6b65f570c6d0ae17274951f6857df3876a222a5791cfa7f21ca1461d2c324018

General

Target

fd1aac87399ad22234c503d8adb2ae9f0d950b6edf4456b1515a30100b5656a7.apk
Size

4.4MB
MD5

d9d34d6627ae3150bd574b6523995d9a
SHA1

5a5910c2c9180382fcf7a939e9909044f0e8918b
SHA256

fd1aac87399ad22234c503d8adb2ae9f0d950b6edf4456b1515a30100b5656a7
SHA512

b2d5c12711e8485c7d2de1a52aa736342c544715d607d6fc026d5b334ee522f7bf97572686405012104cef208d462c98814ff23c68683e49bc716020c0b3ef93

Score

3^/10

obfuscation

Malware Config

Signatures

Uses reflection 64 IoCs

obfuscation

Processes:

com.egov.app

description	pid	process
Invokes method android.graphics.FontFamily.addFontFromAssetManager	3570	com.egov.app
Invokes method android.graphics.FontFamily.freeze	3570	com.egov.app
Invokes method android.graphics.Typeface.createFromFamiliesWithDefault	3570	com.egov.app
Invokes method dalvik.system.CloseGuard.get	3570	com.egov.app
Invokes method dalvik.system.CloseGuard.open	3570	com.egov.app
Invokes method com.android.org.conscrypt.OpenSSLSocketImpl.setUseSessionTickets	3570	com.egov.app
Invokes method com.android.org.conscrypt.OpenSSLSocketImpl.setHostname	3570	com.egov.app
Invokes method com.android.org.conscrypt.OpenSSLSocketImpl.setAlpnProtocols	3570	com.egov.app
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3570	com.egov.app
Acesses field javax.security.auth.x500.X500Principal.thisX500Name	3570	com.egov.app
Invokes method com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol	3570	com.egov.app
Acesses field com.egov.app.framework.web.ResponseModel.code	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app
Acesses field com.egov.core.model.Service.basicService	3570	com.egov.app
Acesses field com.egov.core.model.Service.subProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.mainProviderName	3570	com.egov.app
Acesses field com.egov.core.model.Service.id	3570	com.egov.app
Acesses field com.egov.core.model.Service.title	3570	com.egov.app

com.egov.app
1⤵
- Uses reflection
PID:3570

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.egov.app/cache/http-cache/45be6d4f65babd4c94f06a28c4679e6b.0.tmp
MD5
1f91f9b8bc7ba733ee9c7244a3cde1a0

SHA1
3cab41137ffc3848eaa0010da9a8436deee4bbd3

SHA256
3e34d1c7abe1b2e4002a6a4ec73728b5da9de2b23a5fd4721ac11ba1ba6af771

SHA512
f789f127e81f4504405b4e348bd47d887cef5087530cfb68fe67503c69628ff36e41f72006926912bff0f453ad89acdc31bee6b4d93ae96af2eaa6904e3fe4db

Download Submit
/data/user/0/com.egov.app/cache/http-cache/45be6d4f65babd4c94f06a28c4679e6b.1.tmp
MD5
b66ee76ce8fb78e373e9d8036b807679

SHA1
6465e7e1f19c20d76e940412d41fbd8693917237

SHA256
97fb0c7a8f786a296d677ac5b17d392e5b6ea78897d589df802973fb2e3d4869

SHA512
63d5c6c9fb0e517bd5de8d08ee589f956be725dbc68fe7dffea43573b154a089c5759b2db2a63b4731f946645e130eeba2e2171d37ee603bec7d39de47a7f9b3

Download Submit
/data/user/0/com.egov.app/cache/http-cache/journal.tmp
MD5
cdf0ccea303a01fa8ed92f407a17362c

SHA1
ca2665123f2ba214d1c5026ef8e09aead5330002

SHA256
6f4d197a3ca64eab0dc11474b6664dbac60029b05405d801f16bfa179a82db66

SHA512
137d17fd02b6c28872813abb8e83aa6c1fb77072a965acf3101341b1a0349d0b7198502c14b88d87aa3b38e580794b047fbab28e3fa413f840d641f67bfa135a

Download Submit
/data/user/0/com.egov.app/databases/e-Gove.db
MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.egov.app/databases/e-Gove.db-journal
MD5
cef3ce9dd3a6ef00c7a2b4af19eb3b49

SHA1
304b21efc6b5d44281465672c4d7a900fec900d8

SHA256
a6169968a56419228643e67e505bc157dadb0a5e0a811cbbbffcb13255ac043d

SHA512
e4f4372f52533cf3ef9d6a023d5ef59b9cbb5c52319042702024d5421f2123f769cb8b6ad95db067e08b0f092ce72e10280861490e438d527050a9eca7b25d0c

Download Submit
/data/user/0/com.egov.app/databases/e-Gove.db-shm
MD5
cc5c9371afdaa3102e188c294a296ec1

SHA1
190b322c8db366614071a86fa789bf1f246fc66d

SHA256
1a5ece8ca9757bc449d4d827dcdcad62dda376185854703fa166722239388b9e

SHA512
347786794cb60a8b1c7a5485c6cc3a27cdc2fecd1e460932f0ecd56da68d0638857b0b40113256377e4fda1ad4f8da609afcb7c67680ae46b53cc01e2c9e1278

Download Submit
/data/user/0/com.egov.app/databases/e-Gove.db-wal
MD5
1c36dca6c6f31070a8141b3e38fdc252

SHA1
bb2d13c4caeb6fe6c7cbcf3013287e251b041ebb

SHA256
519f17c6743fa45e6246bcd6b7a5edbfa1b352374df883b05cae081f5d46a4f4

SHA512
f26e00be8a19f548dd4aaa56d5510a864165173c6e1a83554f4670d8957a5ff9826a1b799e19a3a7e0d87817afacfef05441ea5d3b2f8a34b87562c06acf1bff

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads