0ad737848a03c5c39a08a79f8b871859f7824ee19917deb590deaefeaffd8bc8

Resubmissions

14-06-2021 19:17

210614-dz7janzdx6 8

14-06-2021 18:48

210614-6tyympk936 8

Analysis

max time kernel
200746s
max time network
46s
platform
android_x64
resource
android-x64
submitted
14-06-2021 19:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ad737848a03c5c39a08a79f8b871859f7824ee19917deb590deaefeaffd8bc8.apk
Size

1.1MB
MD5

c7f023e73ce2fc19f0f4d4a591c20567
SHA1

9c2d059a280f738fb0c9bfaf65ebced27fc5c7a5
SHA256

0ad737848a03c5c39a08a79f8b871859f7824ee19917deb590deaefeaffd8bc8
SHA512

2f2fedd995625c3f666b8e8ed64d83ecd7ff929aba178e5a08d8b7363d43b2a18b4c0b3e6ad540fdba795a724f47c01a27659003944f458a435247b96b1333c1

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

ioc	pid	process
/product/app/webview/webview.apk	3658	iqqgvtb.bcyindziyckutotnchpw.fddgdwak
/product/app/webview/webview.apk	3658	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

Reads name of network operator 1 IoCs
Uses Android APIs to discover system information.

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description ioc process

Framework API call android.telephony.TelephonyManager.getNetworkOperatorName iqqgvtb.bcyindziyckutotnchpw.fddgdwak
Reads serial number of SIM 1 IoCs

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description ioc process

Framework API call android.telephony.TelephonyManager.getSimSerialNumber iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getNetworkOperatorName	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getSimSerialNumber	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

Uses reflection 4 IoCs

obfuscation

Processes:

iqqgvtb.bcyindziyckutotnchpw.fddgdwak

description	pid	process
Invokes method android.content.Context.bindServiceAsUser	3658	iqqgvtb.bcyindziyckutotnchpw.fddgdwak
Invokes method android.content.Context.bindServiceAsUser	3658	iqqgvtb.bcyindziyckutotnchpw.fddgdwak
Invokes method android.content.Context.bindServiceAsUser	3658	iqqgvtb.bcyindziyckutotnchpw.fddgdwak
Invokes method android.net.Uri.parse	3658	iqqgvtb.bcyindziyckutotnchpw.fddgdwak

iqqgvtb.bcyindziyckutotnchpw.fddgdwak
1⤵
- Loads dropped Dex/Jar
- Reads name of network operator
- Reads serial number of SIM
- Uses reflection
PID:3658

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/.org.chromium.Chromium.rVtZE1

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/GPUCache/index

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/GPUCache/index-dir/temp-index

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/Web Data

MD5
dfea4f9a562d22c658ec695eca31ea04

SHA1
2e48be6baf86078d93f14fc38fe9f395c1c54261

SHA256
a01b4f35e09bbcdf9753512d4d3ac0b82c8e2f09e2176fa4a5c2523909795b2b

SHA512
8e0aab3c5f29a8737b4713b4a1622aa71b3574feabfb41a098f1326b80472c3fea053e759036c44df71aee1a8a1e9caf93f17a9eec88ab278062d7ed48907789

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/Web Data-journal

MD5
94f74e05fad1ae8d295ced19abed143c

SHA1
49e8af68d397b8fe4f761af577bf8abeccada64d

SHA256
2d0e2e8554afe01069eadfc31fd50ee9c1c40c62ffbff77725af4752ee19f9fe

SHA512
d85d77c783f6b7e4929767a38754ef5532ad62197a4e41a2040d92256f6cda8bc97621a04b3ffc51cce86d09e99b50fe4b3b834da933e5e19303ec871b0c70c1

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/metrics_guid

MD5
bfbcf5267a0ce9a6b832281c54824063

SHA1
2dd69905023b2b1bd7973349194eeebe4fa1d1d9

SHA256
dd001281694477645ea8fd890caf00ec26ebde14fd9387973b1f4ebdca91cc12

SHA512
a0f5b57a6f9533e3bf849c1d41cb6f860e19ab502d44c6cd267691bfdacbb3071bc04bddd6c6676ef7aab85eb70c53854bb2bc1a49d201c26453697f7c4f4342

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/metrics_guid

MD5
bfbcf5267a0ce9a6b832281c54824063

SHA1
2dd69905023b2b1bd7973349194eeebe4fa1d1d9

SHA256
dd001281694477645ea8fd890caf00ec26ebde14fd9387973b1f4ebdca91cc12

SHA512
a0f5b57a6f9533e3bf849c1d41cb6f860e19ab502d44c6cd267691bfdacbb3071bc04bddd6c6676ef7aab85eb70c53854bb2bc1a49d201c26453697f7c4f4342

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/app_webview/webview_data.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/WebView/Crashpad/settings.dat

MD5
d887d4270f55d3fb8d12402fccf7ce90

SHA1
e0613f9aacaf67174a76113ac001529a3f52f6f0

SHA256
07eff6cfe3aff306c6ae2ac7f992c49023e37aafa18a55a0f71fcef5290f995e

SHA512
ca51a597b24f20732e9a00d14cb17dfb4c4762b867efe5561df02605da27a05e55fdafd3cd97807db2e5a3e618483adc6bf3f57049b8e2b6cf3b33c2556ebc5b

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/org.chromium.android_webview/Code Cache/js/index

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

MD5
485fd0339702fc77d8a5e5ed29d79c50

SHA1
b9c7309734acf817391508804090c01d7b59e2d9

SHA256
6b19c6d02cb0a73bf867b5b76b234aecdcdf7eec632a753e518bc1345966b100

SHA512
6aee79de5cb9c1cec88ddf0f9f68d890785a24281757215d8f293a1eb65349dbf8c490d69a618defd8139a59e544ceee4c466eb4b00346ea8c1c280c32842b48

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/WebViewChromiumPrefs.xml

MD5
1357a1d7af06755d561a7ed916373baf

SHA1
4a0a0d8b4b81bba92924dd7cf53a44d438312729

SHA256
647f3960ac648b24a8d9fa17f93f625437bd6f385636c56f10fefdd9cd447597

SHA512
61f15a595e21cb7cbf0b1a5268da72b39ce767e43195b4b1a607125e6e1d3237aa382cffbeb122bee9111f01a61ed4aebc2bef6fa646891f43154b01c32d05d4

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/bugaga.xml

MD5
cb4ece1152299b784abde7749c0b1473

SHA1
eae5efea073c355756e7b2d9ca4772d9804646be

SHA256
fcfe9e2f737ed70a2e90cc352ca7cbfb68024de371a14127c3192cda02c43b2f

SHA512
bfa2021c08f387ad70af0df49b91ea982d7f3a3cd17772eff01331ee50a0b0b5abf969b9727c6bbdbe37aac8e9ce803e1df650f21cc8950be64465162cf2c24d

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/bugaga.xml

MD5
915e40b10536715e3e212566e48e0e80

SHA1
1511f7804ebb2f9189a68c89fc354c2a71924214

SHA256
bcb238a02390e431ac3b38bafe214f05374eabd80abde2b2bc6aa6ba7932d505

SHA512
1e91b3adf45064f9c0ecdfdde616b2753168ccb09f92e7ae37e1cf12fc498b695daee19cc2185dade3f00270222bb6f47a4ad361f91c30ec2e19180b9af21278

Download Submit
/data/user/0/iqqgvtb.bcyindziyckutotnchpw.fddgdwak/shared_prefs/bugaga.xml

MD5
5c6e3b6e05b732770ecbe53261ba4c04

SHA1
2997ed7cf33e48fcc3b0f8718a4f37f222ba6129

SHA256
2f60e0c91c133f6b2ebbbb00eae7f7194e407a9d5ef338ca70651844f6cd5696

SHA512
3cf640f0ae9ea42521a28593b2f99e8421fcbc77096b0b62b81a46508a49cef9d77118451e8aa834fc031ee5e2cb054a9a9ff47e2efcd1b53cbde08fb1d3578c

Download Submit
/product/app/webview/webview.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/product/app/webview/webview.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit