Analysis
-
max time kernel
3821687s -
max time network
157s -
platform
android_x64 -
resource
android-x64-arm64-20220310-en -
submitted
20-05-2022 23:23
Static task
static1
Behavioral task
behavioral1
Sample
9543678858d6c81c26f35506807ecf4d1e8071ed5bc0fcd5bfc1639f82593503.apk
Resource
android-x86-arm-20220310-en
Behavioral task
behavioral2
Sample
9543678858d6c81c26f35506807ecf4d1e8071ed5bc0fcd5bfc1639f82593503.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral3
Sample
9543678858d6c81c26f35506807ecf4d1e8071ed5bc0fcd5bfc1639f82593503.apk
Resource
android-x64-arm64-20220310-en
General
-
Target
9543678858d6c81c26f35506807ecf4d1e8071ed5bc0fcd5bfc1639f82593503.apk
-
Size
699KB
-
MD5
e3ca3c6236e962975f24f7e18b515df2
-
SHA1
8c3dabbc9c75958c1df94d1720129e177bc21c18
-
SHA256
9543678858d6c81c26f35506807ecf4d1e8071ed5bc0fcd5bfc1639f82593503
-
SHA512
d0e9e7102c0e5f81ad6cf22b42923ad523665642c9bac3d694b362f0597dfe352e4398137b499661c0160d114da6c658b2fe0755fc07b5d18bb982205ab872fa
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.android.NPlayerioc pid process /data/user/0/com.android.NPlayer/files/1653089124619.apk 5829 com.android.NPlayer -
Requests dangerous framework permissions 16 IoCs
Processes:
description ioc Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an application to record audio. android.permission.RECORD_AUDIO Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Required to be able to access the camera device. android.permission.CAMERA -
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes:
com.android.NPlayerdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.android.NPlayer
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.android.NPlayer/apps_/com.plugin.main/apk/base-1.apkFilesize
98KB
MD5ccc23feb8284b430d5a2bbcdf49dd281
SHA168cea176a1e3af12ec0dffeca319fcc0d72c6a70
SHA256c39b9e388e978a516dbfcee8d9a072b76874e3363b3c55e684c598a42119374d
SHA512d825b3175c920ef5aede79fcabbba2fc1e016e85d1f5f0e053215f950853e4861afdd837319df34b7cab7388c89e5b40d1aeaeaaf1ab14d0e7c0033bb25255ab
-
/data/user/0/com.android.NPlayer/cache/.android/icon001.pngMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
/data/user/0/com.android.NPlayer/cache/.android/icon001.pngFilesize
98KB
MD5ccc23feb8284b430d5a2bbcdf49dd281
SHA168cea176a1e3af12ec0dffeca319fcc0d72c6a70
SHA256c39b9e388e978a516dbfcee8d9a072b76874e3363b3c55e684c598a42119374d
SHA512d825b3175c920ef5aede79fcabbba2fc1e016e85d1f5f0e053215f950853e4861afdd837319df34b7cab7388c89e5b40d1aeaeaaf1ab14d0e7c0033bb25255ab
-
/data/user/0/com.android.NPlayer/databases/su.sqliteFilesize
96KB
MD5133f48502c890c7fab39d33194903530
SHA15e8c2e9dff1bb98ea2fcccc539da164782bcf89e
SHA25604913f19fba1473e4fcdfe9ccf339acbf4d766b02a723fa9e866a4f87d8b0c5f
SHA512c417644ac2544602a6bf4dab27b8f9c8f4982616b5a4e6b5efbbe3b1edd67d95a6bbcbdb6f256341ffac1217b66720fe61267640db32980ebba7f6438ae90d25
-
/data/user/0/com.android.NPlayer/databases/su.sqlite-journalFilesize
1KB
MD50c0340499ca5fb11799241e44ac0f6fe
SHA14b3eda83eca7e9428acfd05e070f0c2d9f0ef2ea
SHA256eda2eb6e233e464825793312b4783c766ccd2175b4c9d391f6b727115913769b
SHA512febcb4e667b3bd87f4500e8ddbee7cd23a60747c753310f9b704fe966693a72a1aed218cbddab31105bfcccb23db9aa1d4e2cc8511a05458296fb1c23c50da96
-
/data/user/0/com.android.NPlayer/files/1653089124619.apkFilesize
119KB
MD5e07916184016b476476a0247832e835a
SHA11e64a8cc37aa29bf71e121c7deb914b8c0de23e9
SHA256067616b3f81198c3a1f62b942af75c3d049339e3d1bc2ca8c86ba81fe4e22a60
SHA5128d06932c74960263fae71cda519a56873941af18ab969e8f6b7459db41fd9822fe858a4e4a6c246f159fbe1d88248ab37edd48eac4dc1002109ec3624e39e934
-
/data/user/0/com.android.NPlayer/files/1653089124619.apkFilesize
326KB
MD5934d3df4650fdedf44400e77cc17c746
SHA12ba1237395f5c08e4810daa0ae90f9bac2f0e24c
SHA256269eebe9b16155670d3b39df97fe1ed87465ae533f47a611dd3a56de3f6c5c54
SHA512b2f30f32d80c33dbc4cd8b4a0a90aa63d0e11bd8937f1504f82f124095daa68664b2d8633bdbabb774b14f14c8e8d84cec1e5e6bb0c24e0fb6ec03ede6e5e228
-
/data/user/0/com.android.NPlayer/files/core_serviceFilesize
37B
MD597754d003206873595a32b10524d0a8e
SHA1024a65e52a513f00db30641fa2ccf46252960d2d
SHA256d806171bb9bb29702523fe9bf03dd556885bd2ecf56c0be6b55904fcb9260301
SHA5123b497303b392e13ec6e33a7c103dedf794fb0298b2a808a354a5a213e0a53531ca8328ce0db03f66c25dfc593a0b3debc890a188efa9ee325364448d30d250ef
-
/data/user/0/com.android.NPlayer/files/libicons.soFilesize
119KB
MD5b2d65f6efb1cfd0baf59c68a676f64a3
SHA14ab43f1e553d73d9a2e9d7f77b3273078a9feb2a
SHA2561e9914bd881eaeb75eead074490cb46fe5bacba8ffe2bdd74430b8a52dbf6371
SHA512ae5916cabf15354941d5a98e58181a83059dc59662e91a9946944eb13bda7d8b400e8905b81131bac9e518d774e98c7e79942f54296e166aa69915d813219947
-
/data/user/0/com.android.NPlayer/files/libs_dataFilesize
19B
MD5198b9638f44d83a6831c053cefd157db
SHA168be3e14c63b0b0802c2c7831c2d53b07f6b342a
SHA256e1b0bc0b9f9b7c617428aecfeeda705950b2bd1abf4c7f9f8c351594fc49de04
SHA5122cb87ca1fca3334499ee2d6054190715da8424cbaef97683e732ae8fe55805bb8ecffbfb1b4507eba0c27be194012faf20c2c2a608c959249906ef72adfa1f71
-
/data/user/0/com.android.NPlayer/files/oat/1653089124619.apk.cur.profMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e