Analysis Overview
SHA256
d0775b35bb8cb849d1049e9cea3d990f97bf09e908d19c93ba6ce0c184bfa668
Threat Level: Known bad
The file 93740_Video_Oynatıcı.apk was found to be: Known bad.
Malicious Activity Summary
Hydra
Requests dangerous framework permissions
Loads dropped Dex/Jar
Uses reflection
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2021-08-21 10:38
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2021-08-21 10:38
Reported
2021-08-21 10:41
Platform
android-x86-arm
Max time kernel
1749849s
Command Line
Signatures
Hydra
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
| N/A | /data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
Processes
com.cwnjcjeo.qhmvgio
com.cwnjcjeo.qhmvgio
/system/bin/dex2oat
Network
Files
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/MultiDex.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/tmp-base.apk.classes5169584584987545481.zip
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
| MD5 | 377bece3ea2a959ed9eca857ac0e4447 |
| SHA1 | 84274baf7e0e590c8018f034222e8d0f2cde191a |
| SHA256 | a1b40b20cb339c0dd1b20fe432c8c6ff4e9f0eb1958ace9a5849243ac861e947 |
| SHA512 | 661c49d98c03dd0d6ec6b2c6f5da63645360096c4e7d53c8756868abc8528fe2b0ab7db9a602517665e8783b632351f944f31ff612ec374df355d79f4a9d696f |
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/multidex.version.xml
| MD5 | 2dc51353b61dddcb6c3444ce3a1bde88 |
| SHA1 | 92329b6580e16e5323031dd818cab9b4bd0b4bd5 |
| SHA256 | c585ae404621efe69daf2f7de673978fe671a1f9f8e38ebf0e9751f67402fd1f |
| SHA512 | 4f8cd1a69641797edb3cc268872a069af277235ae6a599d8ffee84bf79e3f87781b03d1aa0aa1afbffdb8ba0c2afb077e32fac0870ef468f574ae69b6388c3dd |
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | 3c16541cef06da0e2b92c97cdb093914 |
| SHA1 | c2ae5973cc43259539a80f58de0b81fab06c6ffd |
| SHA256 | ca3f774d7b9afb20b6d5b40bac195dc101063afe6f76d072b662e868dfa97d3d |
| SHA512 | b12894e17e7b1c83b4f3d06d7fd8f99e39df25780e9232f987d281f601b58bc6ba4f648329b7fb3708ea56483c009845fadca36e9542bf7e12d7548c0908379b |
/data/user/0/com.cwnjcjeo.qhmvgio/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | 32b9a89780ddace2013890d0a39916df |
| SHA1 | e4c90cdc59f42260c03de0f76f6b03de7f8510ea |
| SHA256 | 1f53fad0f5c4812bd044753fb07daf8d3fd1ad4063b2af79cb0fa9ecf83f2c45 |
| SHA512 | ffbbc7c57e18f59537076e29470b767e31b07f90db93baf5f18aa528c682076ff6137920d309cc3d6b51c38005c6f4799f6d499af71081f45d10363564909c87 |
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/pref_name_setting.xml
| MD5 | f4f4ee250ea00cd663b4bfc5e779bf01 |
| SHA1 | ed0b74a6f4e2bec12befe861c66935700662f448 |
| SHA256 | e7ad5ae18a93e917551e7049bf3e9ef8b8c3e00199c4e6f04168dbb296cf70b3 |
| SHA512 | ec8b0479c656c8069d415fcd77a30d61e1b66601cc263c50592e13653ad9cf3bab89c90e98623572873293363908e4fa08bece561c5005e0f0f3697478e605d4 |
/data/user/0/com.cwnjcjeo.qhmvgio/shared_prefs/prefs30.xml
| MD5 | 1c6b6a6a91f2ccf7ac553f9a439ad69e |
| SHA1 | 270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748 |
| SHA256 | a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6 |
| SHA512 | 8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e |