f618d0e75f13ecc40d50df8f4d83bffe96fb84e5bd89cd77ecf5d880af9cbeed

General

Target

f618d0e75f13ecc40d50df8f4d83bffe96fb84e5bd89cd77ecf5d880af9cbeed.apk
Size

4.2MB
MD5

b4a4ccc97b038bfce458d1fd956e1964
SHA1

6a558e9c7d21052197a50199aedb9f4697319e28
SHA256

f618d0e75f13ecc40d50df8f4d83bffe96fb84e5bd89cd77ecf5d880af9cbeed
SHA512

fce23308d08b3c39ff6466cbaee55b70008966282e603fb5c041dc4a6b02e0afa9e2b6e9730ed5e5d17658fb4696c04eb31b7c4d99b00b3c92719bad93b38eb2

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.nrugjflwpo

ioc pid process

/data/user/0/com.nrugjflwpo/cache/payload.jar 4087 com.nrugjflwpo

ioc	pid	process
/data/user/0/com.nrugjflwpo/cache/payload.jar	4087	com.nrugjflwpo

Uses reflection 8 IoCs

obfuscation

Processes:

com.nrugjflwpo

description	pid	process
Invokes method dalvik.system.CloseGuard.get	4087	com.nrugjflwpo
Invokes method dalvik.system.CloseGuard.open	4087	com.nrugjflwpo
Invokes method com.android.org.conscrypt.ConscryptEngineSocket.setUseSessionTickets	4087	com.nrugjflwpo
Invokes method com.android.org.conscrypt.ConscryptEngineSocket.setHostname	4087	com.nrugjflwpo
Invokes method com.android.org.conscrypt.OpenSSLSocketImpl.setAlpnProtocols	4087	com.nrugjflwpo
Invokes method com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol	4087	com.nrugjflwpo
Invokes method dalvik.system.CloseGuard.get	4087	com.nrugjflwpo
Invokes method dalvik.system.CloseGuard.open	4087	com.nrugjflwpo

com.nrugjflwpo
1⤵
- Loads dropped Dex/Jar
- Uses reflection
PID:4087

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.nrugjflwpo/cache/libclb.so
MD5
e0815799a4c2d1038c7ae4ccedbf0b55

SHA1
7e2022976f357374af3ec3e4745d89cf02d59bf7

SHA256
97d4d58ddf63c6dce11d180c7d7edf8450037ce2554e09ce1e67e6f898b8cb47

SHA512
0077998761251f1105a533cec67ec6411ca48bf7a23246c76d6df751077971821a79e9a37ddd436f47bfa8863c5fe2a6b3e7af8874e04efbfc2d46ed11fb25f3

Download Submit
/data/user/0/com.nrugjflwpo/cache/oat/payload.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.nrugjflwpo/cache/payload.jar
MD5
08525e1fe3bcf9a1408c2c5d306cabf7

SHA1
dfc38e8569159fa6759a9af405a6f8a88cbbfe73

SHA256
5b4c85ee55b860c23b7693066a634adaae47497fe1acd825607e22050b680164

SHA512
267a72c8d0a8e8103df1bbc52aaa032fbc067a71a91e4c3212d3b107d9dd39c5d85c7c63960052b2f9692a0713ac0d1368f278e7777adf7f7851b4f5246881d9

Download Submit
/data/user/0/com.nrugjflwpo/cache/payload.jar
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.nrugjflwpo/shared_prefs/71a0c66199f41241da08ac0b2083c22d.xml
MD5
ada20f3525386493b80b312c0c21a846

SHA1
9aa3bff362190b420861c82ea16215d80c15eba2

SHA256
5769ac0f59178f12469d7a1caf814c5c1dcbc2b7008064960979957ad22ebc03

SHA512
d282b2527d90f93cf373f0cd1c62dd7a8ddb20a698d01d0159d0f5bb451542db52bf3da1ea063b2356c2af4aee5e2120e6136ead5dacc3be31c38b8b8e41902d

Download Submit
/data/user/0/com.nrugjflwpo/shared_prefs/71a0c66199f41241da08ac0b2083c22d.xml
MD5
9800f55226c9b10718b42faf6de407bb

SHA1
ee6dcc04d490187ca33a342645932ff9c3c752e6

SHA256
81486bdac9b8363441bf8e0138f8154c2316bd8e33a9dc3a7745a71cdb783e84

SHA512
47136bdc497c3caac23c1dec8f48a6eb7112681d322f2181ecd72b3867d1f0bb5483664003bf5c3bc50252513724cbf15d2735e1af75a5542c6511217a4d02c2

Download Submit
/data/user/0/com.nrugjflwpo/shared_prefs/71a0c66199f41241da08ac0b2083c22d.xml
MD5
d42bdb74135c57cbb779984bc36b08d2

SHA1
c466a646456308d6f2b76fbcd3975967d88eace5

SHA256
5e33f0f77a3a11f4b007cb0576b3495becad2d09af32060ddbb3fb891406f567

SHA512
556b3ff018c027ae8d4870a6fc7426ef7060aee36c49a1138d7d272c8ff556f732b5d5f3819cd6b984e1d479f9ff915c200b81ec7ce653ed00b39ed02aa4a2de

Download Submit
/storage/emulated/0/Android/data/com.nrugjflwpo/files/uu.dd
MD5
4a46be8e14bcd1722b85c404358600bc

SHA1
7b557acb63069d4d4ffe07809dde30170f369a04

SHA256
db8eb14d92a8ea481004867fc723512b3d5ae91de510c6952b21d84417d1dcd2

SHA512
84d9cbb651069e281e8b083adba4acc36afdf30938f9bc6e61b7e3abd0db6857f787a2252d94327a975d689259062b43fbb27771b124e8cc842390acee5f0ef3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads