a09d435c5988e77ca115bdfe456821b9622994fd419645c0a2d07bc4658535f0

Resubmissions

07-08-2021 15:35

210807-y36fw5j5ce 8

07-08-2021 15:30

210807-8f2q58lffa 8

Analysis

max time kernel
558082s
platform
android_x86
resource
android-x86-arm
submitted
07-08-2021 15:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Kurulum.apk
Size

1.5MB
MD5

0a64111f4ad75eec84d10de7f1b89c6c
SHA1

c2c1598f562f319e6a7ea0e3879218584f097c08
SHA256

a09d435c5988e77ca115bdfe456821b9622994fd419645c0a2d07bc4658535f0
SHA512

b53902334be10eaf0a2d17146efccb2b84e9f1bb82fcb234d02eca7fed65b65ecc4eb58a85621547dc574cc1a301a04b92934acdbd49c857d64b84dabafa0261

Score

7^/10

obfuscation

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oatcom.bzyidn.rajgylsl

ioc	pid	process
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/base.apk.classes1.zip	4735	/system/bin/dex2oat
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/base.apk.classes1.zip	4694	com.bzyidn.rajgylsl

Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.bzyidn.rajgylsl

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.bzyidn.rajgylsl
Uses reflection 1 IoCs
obfuscation

Processes:

com.bzyidn.rajgylsl

description pid process

Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE 4694 com.bzyidn.rajgylsl

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.bzyidn.rajgylsl

description	pid	process
Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE	4694	com.bzyidn.rajgylsl

com.bzyidn.rajgylsl
1⤵
- Loads dropped Dex/Jar
- Requests enabling of the accessibility settings.
- Uses reflection
PID:4694
- com.bzyidn.rajgylsl
  2⤵
  PID:4735
- /system/bin/dex2oat
  2⤵
  - Loads dropped Dex/Jar
  PID:4735

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/MultiDex.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/base.apk.classes1.zip

Download Submit
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/base.apk.classes1.zip

MD5
3f1f48a0a15449460ce2bf60d0e9033c

SHA1
7435a799374474130489f7cf22eebd2acc3a88ad

SHA256
e4b1668a4b48fc390beef0690f403387400223de97d9eacbe69e70b8a05a11cc

SHA512
f41c08418103088fff7448e4fe7c91beb0b072ff4282e05083acedae5fa9c4fee423b0dff02234b55e4852e731d906d5325d121738de83b0fce6b6afffdf23bf

Download Submit
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex

MD5
ffc40823411c1e16382aaa947c4c0740

SHA1
11f6558f15dcc2fcdbed8356d881244a2b8e6663

SHA256
335fa3ab155b40e10c4575c0b8273e09d4f71a2a3da9f37e6e79e30dfdc6f754

SHA512
6c87c8dd3922f85527c42bf31ad765ae4e65986a7b8c8b6e637b07e9e23ae9f2c454f1448b3caf4ec6492ec653d6d7139fe9b52cf6d30a870bdd207b95e4550b

Download Submit
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex

MD5
064fa10056c28d6b56482a5efd7af080

SHA1
dd9a6ba027f4a34e11d5252f1959a0e89524af00

SHA256
75d11ef3d1ae4074e412c7a770dd4500cd92f3cafa57dc907c396a1a0d4504e6

SHA512
4eb0c1ba9e1c7c274b6fcf2c5d48a233872570be019cd0644ee67938b3352f3649bfc0df16b4c0438a6badc8b6706780784ff6ebc0f050e934f7ede19010a87d

Download Submit
/data/user/0/com.bzyidn.rajgylsl/code_cache/secondary-dexes/tmp-base.apk.classes4901371857562881968.zip

MD5
18e87d0282861cc01356fd65eb7dd552

SHA1
2feea2d60eee727ac84355e80d460dee884627da

SHA256
68419c033dc7a65a6ddc6b15773194e6af8f3eccf9fd79f6f161c35d1ab027f2

SHA512
addce0dd85a0d1a30e98966bb05c5f6f779256411553efd4e36bda6c3cdae86a83ad5bfbc4c0527214f60a10387f2af7deb8c45730600678a6dac7edae1ac1d7

Download Submit
/data/user/0/com.bzyidn.rajgylsl/shared_prefs/com.bzyidn.rajgylsl.xml

MD5
804f081873079f8f887c9c23e445b3c1

SHA1
a73fd639ca092734a2df9c1fc533d540139375bb

SHA256
f19310c8a3c6d3d98ec57bbe0eb1d0b12020991f636aabdb20088452f21ea71e

SHA512
b0e402d0269806f35afd01df09d838214f3c3e11f3fd80a057a654502cbabc5a75ba1ede901df683b0ed0c139b03f1c766fba9a67995948d8d25c58b625c86e3

Download Submit
/data/user/0/com.bzyidn.rajgylsl/shared_prefs/com.bzyidn.rajgylsl.xml

MD5
e39d7f0d15c1e9ecd6dd3d5929d0b626

SHA1
96d3c30083d9defc9f8bfc0684f33791e0b1fe68

SHA256
282c44747d75b0129fd2a7f2e93a7186c383aa2c04d5a948b2503b00afdfdce4

SHA512
587389acb2ca794f24d8b70a0f0e3b83b456eb3f6fd21cc4485b83dba0873f8496d48fc23cdf8b8275ca4a6826eb5c4f0023535d41490c1d7de24d448d79e154

Download Submit
/data/user/0/com.bzyidn.rajgylsl/shared_prefs/com.bzyidn.rajgylsl.xml

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.bzyidn.rajgylsl/shared_prefs/com.bzyidn.rajgylsl.xml

MD5
a9ec4d2bd21fd5de999eefa858d65844

SHA1
bdb7ed15432447da38e4c2f0ca355943b935b372

SHA256
a8e271e8f5d87d0512bd03b8dc58fc1c8586717fdd5a44ac0756ed2fd95aa4e4

SHA512
0fbd41999cc9cceaaa43b741f71f34bb89c687051a3e5c22e044d58c0813d05219d263208a897cd0a7bbed97b544840c2f57d35d5fc879165bd18b5003be6ee1

Download Submit
/data/user/0/com.bzyidn.rajgylsl/shared_prefs/multidex.version.xml

MD5
0d2484ddd0cdb61892a85cb11289f6e9

SHA1
43959e300201f1afe0dcf1717f9222baf91e4a77

SHA256
142d07b924098fb9e76233c8bfcaf2a04816f858801d2116c55b9cd0705155ee

SHA512
745cfd0f7a3c55815c4fd3b089445bc0873e029d2499294006c75070339140419155d84e9421146fbe468b14f7024801b515cc682b07d809bba19ee12ff05cac

Download Submit