Analysis
-
max time kernel
1435796s -
max time network
156s -
platform
android_x64 -
resource
android-x64 -
submitted
29-06-2021 02:23
Static task
static1
Behavioral task
behavioral1
Sample
ibk.apk
Resource
android-x64
General
-
Target
ibk.apk
-
Size
7.3MB
-
MD5
2237e4ac4e2bc5d7c0454321a621dc88
-
SHA1
952fedeed6f8ad4670319bb3bc3477f6fe5927f0
-
SHA256
f76f91b69d7437f98999a301b9173ad3b39c7660ad62c3a5b02ee0f5694a64ef
-
SHA512
4f2d856a093ced08f127e0c8f12b9fbc2f174afcabd6822b7661c21ee70855fb1aaf91adb4dfb71b06d835207100c6bc67f554ec7c57bc1d5302d266f3358bef
Malware Config
Signatures
-
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
net.fourtwentyfive.tek.views202106089ioc pid process /product/app/webview/webview.apk 3576 net.fourtwentyfive.tek.views202106089 /product/app/webview/webview.apk 3576 net.fourtwentyfive.tek.views202106089 -
Reads name of network operator 1 IoCs
Uses Android APIs to discover system information.
Processes:
net.fourtwentyfive.tek.views202106089description ioc process Framework API call android.telephony.TelephonyManager.getNetworkOperatorName net.fourtwentyfive.tek.views202106089 -
Reads serial number of SIM 1 IoCs
Processes:
net.fourtwentyfive.tek.views202106089description ioc process Framework API call android.telephony.TelephonyManager.getSimSerialNumber net.fourtwentyfive.tek.views202106089 -
Uses reflection 2 IoCs
Processes:
net.fourtwentyfive.tek.views202106089description pid process Invokes method android.content.Context.bindServiceAsUser 3576 net.fourtwentyfive.tek.views202106089 Invokes method android.content.Context.bindServiceAsUser 3576 net.fourtwentyfive.tek.views202106089
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/Web DataMD5
dfea4f9a562d22c658ec695eca31ea04
SHA12e48be6baf86078d93f14fc38fe9f395c1c54261
SHA256a01b4f35e09bbcdf9753512d4d3ac0b82c8e2f09e2176fa4a5c2523909795b2b
SHA5128e0aab3c5f29a8737b4713b4a1622aa71b3574feabfb41a098f1326b80472c3fea053e759036c44df71aee1a8a1e9caf93f17a9eec88ab278062d7ed48907789
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/Web Data-journalMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/metrics_guidMD5
152725fdec5f998264c844f8da60a0f8
SHA14871a7890536c8edd077def27b6d63fa78144751
SHA25603016494251c45c966ef291e23f9ef7f73c7bf9d9166053befefaa52bf0d0db2
SHA512ded88fc37dc733386f6ed3333c794d23f650ddfe2147ea1a72c8a3c9a48da522ba67e8d5477b5bd4e6e719fb511f535aa9089466da72d897e139c3405774b99c
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/metrics_guidMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/variations_seed_newMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/variations_stampMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/net.fourtwentyfive.tek.views202106089/app_webview/webview_data.lockMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/net.fourtwentyfive.tek.views202106089/cache/WebView/Crashpad/settings.datMD5
c3000f5a2fcec6acb149c125342a85a9
SHA1d7c481d222cf9b4717860f501f4e808fca3f4bed
SHA256ad2668ccd6bda468ab4d4f9763786c5f55dc8626427312609f5003772fc08dce
SHA512ad16c81af60f0847175d10e20fdf44bc5515d0e15000e9186f920a8baf8d849b6f3aa051be9808ad360413b0b51c2aa41a512bb38586cd0150ce729c58835745
-
/data/user/0/net.fourtwentyfive.tek.views202106089/cache/org.chromium.android_webview/Code Cache/js/indexMD5
54cb446f628b2ea4a5bce5769910512e
SHA1c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA5128f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0
-
/data/user/0/net.fourtwentyfive.tek.views202106089/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-indexMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/net.fourtwentyfive.tek.views202106089/databases/db.dbMD5
516619a994fec0ddba534a8bad8cef8a
SHA10b3493a796971a4e8e2de0dcf03ce558d5bea9bc
SHA2564e29b6ee21c997a5c6ce901c024d8c612944e22f90dd348e868ea901e3b9ead9
SHA512be33f7ba4c3757e156aa674cdddb4e0252c7f8db9efc2ace18f68449768cda20ed36743c305c61ec0de1078c4416052c4d25e62de2e74f2eacd17f3670b334ca
-
/data/user/0/net.fourtwentyfive.tek.views202106089/databases/db.db-journalMD5
059aa51e6df6733745294d849da3ac8e
SHA1f7af4410ff9c6eb29592de6b0977c512e0e8117c
SHA256c346af4b299199cc67414688610ed7c26f1bed3167d88daee9da556b894a7c80
SHA51216fddb78a26ab365e3855517a98beaac3b9094ff7d239b26abca275c142a0f059d7d60dd926ec8c5bb5188ce08fc5991eab79784dbe6421ced93181d8cc08d79
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/WebViewChromiumPrefs.xmlMD5
1357a1d7af06755d561a7ed916373baf
SHA14a0a0d8b4b81bba92924dd7cf53a44d438312729
SHA256647f3960ac648b24a8d9fa17f93f625437bd6f385636c56f10fefdd9cd447597
SHA51261f15a595e21cb7cbf0b1a5268da72b39ce767e43195b4b1a607125e6e1d3237aa382cffbeb122bee9111f01a61ed4aebc2bef6fa646891f43154b01c32d05d4
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/com.google.android.gms.measurement.prefs.xmlMD5
250b4caeba60ddf53228405750ba66ca
SHA1422ab714feb34e9f3b4f1cbe669887bcd581ddb1
SHA2562478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e
SHA512373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/com.google.android.gms.measurement.prefs.xmlMD5
2c1aa6aba4ae2a872a7d9ff1cf566c40
SHA177f39edc62faa287aa0119fd020fc2c0afa6c1c5
SHA2564dc0a55c9801130ab71819182c3e129a351ea7340dfc419b03ecb2036ec6de66
SHA512335580ea4fbb2e83034a0972906ff1d040b3c5a01c0f91b43fbba5964d467358889755123facc42688629d84b1e9e8465640a4424daf63423fde76ef3805b105
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/com.google.android.gms.measurement.prefs.xmlMD5
26ae0502b42275e9b6cb47c22d90a725
SHA111bad57ac9521a5a35c50e18139276a0bf9c3a36
SHA256f4fe512068715c635e52d9212d9e88e1e03ac47214bebdee13dd173bdb49a3b1
SHA5121d0f397438719bd905ca29898bfd6b2581b45e5f6f3192267453da41a51ed56bb7a337bea3caf4822fe315e366320fcab93aef7b1e15169edf46e33599fee53c
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/config.xmlMD5
18c24b95ee71b1861bf4fa2ca0d852c3
SHA1b7f15c09648d060e1b147cad844f37aa67133334
SHA256b59e3b2215cbb7460de2414f94867c4be6a89ce5fb3757eb5d816f58266ff9bf
SHA5121199959de61eefdbc7ad1465aaf3586e60c45a1b6c00a0cc81b0e76012d1730bdb79afe8d5950232a0de1ed9e86876ea2a3311d6e92e25927e2edd62cdc5238b
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/defaultDialer.xmlMD5
08e9a0e3b4c1ad56f3e45ba52b45ac37
SHA1222b3fe96b54fd63b4422a02e84c4d48e0764b95
SHA256588d8eb5cf693dff7e37cb57de0bd68e67c5f0b60e70b9c5fb9dabbf956474b0
SHA5127e82baa8da1fa5e2171cd21aa45f8a9ce7978f97b17545a7eaa5702601d4a4ef3da0aca76fc05733ba564ebe7266fe058a2a4edc127f674bfc3a43558abdf5a4
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/isFistInstall.xmlMD5
1f3ec2ffbbb41f55fa9ecc335ded8800
SHA1ce152773bb01b2358bbb2b1cb3f948317318be04
SHA2568c692fc38e7bc306db9e5c8fcee7f0d79e0e327366264456db74dc12e48b5f6f
SHA51239e41042b57e9543e98c72b36c96cfb362c8ba33c096d02b977a4797c5054907c139deb8227e3bb7fe157bf39d2c11f62b9e0710044d832dc06103af7120045c
-
/data/user/0/net.fourtwentyfive.tek.views202106089/shared_prefs/networkType.xmlMD5
18c557fc6878b7e43b7f695c6cc13ab3
SHA192f9597172dd4bfc27b90a509690e2dcb1a5343d
SHA2568ca9aa58e38d9966249db6e127021c9690ed63e69f7248444c826c1f9f53566a
SHA51252fb0dc918e5d6354f382cd1bf61143b3df4e9ddc97fb53a5d804da4f6c7f62d0e253acd1dec7c90e90dea9c0622868779e3a5c2729ed93f37ff180e6147f90d
-
/product/app/webview/webview.apkMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/product/app/webview/webview.apkMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e