0d4b7a8bf35bcd10d324f05c94ed0b9e5367d57d4501d8dd678cc92f7c9073ca

Analysis

max time kernel
199274s
max time network
164s
platform
android_x64
resource
android-x64-arm64
submitted
14-06-2021 18:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0d4b7a8bf35bcd10d324f05c94ed0b9e5367d57d4501d8dd678cc92f7c9073ca.apk
Size

603KB
MD5

68dae9b07711e02ef8e588e2f20f9533
SHA1

75cf6e5e15abf75bf68c6ef6b9c44d08ae1f3cd3
SHA256

0d4b7a8bf35bcd10d324f05c94ed0b9e5367d57d4501d8dd678cc92f7c9073ca
SHA512

77d1cb3e07bce13ed69efa57e8b89047c22ce9c08c67868e178a977c495f224042471f40de6a93d769da6a8f00ca3a38804cb88891db039d2c328b49ad295946

Score

7^/10

obfuscation

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

Processes:

com.gammalab.chessopenings

description ioc process

Accessed system property key: ro.product.model com.gammalab.chessopenings

description	ioc	process
Accessed system property	key: ro.product.model	com.gammalab.chessopenings

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.gammalab.chessopenings

ioc	pid	process
/product/app/TrichromeLibrary/TrichromeLibrary.apk	3925	com.gammalab.chessopenings
/product/app/TrichromeLibrary/TrichromeLibrary.apk	3925	com.gammalab.chessopenings

Uses reflection 4 IoCs

obfuscation

Processes:

com.gammalab.chessopenings

description	pid	process
Invokes method dalvik.system.CloseGuard.get	3925	com.gammalab.chessopenings
Invokes method dalvik.system.CloseGuard.open	3925	com.gammalab.chessopenings
Invokes method android.security.NetworkSecurityPolicy.getInstance	3925	com.gammalab.chessopenings
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	3925	com.gammalab.chessopenings

com.gammalab.chessopenings
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Uses reflection
PID:3925

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.gammalab.chessopenings/app_webview/.com.google.Chrome.6YsexZ
MD5
dfeecd199e1808af0aec9535c796f1be

SHA1
61c41b7488c2b3644ecd46c0cc62e88ed736e8ea

SHA256
1ff454e6f37341c13f22e3b83df836b6a75aaa04d327e4ea8813ecd7ecaeffa3

SHA512
0a69209cc5961015310774d0180a48c2972a26981a545d8d067b6c3e886d1322a8939f51553555a5d06c1acc781c83d7333294fa7225e00a44f55c901ef50ea3

Download Submit
/data/user/0/com.gammalab.chessopenings/app_webview/Default/Web Data
MD5
536e58581641e767a8bf8eca3b8cde9e

SHA1
750a88189322e36147068f1c585f02163ff3a388

SHA256
3ba04fa6622801be4e625176b175ff75caf19c8966c13418bf1433433eefa1a0

SHA512
498da0911c702bc683cf153ce9b66044642378eafb79bffe0afd7f7460bd12a4c9bb424e1606550d8bbfb25dede34b5ad6ad1f7ee698c8d5ff67208625612319

Download Submit
/data/user/0/com.gammalab.chessopenings/app_webview/Default/Web Data-journal
MD5
3ba1c8967618f56fae176807962ad47c

SHA1
e8a21d93e56fa74a5603d99fe6e222606af9e5b0

SHA256
21fdf34fc27e7cc74ee8f956d44e99786c87bfb7c145e3ebd06a4c6ade89ba94

SHA512
f50cc72df4eba69bc9b66ad326c141ca3e14dfbf663aa4b7e2857f85e8c3fb4a3ca35f0451c22967dc15072c78ba047c5f29996b14a26140f875096ea9ca9e47

Download Submit
/data/user/0/com.gammalab.chessopenings/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.gammalab.chessopenings/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.gammalab.chessopenings/app_webview/webview_data.lock
MD5
39eb6470753cb4554df011b21f97007b

SHA1
02ee5a930d424290fe072fa40ef760f1745f18b2

SHA256
8fb41d79eb3446113e4fe3fb732063b082b097bbd4092c964c97a90d5a3035e2

SHA512
867284860640a3561425b24d2326afd0e0652f262cae5747c219109dd1580c82753d58b4ba297a26aad610032f15ba8a96b52983d8ae374517f613d206ad6110

Download Submit
/data/user/0/com.gammalab.chessopenings/cache/WebView/Crashpad/settings.dat
MD5
e8def6164a27eb04a1253fdf9e6c2ff9

SHA1
e3363f08356197054108072d03fb266dcc2a0ac6

SHA256
79e0ec3fcff5a9f2ab2404bf04f2f5a1ef99994890625b1e1be7ec6f59b83fbd

SHA512
1c889720e5a9b72f0be98a75ce0b0242346bdaad8d26839b7d0bcb4d46c22e874f86b4b26bf336fd8ac26dd5c7f3c673cc20c9c0e5787ca10ed752bcd37cd66f

Download Submit
/data/user/0/com.gammalab.chessopenings/cache/WebView/Default/HTTP Cache/Code Cache/js/index
MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
/data/user/0/com.gammalab.chessopenings/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.gammalab.chessopenings/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index
MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
/data/user/0/com.gammalab.chessopenings/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.gammalab.chessopenings/cache/WebView/font_unique_name_table.pb
MD5
b18833d483828180924a6d4048fca1a0

SHA1
d7edde78cc26221c9455a87ca3eca8960b6673a8

SHA256
d9c4ea0a7c399884f8a908a33a4d675a64b557b50916e62ab96fa2213e6d4801

SHA512
11e6bf7e067884138dcd6908e311321a9eca1e4926323f49736f9dfdebd4b548064beacc356f78e3f32a99769109b154e145ef1162e6a9547aca878f0dd4ee7c

Download Submit
/data/user/0/com.gammalab.chessopenings/files/Config
MD5
27ba19805d52e788ce7ee21d6f82137c

SHA1
36bd2c6b725254b966fb8fef828b4f6f9e41d283

SHA256
c4fb4c4feb09b15b40b6334bccfac10657db63fc94b0043b35cc7173b43993bd

SHA512
c35fe911c13605de5441b5829a925e433bdd8b64c4d076562b07c8d3d6f2ed8bd72273fa7eecb17b946d4ef2584d550d4ac67871822b986f7529c014b0def34c

Download Submit
/data/user/0/com.gammalab.chessopenings/files/Timer
MD5
9cbcf64d2c258023793327a6754eb79c

SHA1
77737788f54e15d23ddbd253e457c8632ba6e1d3

SHA256
60be9c52ad40d315c7a41f3115227d1b982e87372f12c5fbefa3675dcc7baf1b

SHA512
4e3df8bc3d09bb98b2a39716eac364dee54d459d1eebcc572cfc132629965cb686653386311dfe94591f6b86f01a2f97eff021da71da9c4fc18aaa4f023eb208

Download Submit
/data/user/0/com.gammalab.chessopenings/shared_prefs/WebViewChromiumPrefs.xml
MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/product/app/TrichromeLibrary/TrichromeLibrary.apk
MD5
39528daeaf7245ec0be5c52098c44a95

SHA1
e10152848a684f53e9dc35c38d99ff0add509227

SHA256
4d59ccc291c4f9a6170a14baa457d50111354c8ee389043b6b40b08092da835b

SHA512
fa5ea98f323a05d2da2934021cd42f3791cb9c11a391ff0d026bf66a1af48f008c465f8eaa1580949c125cb758b16f47efece125919bda440876dbb843dc3e09

Download Submit
/product/app/TrichromeLibrary/TrichromeLibrary.apk
MD5
39528daeaf7245ec0be5c52098c44a95

SHA1
e10152848a684f53e9dc35c38d99ff0add509227

SHA256
4d59ccc291c4f9a6170a14baa457d50111354c8ee389043b6b40b08092da835b

SHA512
fa5ea98f323a05d2da2934021cd42f3791cb9c11a391ff0d026bf66a1af48f008c465f8eaa1580949c125cb758b16f47efece125919bda440876dbb843dc3e09

Download Submit