Analysis
-
max time kernel
3865023s -
max time network
19s -
platform
android_x86 -
resource
android-x86-arm-20220310-en -
submitted
21-05-2022 10:27
General
-
Target
4464c529b47184508738ac864a49e6f4500e75c6be7b06039465cbb7ea424abd.apk
-
Size
9.9MB
-
MD5
0c50a97bfbeeb415b2cfb61de7a2eb8c
-
SHA1
b388d4cba603adb1f141d7d87739fa5efa7abd25
-
SHA256
4464c529b47184508738ac864a49e6f4500e75c6be7b06039465cbb7ea424abd
-
SHA512
856635cb18fcba18aca33ac9922696d6bf3fd76188e533193756b24d8fba04306433bc3f41bdb96e8603e67c847c777ee28df542b1bcdb9686e846768d25ebf1
Malware Config
Signatures
-
Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes
-
com.victor.portuguesplayback1⤵
- Uses Crypto APIs (Might try to encrypt user data).
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.victor.portuguesplayback/databases/xUtils_http_cookie.dbFilesize
16KB
MD5defff2d2526945fbed0ccaa8643c7623
SHA13428b42c2f5941f226fdc237365b7ed456cab6bd
SHA25649220e13346febc4ebee1d76a8f9c49f32ac5f2b9e9271bbdb7ea5bc8229b00e
SHA512694e0bbd928ea3a3290ca06ea608a80e080c238966d7f86185634538527b09e8a952d121d2447f6ac00cb5ac39c6346435702127bac5380818127e2ae7c56364
-
/data/user/0/com.victor.portuguesplayback/databases/xUtils_http_cookie.db-journalFilesize
524B
MD57038b06b82f44862eecba0a61f9c2cc3
SHA1b0a9b5d7b0be89551b6bda936fc61df4e23fd460
SHA256f0f83a25c84d32ae80176b2360d38a1ac0d6fee4d5d35d4af0e6a44a8e301797
SHA51234bfc0f5ef33de2b5ff2766ba5d8c7d3582f19c5ce668bb12d1684beaf79a67c7f7f8df4b48331e6d644088e5861cc2ad8a8f77629528f9d9cfae012967c280d
-
/data/user/0/com.victor.portuguesplayback/databases/xUtils_http_cookie.db-shmFilesize
8B
MD57dea362b3fac8e00956a4952a3d4f474
SHA105fe405753166f125559e7c9ac558654f107c7e9
SHA256af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA5121b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b
-
/data/user/0/com.victor.portuguesplayback/databases/xUtils_http_cookie.db-shmFilesize
8B
MD57dea362b3fac8e00956a4952a3d4f474
SHA105fe405753166f125559e7c9ac558654f107c7e9
SHA256af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA5121b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b
-
/data/user/0/com.victor.portuguesplayback/databases/xUtils_http_cookie.db-walFilesize
16KB
MD564649062c38f4fac45b796b563b574f0
SHA13943654b2c0861fa6a02cf3cd14afe190f4897c9
SHA256688fd37f16796abdbec9bdf3ff7a36129c3480ca2c68b70fc8fcd46de178710f
SHA5123acbaea52424c5e2e22fdfa8d617862f15ef8858d7b10ae6a8b43f7112a0fa023e8deb071ce8403385922349ac8d7759095980b22bca420f25884bc5600deefb
-
/data/user/0/com.victor.portuguesplayback/databases/xUtils_http_cookie.db-walFilesize
4KB
MD5a0d3d0d486caa45a35a73c6b08b84329
SHA12c3ddedec7822486acd897994925958261545434
SHA256593680d93263a5341349f8a594ec0054ec33191b276b247e95853280dd9bebb6
SHA512ee0cada76da64b5aaf0263d78ba7b3e667ec768ac33ed410807aadd5ff39cfe44e0cc80861da614bd604b58fd7fa61d3bf9815a63666163affa03a5cb1ca3dea
-
/data/user/0/com.victor.portuguesplayback/files/umeng_it.cacheFilesize
393B
MD5ab7307bf67a7b76f6d618684abf88e6b
SHA1cf2b18165f687c6f08f8bb32fc23e73ba316e9b9
SHA2561d1c74485a9f628ed313e2cf0b19be003e69821926c44da81de4386aa5c4f03b
SHA5121bbe162202cd82b5c064d74661e993dfe4df9e937febc798c2bbddcb2bd0bfa8b290bfd266e8434f2e5ca3f252f71f6eaab12cdaf3704648013501911cf429ac
-
/data/user/0/com.victor.portuguesplayback/shared_prefs/info_collector.xmlFilesize
166B
MD5a96fe36d6f173388fa8649928430fcac
SHA18b824649f5453faa59295ee1429e06e763bde78a
SHA25679e944d5e3e84ca06706b692b9287b91060ecc4177e626fc0325120ce3b5ecec
SHA5120f9112470135478c4878134f4e48614b3561c645b2e2e57cd6c506e76a51703841daa00249a1bc012ad37caba29fccfba1a019cc82ca696051cbbdf8a30df20c
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
111B
MD5f856d5f7d2ce63a5030b95fdc6f45912
SHA1fde51c5adfc90cbca386395725590d99f222c442
SHA256f3ccff56802b40959ffe8cdf40c9061dde1b877bfc15c7b382b3660b9233dbfe
SHA5120fdc5afb4de7027ecffd5392a80dca5c8f0d7d0e644f522dc39b1bc9c26db5c79f5f8f9143392feda13d9cc54edfa2ff72ca8de5c2f7cbe69ee56b80eb3f9393
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
381B
MD5b1b14e413b42c177d3e8dd74fce006c6
SHA1e73ec127febb57614fa1b160ec2ac62bc4266744
SHA256299cef362220b8f15ea45c79205f7ac325349125a6203f4d431b05a2ead86abe
SHA512a7de6aec8a8dd1815b79ac163cfb094be4268194d1f01da08a7eabc623fff0b5a5e123726aab202291541c75583a598d8d41b24729ab4a2b96e0712675ef7824
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
111B
MD565f18a74e436e2d56ac9368f653e2f02
SHA16f90940f71a395b23887541e0833118adf5f587b
SHA256dc7059872fdc7bd3d8ac5248857d78e1b46a527a8dfd4a0ef7d4e5e016a8d25b
SHA5124246f296ec443678c2092fb25d53bb873992ca2b6d017d9c9a8862a12c851dbc9198c97a89f55659c485679fba05070d55e954f282a3dbb1e630f2908254cf76