17b42ce69c91954e67efe7c4e3c3803a46b165a76f26f1db1d9d0b9fc0e834fc

Analysis

max time kernel
3550715s
max time network
132s
platform
android_x64
resource
android-x64-arm64
submitted
23-07-2021 13:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d257cfde7599f4e20ee08a62053e6b3b936c87d373e6805f0e0c65f1d39ec320.apk
Size

367KB
MD5

4aa966ff0455560a2918b746ada2ed52
SHA1

4984af24225d3356689585399ef5e49553e6436c
SHA256

d257cfde7599f4e20ee08a62053e6b3b936c87d373e6805f0e0c65f1d39ec320
SHA512

e67061519218f5edc241c9458addf51b05a1bd0de604c973756c02018dddb4a893fbebf9ab9a0194b9fc737c7d479c5949b7d3cf7fa444a8bca88853c2d5ebae

Score

8^/10

obfuscation

Malware Config

Signatures

Reads device subscriber ID 1 IoCs
Uses Android APIs to read subscriber ID (IMSI on GSM devices).

Processes:

com.xxGameAssistant.pao

description ioc process

Framework API call android.telephony.TelephonyManager.getSubscriberId com.xxGameAssistant.pao
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.xxGameAssistant.pao

description ioc process

Framework API call android.telephony.TelephonyManager.getCellLocation com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getSubscriberId	com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getCellLocation	com.xxGameAssistant.pao

Reads name of network operator 2 IoCs

Uses Android APIs to discover system information.

Processes:

com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getNetworkOperatorName	com.xxGameAssistant.pao
Framework API call	android.telephony.TelephonyManager.getNetworkOperator	com.xxGameAssistant.pao

Reads serial number of SIM 1 IoCs

Processes:

com.xxGameAssistant.pao

description ioc process

Framework API call android.telephony.TelephonyManager.getSimSerialNumber com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getSimSerialNumber	com.xxGameAssistant.pao

Uses reflection 3 IoCs

obfuscation

Processes:

com.xxGameAssistant.pao

description	pid	process
Invokes method android.os.SystemProperties.get	4067	com.xxGameAssistant.pao
Invokes method android.security.NetworkSecurityPolicy.getInstance	4067	com.xxGameAssistant.pao
Invokes method android.security.NetworkSecurityPolicy.isCleartextTrafficPermitted	4067	com.xxGameAssistant.pao

com.xxGameAssistant.pao
1⤵
- Reads device subscriber ID
- Requests cell location
- Reads name of network operator
- Reads serial number of SIM
- Uses reflection
PID:4067

com.xxGameAssistant.pao
2⤵
PID:5725

com.xxGameAssistant.pao
2⤵
PID:6352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.xxGameAssistant.pao/cache/pao/inject
MD5
23bb1f4e4f35e8489cbab091ad3d6725

SHA1
a2e894a1353b1aa9451cd2ff1bcd06e250d45770

SHA256
856061a1d0868d7ce3aa0d3d12e0c67a9278dc84a826293e3f1af231acfb542b

SHA512
d620f253b3478ce242e0d75849639637856f6cba9d8ab5e8e97a938a46935025583f1186edc630e5bfe1a32296b136352d31481824ed2d5b19de5c0df7f4fa06

Download Submit
/data/user/0/com.xxGameAssistant.pao/cache/pao/libghost.so
MD5
80892c5e7b60fcef1a004f1abc71d37f

SHA1
5a669700f36e28045c9b653d07b5936790cc83ef

SHA256
911c6166ef4bbbf2fb1da593301cccac94f55c5267882640afcf55ce40add3bc

SHA512
16d5c8dcf253c2ba2725b6b3d029fdb5e7cd98c12547add2380d01ba01410b0923a23256936e2da4cf79d0cba2d4a3cdfd2fc55df0436aceaaf2bb5d2f96c35c

Download Submit
/data/user/0/com.xxGameAssistant.pao/cache/pao/libhook.so
MD5
4b6f2a8be69f4fa2875565cfe8069451

SHA1
9c764b795126a6f00f13370215fe0686db9aa1bc

SHA256
a8911919780d496276a0cc00528ad24f9d22952af4da34fc120e59302b618a06

SHA512
d9b69b6f21215062f1d361a4a5947120fdb1cf5c4b0939e1551f5394ba42dd9b24f3ddc90c79e55dce5c52efdde782bb9260ad2cbc3f96aac949d159ae07c063

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db
MD5
cb5cd2285eebf12ae8f5cf987ed06210

SHA1
0f0504b15cd9b234f208b8d4647756156634a741

SHA256
14e8337d520c04757d9e07eea0d496d1d64abcd4327cfcb2caa5f7023e88d2e8

SHA512
d54f029b831f376050956e7c01b14384c58a7085068d498622df6be63dbaabc9d01f43a75bed3c70e24248e9cac0387417314aac802c3498559380e6ce1747d6

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-journal
MD5
b008a1d41a3ec9c47142117a5e5aedf9

SHA1
9af9d61d62bd8c08c002abf3088149ede152c808

SHA256
b6c1d3724b960c6cda4831606d03c546bf604c492fa7878137bf3ff45b09b63d

SHA512
46a0f3280b2550817e625ec713101c2702a974edd8f5fb962c71aa6688fde401fa95336a15b06b95af0d450bd83af72c3f12a9a8e38d906a82aef66fc94f8d77

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
e55140a2e8fac91a5cf157456780c187

SHA1
b9979fe6e3e80aec6542e48b0a707a4ce1ea55de

SHA256
fced2d4c1f6a64757a8455d7aeae4537149e9099d22076c377df8dd38886b108

SHA512
492c5722b57aad9f7fd499d5afdb4ee0f006faa75a7b87964dc9d1e51b11bf53c6088342bbfebe2b47506ebd54693b0d709720234d26cce0a9ce2a7c50a0ec08

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
e4cc82e485aabd08b5486c3ab5f0b084

SHA1
2dc2e9b17fbc2b3b1ccfcec4e91b46b7cef17286

SHA256
915421084539d2740eaf18c9af2d55cf5e66d31590ad53c91376e0a1bbfad7db

SHA512
f202a1caafc37a087343c8f3f1d4f61e01e20289ffe5838275aa54343e00ca20076e64eb0810ff8b61e0bcb72d0128b302b91e833d117cb5bf88317aa0e49de8

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
45a7880f729ea4c3baa478be2c6f9709

SHA1
d267653849ff21d469a2c09e2c725a8e10d21943

SHA256
c3dda28e749bf57fa4df5de5daa7818c6a565d9c3efd897f004d833640bda4f4

SHA512
3e3da83b6f4a10258d987f88b9552f108d07117f2adb630d0adfee34de3852979ecc0522857c4bc1186f9cf3e867750c20a4752d3f5167995cafc73425cd9df9

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
7e7f05f5e9d9024085eb7a570b52b554

SHA1
d518da0cfd4ea1b1dcbc1ef430a1266cf1526840

SHA256
383203120d9a4c89fcf97edfe702d24e0f089da1fad9971a7c912fd294fb43f9

SHA512
a3f89fbed910d79686ecff3d37ef71db4c93c01d60f9a6f23ce34833cb9afb5d533d63afb329f5735e931233fbd5509a769e71948222d3cb8d985cff912a0a13

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
3fb098a3652e80416e09c57a4e91ab35

SHA1
5065ec18dab842920aefd7c1f7df480beb0e6404

SHA256
46e7ae788d46adb9fc47749bfbdb52c2af310bf470fe66de3c6c2107242c6d3b

SHA512
d198c073503c73cf013dbdb7a89cab05c8d724a628a76c4764b4b28cf1ae5644c17c0982b8981cfc81655ad6f3e626e19a0e89c08dcaf77d3fa746141175f07b

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
ea1f04a4098ccebe0e9112c22e6c4b2e

SHA1
10bc111d57a00694b9c8beabb176eb6813c0080b

SHA256
6d085a91c8dc9b4323a9babb7600c8e680b28ce4b097ef06ee9ac7c63cd23a70

SHA512
d099e8b17fc4195fc051f73772bb585e26e41a79d834814db086f076768f332add4b4c71cb9c99ee1be0308e70222a3a6dfb2e6ac9b8456e651503952a1d3ce8

Download Submit
/storage/emulated/0/.tid792647583
MD5
0bf47f0b22599e2a22a8a6cfee0825bf

SHA1
224610400aa2242b3991660a199fd4fbb3868c39

SHA256
f506b4cb8df15a993ec23b20d059d8cd8a19386fcf8c9ddd6c99e6dfae68c3ca

SHA512
e3df46b24b8e43c5189d9ad7073287c4ec44ef7d503534c964b9baad544e78808d3c96ff48e3783d8132ed4668e108c7ccc5c304a23ed86b1d9514af46674582

Download Submit