b998a302b273fc60a5b22fe1ec5

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
1KB

MD5
fc2dd91999a4738081038b9e8b968131

SHA1
2dc1d95421f4a02f8aa319dfd834802121ce773f

SHA256
4c5094084345cca53f7207446630b9859532b255a3a6e37475440fb6bdd263dd

SHA512
9bcf8d84bd7e33335bb8a2fdcc7fec25ceccc3ac506e9cca59a5c71fb018bbb35d37a2ce927cd6ea082c6a23a98fee42c87dbde09ed9dcdc4846c432c4479360

Download Submit
/data/misc/profiles/cur/0/org.zzzz.aaa/primary.prof
Filesize
2KB

MD5
8367586d5c7b23b5b3b9c54f85faf1b2

SHA1
3f3c14172dc1e9fd127aa8e6a44ccb7066461b67

SHA256
bcfb33c57999834ee5970c081359bd7c92834a20a7743615dde03a2d8c93bdd1

SHA512
46015cf6ee514af294fea67ce8a61abca1961666bfb7971f98a75a0246f664597bfbf9058921cfcf8de886f24d779cef723b7c97d4df1a87f96be9400641b1b4

Download Submit