0ad737848a03c5c39a08a79f8b871859f7824ee19917deb590deaefeaffd8bc8

Resubmissions

14-06-2021 19:17

210614-dz7janzdx6 8

14-06-2021 18:48

210614-6tyympk936 8

Analysis

max time kernel
198930s
max time network
163s
platform
android_x64
resource
android-x64-arm64
submitted
14-06-2021 18:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ad737848a03c5c39a08a79f8b871859f7824ee19917deb590deaefeaffd8bc8.apk
Size

1.1MB
MD5

c7f023e73ce2fc19f0f4d4a591c20567
SHA1

9c2d059a280f738fb0c9bfaf65ebced27fc5c7a5
SHA256

0ad737848a03c5c39a08a79f8b871859f7824ee19917deb590deaefeaffd8bc8
SHA512

2f2fedd995625c3f666b8e8ed64d83ecd7ff929aba178e5a08d8b7363d43b2a18b4c0b3e6ad540fdba795a724f47c01a27659003944f458a435247b96b1333c1

Score

7^/10

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description ioc process

Accessed system property key: ro.product.model iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description	ioc	process
Accessed system property	key: ro.product.model	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

ioc	pid	process
/product/app/TrichromeLibrary/TrichromeLibrary.apk	4139	iqqgvtb.bcyindziyckutotnchpw.fddgdwak
/product/app/TrichromeLibrary/TrichromeLibrary.apk	4139	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

Reads serial number of SIM 1 IoCs

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description ioc process

Framework API call android.telephony.TelephonyManager.getSimSerialNumber iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getSimSerialNumber	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

iqqgvtb.bcyindziyckutotnchpw.fddgdwak
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Reads serial number of SIM
PID:4139

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/.com.google.Chrome.YOcpqr

MD5
8b0b3a31ef77337ac706dfb20ca19e4b

SHA1
d609b57a26641c5183e7c0cf19b315228a54fccf

SHA256
ca0f2aad28e20ace913174a96d8955b4d34de706f31a83b23ac6763e96120acf

SHA512
64a3da672441e11beffa5715681152fcfb68af3eafea2626ef5281642f45769bd702327dc62cec325c068818732c5eb0941b91d0a48ff0462ad18d253dda93fc

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/Default/GPUCache/index

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/Default/GPUCache/index-dir/temp-index

MD5
fccec49ae7a9bb2aef9723a797740053

SHA1
53f184d6f8c26e2817ed4fa8fc9833afe41990c8

SHA256
0c7ee185fbf8c537843446c90fc983f482de1d6568f344887df72deff75faa13

SHA512
20bff8702fd049c6c3e30d90d5239c209f8522de121a60c188a31b4ceba6830abb768f1eb5ec7607070e0d2e4bfe06e4fd5b47d2f0d9eff724ca7cc4c443082a

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/Default/Web Data

MD5
536e58581641e767a8bf8eca3b8cde9e

SHA1
750a88189322e36147068f1c585f02163ff3a388

SHA256
3ba04fa6622801be4e625176b175ff75caf19c8966c13418bf1433433eefa1a0

SHA512
498da0911c702bc683cf153ce9b66044642378eafb79bffe0afd7f7460bd12a4c9bb424e1606550d8bbfb25dede34b5ad6ad1f7ee698c8d5ff67208625612319

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/Default/Web Data-journal

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/webview_data.lock

MD5
86ce7fd177a9475642ef9a8b7ea4f390

SHA1
3152abc2d84f23ead59e06b877d303fbe4a6c7f6

SHA256
85b0a964950f80500cbdf9c432f8fd3b6e738f4840cf97cfb4455bbb551988e4

SHA512
6acd285230711ab1651a8c556f21b9e8108a36ee9d3468665086e013bc6c8f48de3f0339c98a2f9fc1df12c7ed46065cbdd663b527eac4f047a5133d8b655265

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/Crashpad/settings.dat

MD5
54e9fc9c7119b7523dfdde0775d66f9e

SHA1
ad2a11e7cbba7dae43f78feb3674b25ee7b8e742

SHA256
63d196aa279c704b7e53e6b8845afb33ba695a2271f510a09b10b2a95b95494b

SHA512
0afa50aac0fef64974f47e13d16491e7cb32cda64ec6003f52b4453692c225b52697b830d48d95c1959a9e66268f5434766723d590d8d2a77e6d03c07bc31201

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/Default/HTTP Cache/Code Cache/js/index

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/font_unique_name_table.pb

MD5
b18833d483828180924a6d4048fca1a0

SHA1
d7edde78cc26221c9455a87ca3eca8960b6673a8

SHA256
d9c4ea0a7c399884f8a908a33a4d675a64b557b50916e62ab96fa2213e6d4801

SHA512
11e6bf7e067884138dcd6908e311321a9eca1e4926323f49736f9dfdebd4b548064beacc356f78e3f32a99769109b154e145ef1162e6a9547aca878f0dd4ee7c

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/WebViewChromiumPrefs.xml

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/bugaga.xml

MD5
99b4501719f9c1e0783348fc5a05e14c

SHA1
035f13b0d93be2ea561afaed71957b88b9aadaa2

SHA256
eb7e881e0eb71deb538336fef467942573b8fa243af6742dc4daaa75b4e0c7d1

SHA512
16cbc1894958fa463a85c6cfc5ad8f2fe350c5241a2a6cbad61d5b2c2a1d784fab846f2a384092b0418c0032c0b4866acdc0ee2c0dd4caa6626a56906152b1d2

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/bugaga.xml

MD5
8e55ae04f759799d07701a4a273cb272

SHA1
833e89c7ee759bef1a0e5ffe12f2df84605f40aa

SHA256
6ec821dc416a674e8797778fc5d6caa7401d56c2c247017680675e7bf64f750a

SHA512
5377e8b83be0963b3a1eeb0ec485cf6b069cdb34a6d04bc3fd5ba2394258a2856b112b2a0e9abd9fbaaa34e40c078d08ea7bb81579720992b2feb0abd3bd7bf5

Download Submit
/product/app/TrichromeLibrary/TrichromeLibrary.apk

MD5
39528daeaf7245ec0be5c52098c44a95

SHA1
e10152848a684f53e9dc35c38d99ff0add509227

SHA256
4d59ccc291c4f9a6170a14baa457d50111354c8ee389043b6b40b08092da835b

SHA512
fa5ea98f323a05d2da2934021cd42f3791cb9c11a391ff0d026bf66a1af48f008c465f8eaa1580949c125cb758b16f47efece125919bda440876dbb843dc3e09

Download Submit
/product/app/TrichromeLibrary/TrichromeLibrary.apk

MD5
39528daeaf7245ec0be5c52098c44a95

SHA1
e10152848a684f53e9dc35c38d99ff0add509227

SHA256
4d59ccc291c4f9a6170a14baa457d50111354c8ee389043b6b40b08092da835b

SHA512
fa5ea98f323a05d2da2934021cd42f3791cb9c11a391ff0d026bf66a1af48f008c465f8eaa1580949c125cb758b16f47efece125919bda440876dbb843dc3e09

Download Submit