Analysis Overview
SHA256
340bfbd674dd9389b4c7148cf5ee004f641d0dc94753e1fe66acc98cd9ae525b
Threat Level: Known bad
The file 39816_Video_Oynatıcı.apk was found to be: Known bad.
Malicious Activity Summary
Hydra
Requests dangerous framework permissions
Loads dropped Dex/Jar
Uses reflection
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2021-08-28 10:51
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2021-08-28 10:51
Reported
2021-08-28 10:54
Platform
android-x86-arm
Max time kernel
2355430s
Command Line
Signatures
Hydra
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
| N/A | /data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
Processes
com.kqwujceu.dphptbo
com.kqwujceu.dphptbo
/system/bin/dex2oat
Network
Files
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/MultiDex.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/tmp-base.apk.classes2682133684202090761.zip
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kqwujceu.dphptbo/shared_prefs/multidex.version.xml
| MD5 | b84c0392cee065bf35d14d6177c1009f |
| SHA1 | fa6f8f19af6d7ea1aa763fa537fc64f24a0f42ae |
| SHA256 | c3e8053ba06c52d2741bfdf7dc4ae0341f5d5a18a925a6869cc70dce36db7e5f |
| SHA512 | 1e5c15c12fe4d389467846d3a893c8015c721494f29f10eae1162cc0e326c731af090495d5bd99f48e8beb4b397205de28568149a6e2993cf1898ec838f8fa68 |
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | 40bb0b0672597f22bdc5e863ff222b20 |
| SHA1 | 82b5b6aa90da744bf984961fad7dfbb4227ee870 |
| SHA256 | d4f086d00e0b2f6db4b372c9d80dbe9a9a4518f2f9778f61bdef3c6eb0c6d206 |
| SHA512 | 7fb0abe8e92823877cd0ab15d804c7222318fcda203d3f1e0b94b35ee48f197e51e8903d657f78d17443bac1eb1bf3a31ee2e1f1dad8d8472518167e307f7a10 |
/data/user/0/com.kqwujceu.dphptbo/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kqwujceu.dphptbo/shared_prefs/pref_name_setting.xml
| MD5 | 5dcd8816f624b8b24d67df601a1e968c |
| SHA1 | d221019a5bf81592d719c2fc75417952c4e664e8 |
| SHA256 | f159c54b116a46e68fb27de8879ae43fc55c016dc19473b77be96118550e64a8 |
| SHA512 | fb9203ae73c7e95cc9efdd6707454860f675e8cdbd4ea275d7837cbcd55c603f75103795306da98d6df169081d879054d2bcbe97b770b5150dc882b3038a4298 |
/data/user/0/com.kqwujceu.dphptbo/shared_prefs/prefs30.xml
| MD5 | 1c6b6a6a91f2ccf7ac553f9a439ad69e |
| SHA1 | 270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748 |
| SHA256 | a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6 |
| SHA512 | 8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e |