5f9b299b71fcc639689e9906509b0dfded9e813c0a65b76b41bcfe7e01c3af86

Analysis

max time kernel
3641097s
platform
android_x86
resource
android-x86-arm
submitted
24-07-2021 14:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d257cfde7599f4e20ee08a62053e6b3b936c87d373e6805f0e0c65f1d39ec320.apk
Size

367KB
MD5

4aa966ff0455560a2918b746ada2ed52
SHA1

4984af24225d3356689585399ef5e49553e6436c
SHA256

d257cfde7599f4e20ee08a62053e6b3b936c87d373e6805f0e0c65f1d39ec320
SHA512

e67061519218f5edc241c9458addf51b05a1bd0de604c973756c02018dddb4a893fbebf9ab9a0194b9fc737c7d479c5949b7d3cf7fa444a8bca88853c2d5ebae

Score

8^/10

obfuscation

Malware Config

Signatures

Reads device subscriber ID 1 IoCs
Uses Android APIs to read subscriber ID (IMSI on GSM devices).

Processes:

com.xxGameAssistant.pao

description ioc process

Framework API call android.telephony.TelephonyManager.getSubscriberId com.xxGameAssistant.pao
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.xxGameAssistant.pao

description ioc process

Framework API call android.telephony.TelephonyManager.getCellLocation com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getSubscriberId	com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getCellLocation	com.xxGameAssistant.pao

Reads name of network operator 2 IoCs

Uses Android APIs to discover system information.

Processes:

com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getNetworkOperatorName	com.xxGameAssistant.pao
Framework API call	android.telephony.TelephonyManager.getNetworkOperator	com.xxGameAssistant.pao

Reads serial number of SIM 1 IoCs

Processes:

com.xxGameAssistant.pao

description ioc process

Framework API call android.telephony.TelephonyManager.getSimSerialNumber com.xxGameAssistant.pao

description	ioc	process
Framework API call	android.telephony.TelephonyManager.getSimSerialNumber	com.xxGameAssistant.pao

Uses reflection 3 IoCs

obfuscation

Processes:

com.xxGameAssistant.pao

description	pid	process
Invokes method android.os.SystemProperties.get	4728	com.xxGameAssistant.pao
Invokes method android.os.SystemProperties.get	4728	com.xxGameAssistant.pao
Invokes method android.os.SystemProperties.get	4728	com.xxGameAssistant.pao

com.xxGameAssistant.pao
1⤵
- Reads device subscriber ID
- Requests cell location
- Reads name of network operator
- Reads serial number of SIM
- Uses reflection
PID:4728

com.xxGameAssistant.pao
2⤵
PID:4999

com.xxGameAssistant.pao
2⤵
PID:5193

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.xxGameAssistant.pao/cache/pao/inject
MD5
23bb1f4e4f35e8489cbab091ad3d6725

SHA1
a2e894a1353b1aa9451cd2ff1bcd06e250d45770

SHA256
856061a1d0868d7ce3aa0d3d12e0c67a9278dc84a826293e3f1af231acfb542b

SHA512
d620f253b3478ce242e0d75849639637856f6cba9d8ab5e8e97a938a46935025583f1186edc630e5bfe1a32296b136352d31481824ed2d5b19de5c0df7f4fa06

Download Submit
/data/user/0/com.xxGameAssistant.pao/cache/pao/libghost.so
MD5
80892c5e7b60fcef1a004f1abc71d37f

SHA1
5a669700f36e28045c9b653d07b5936790cc83ef

SHA256
911c6166ef4bbbf2fb1da593301cccac94f55c5267882640afcf55ce40add3bc

SHA512
16d5c8dcf253c2ba2725b6b3d029fdb5e7cd98c12547add2380d01ba01410b0923a23256936e2da4cf79d0cba2d4a3cdfd2fc55df0436aceaaf2bb5d2f96c35c

Download Submit
/data/user/0/com.xxGameAssistant.pao/cache/pao/libhook.so
MD5
4b6f2a8be69f4fa2875565cfe8069451

SHA1
9c764b795126a6f00f13370215fe0686db9aa1bc

SHA256
a8911919780d496276a0cc00528ad24f9d22952af4da34fc120e59302b618a06

SHA512
d9b69b6f21215062f1d361a4a5947120fdb1cf5c4b0939e1551f5394ba42dd9b24f3ddc90c79e55dce5c52efdde782bb9260ad2cbc3f96aac949d159ae07c063

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db
MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-journal
MD5
f0ebaaa3bee55f4099eb962b0857da1b

SHA1
82fbedc40b5c58f882012a5ec89b2f41a93076e8

SHA256
944299f0db9c1c30af0976f194e3a5b03e4d7e6f974b7a99c687b736e00203fa

SHA512
75590452d66e7bb44fb494c3de43899ca46889a4376d8c303869c26476f7f0fbbb753a284d0bc38b4daf91a8497955ae682bf8a301459743dcd599632bae999b

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
b7c14ec6110fa820ca6b65f5aec85911

SHA1
608eeb7488042453c9ca40f7e1398fc1a270f3f4

SHA256
fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb

SHA512
d8d75760f29b1e27ac9430bc4f4ffcec39f1590be5aef2bfb5a535850302e067c288ef59cf3b2c5751009a22a6957733f9f80fa18f2b0d33d90c068a3f08f3b0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
b7c14ec6110fa820ca6b65f5aec85911

SHA1
608eeb7488042453c9ca40f7e1398fc1a270f3f4

SHA256
fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb

SHA512
d8d75760f29b1e27ac9430bc4f4ffcec39f1590be5aef2bfb5a535850302e067c288ef59cf3b2c5751009a22a6957733f9f80fa18f2b0d33d90c068a3f08f3b0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
b7c14ec6110fa820ca6b65f5aec85911

SHA1
608eeb7488042453c9ca40f7e1398fc1a270f3f4

SHA256
fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb

SHA512
d8d75760f29b1e27ac9430bc4f4ffcec39f1590be5aef2bfb5a535850302e067c288ef59cf3b2c5751009a22a6957733f9f80fa18f2b0d33d90c068a3f08f3b0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
b7c14ec6110fa820ca6b65f5aec85911

SHA1
608eeb7488042453c9ca40f7e1398fc1a270f3f4

SHA256
fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb

SHA512
d8d75760f29b1e27ac9430bc4f4ffcec39f1590be5aef2bfb5a535850302e067c288ef59cf3b2c5751009a22a6957733f9f80fa18f2b0d33d90c068a3f08f3b0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
b7c14ec6110fa820ca6b65f5aec85911

SHA1
608eeb7488042453c9ca40f7e1398fc1a270f3f4

SHA256
fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb

SHA512
d8d75760f29b1e27ac9430bc4f4ffcec39f1590be5aef2bfb5a535850302e067c288ef59cf3b2c5751009a22a6957733f9f80fa18f2b0d33d90c068a3f08f3b0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
b7c14ec6110fa820ca6b65f5aec85911

SHA1
608eeb7488042453c9ca40f7e1398fc1a270f3f4

SHA256
fd4c9fda9cd3f9ae7c962b0ddf37232294d55580e1aa165aa06129b8549389eb

SHA512
d8d75760f29b1e27ac9430bc4f4ffcec39f1590be5aef2bfb5a535850302e067c288ef59cf3b2c5751009a22a6957733f9f80fa18f2b0d33d90c068a3f08f3b0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-shm
MD5
22c44ab526e8230ed25ee2e8e3c5a097

SHA1
1e223503c4fc2f8709477a34ed4f1c070be06c18

SHA256
75f25efbeb8860ba480b4375315a990c7d9d9479412be52e559762623ca5dd53

SHA512
b6c44c41b8a68bebf7c551dbad7fe46fce3a7defecf5a760dd2e274584cf6c988876abe9a08d46de7c4eb25b18609b42a36957e9128cf5c05e8a82c797294dc0

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.xxGameAssistant.pao/files/TDtcagent.db-wal
MD5
52f535c0ab8408b9a661f4117e05fa5f

SHA1
89394ee675bef02c93d30f5900b29d4d72aa47ac

SHA256
94161988b255cdc3e1438cc6e50bbb282bb8adb53157810fd000b1ce4cb41b4f

SHA512
3542f8b524c049fe50f29dafbb7a7c21501eb35274ec65459fac1c5b5e5d615cbd228a40b3c22615c4a92f969b514e984ef0f50c6240e7926341a0de2ee9ecd7

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
4660ce34b80de7703d0ab36ccdfcd8bf

SHA1
c6ce73f37a40a4b0425000249f2e5f4eda8fd8b0

SHA256
29c23bb7832c2b421b2d6c9d1cd642aa26006b6f1a1679af226c74001e11c441

SHA512
355cb6592aebf1ad45ee0ebdbfb0c8ee262439a743fb247b2546256352187510eca86fc2fa17ea13eb6d372c6a1b0effa48f335c163f241df7ad1e5bfab61530

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
dd0bde51160117681bdfe12f88e3d2d8

SHA1
bbc80fe76e7036becd0819bea4d02bbe0ab4fef5

SHA256
d2ecd1089617fc008a04232f79f6c0c42d8fc5db4d64d38547b4b0b90bc24c09

SHA512
230ffc5469ccc0c6f6e2cb46c7f384dcf69220424dec30dbc274915949b219d1609b2d1427beffde0a5f04e6a31d0989fe8732cdd76c3fe63b708dc9986cf1da

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
71ce10e4231cde46050a7ebfd48a0143

SHA1
c5b018b1bd6e48eb1602bf52a8d7aba3318f0755

SHA256
8f82931c765dd1ceffd32393426b2dd5deae4b619ab84715e342a538e36118c2

SHA512
02b81d209724e6b12ae7cf3e0c96ae79e49e243b6fd129661625764a7ae443d65f66fa47aa8bfaef2aa44dc5c0de66ed2e74aceeb31b576a2f7035a713aecc57

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
bd48becdeabac442ac1268364bb6f3a6

SHA1
1ccb0e1c90028d074f2323cd92cd3d6a04788cdb

SHA256
6108ffc566bda9a88c72a7f53935b12669240215dbf75bb4434860e2991c9aa4

SHA512
e96cb2271262eb20cde1874b4c132fcccaa2f689e61fa0abf78828980dab1cc5ce86ac38e40dcc6503ad73e30a6351b9de1968cb23a2766a30732450cbd8bb29

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
c58c208133c0b5896b2c7161bf0e4ae3

SHA1
39060313cf7da418c0262c4ff0a9d07716d5b822

SHA256
e985ed25f30cc1d32b5e2f82b154ad7202827e9ead74ae9908776b864205576e

SHA512
ec6423a28b21d24822261f4144ba873f5dce1187bfe6e54fd228fc045445c14a75384b36fe85fae55b1062574c6369c008c689af08ee127ede07ee8837a7cfa7

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
1f45e10415be06167b9953e9c7c86c16

SHA1
8fb545dc99c555e8dc6311f77d880e42642de207

SHA256
f8aec4882983098af60c72401a5b4abcbbe9f9dfdc37b484512513f64ecea4f7

SHA512
78510a1e34ed10533ae0c97a97992dde27a61a88f1e5c458a7803b137cc331426298e65afc9e556e1c6b8ba3ca2ae53f5673c8d0d0ba2208a02594c077f4c8cf

Download Submit
/data/user/0/com.xxGameAssistant.pao/shared_prefs/com.xxGameAssistant.pao_preferences.xml
MD5
032566d7215406eb68f0d6c384d0b493

SHA1
3b431a57512722b74d2e79e3401d29aeef2ec540

SHA256
d0b7bf302bf3648ee8f1f47060f8dc7521466f8ae0349cb5a59828cc78aa24e2

SHA512
091344922f65a608fa01b637088cd601b328ee2d754d23cc0714cdbcb7b2fdd7a0f8cd7e23210587e9a36dfe86cb568c05b2a1469c5a333c1aa1ca4911b8e02f

Download Submit
/storage/emulated/0/.tid1544838434
MD5
c4847c503f094e8f2a061250cee5b78a

SHA1
779edde37ac33b44ffeb8d8c81f4301c3ce72b63

SHA256
bea6d8b6f3df3d51a0d4f3c9b68fca4cab5aee19d9a9ebccd0cab40b6365be9a

SHA512
e3578944e0ec7cfe0f6a8454d7c5f2d9a8d68ffd7178d999cd9ab5f81a176aa4fb948b9eefbac2f30b9201edb6068536c4a36c225f8a1da1c0d3e3155507565a

Download Submit