General
Target

a280006bb01147124ba4472ecd9206cf102226504b2446fc2371067f6fcf848f.apk

Filesize

5MB

Completed

21-05-2022 13:20

Task

behavioral3

Score
7/10
MD5

183d1e2b8a0a22373084c59b4dca8859

SHA1

b7502902b080b6d436441cd1088aea88316768aa

SHA256

a280006bb01147124ba4472ecd9206cf102226504b2446fc2371067f6fcf848f

SHA256

04683667419d629e4d9f87d97ba213ece8c3ec55f589fa906cc60c2daed03748a2f60e1a29e4172fe39195cfa67e1d965843ece17b9a9d6ce25c85e9fb36813c

Malware Config
Signatures 2

Filter: none

  • Queries the unique device ID (IMEI, MEID, IMSI).
  • Uses Crypto APIs (Might try to encrypt user data).
    com.appsmart.delivery.darbarmuenchen2087

    Tags

    Reported IOCs

    descriptioniocprocess
    Framework API calljavax.crypto.Cipher.doFinalcom.appsmart.delivery.darbarmuenchen2087
Processes 2
  • com.appsmart.delivery.darbarmuenchen2087
    Uses Crypto APIs (Might try to encrypt user data).
    PID:6989
  • com.appsmart.delivery.darbarmuenchen2087:Metrica
    PID:7058
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads
                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/files/ZPkFS.log

                            MD5

                            e970cd7ba7cf2b7d8e0f884b5eb04448

                            SHA1

                            57e766b2d45fdaa72056c8cfeee19137e5cce3c6

                            SHA256

                            b8e3d7af7993f1350b887c49442546f35dec012996fe64f380eda243d8d1f6ce

                            SHA512

                            0213c37884e3f712c8706913288eb6bc8b030a2c87b6ca40cea71e6dfa344220e7753c654ebe6e3063885625d9c4996350f390e14589b549896ad08de878e976

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/files/credentials.dat

                            MD5

                            4d176eb571e36e5e432282242f930098

                            SHA1

                            64b4a20e7151ab73a04a3796c04fedd2e66e99d5

                            SHA256

                            e5da6b0fbe08bf7544f805f62a043b0e1d3a201e9f817107ff54bf3bb997fcfd

                            SHA512

                            8845ba6378fa60e153f8f31efe2a5fc0d7c58edbf7361ef450f1d3a1d59747df5c6f0a9ae3db7a90cd5f2ec4ea6a2ca0802bbcb3ae06087e6c354b873b17bdc8

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/files/metrica_client_data.db.lock

                            MD5

                            d41d8cd98f00b204e9800998ecf8427e

                            SHA1

                            da39a3ee5e6b4b0d3255bfef95601890afd80709

                            SHA256

                            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                            SHA512

                            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/credentials.dat

                            MD5

                            4d176eb571e36e5e432282242f930098

                            SHA1

                            64b4a20e7151ab73a04a3796c04fedd2e66e99d5

                            SHA256

                            e5da6b0fbe08bf7544f805f62a043b0e1d3a201e9f817107ff54bf3bb997fcfd

                            SHA512

                            8845ba6378fa60e153f8f31efe2a5fc0d7c58edbf7361ef450f1d3a1d59747df5c6f0a9ae3db7a90cd5f2ec4ea6a2ca0802bbcb3ae06087e6c354b873b17bdc8

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087

                            MD5

                            375d518e7fbdf1792c5cb8ed3c783f16

                            SHA1

                            738ef74bdf71bbd2fc960ccc793ecaebacfcee3e

                            SHA256

                            54b5238815833227daa9770bde5f0ffcba1ca6310e27a9b3d57bca3f42a4c719

                            SHA512

                            b08c2d1fdac1ec3e487a459545dea6a36aa329ad47ab41cb58f296fa7ea9a4ce4175f1ff6be9555ec9aa88992449879f99433ead6ae88f015faecb62a82d3a0a

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087-journal

                            MD5

                            d4144aa0102675409d9707ca0d368f1e

                            SHA1

                            4c2d40d9f464b3a61500c033a515cae99fa76f9d

                            SHA256

                            cd831138fc23b48435cb51b88a4b169bda394684938a777295655e2fa8599b9a

                            SHA512

                            2d4333608da09d633dbfcd71e714ed3a53083cb4bb3e74f9366075a3ff26987b9c2e8042de02c13719ad8fa2f795707e0525f4c6dbd0d905ac94cd45f3937372

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180

                            MD5

                            e16bb0208943b01258ee2e2a4a13b625

                            SHA1

                            e8621f61424538eb54a1ca41cb018d88402d7182

                            SHA256

                            be9c38bbfec902c0543cf589c1d9836883709b6985afcc6c6f36d1b5fc39fea2

                            SHA512

                            246e146e2c2b4e4916b129f35b94a888675114bc3785e11e4e300d06afd312ed8feb97408fc9d793da8038bffb51b1f7850002ff504903213ddd8f37703b582d

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/db_metrica_com.appsmart.delivery.darbarmuenchen2087_20799a27-fa80-4b36-b2db-0f8141f24180-journal

                            MD5

                            6264f500009fa773807be96b95730886

                            SHA1

                            d9534084b1051538af974b1f7993f8361f1eebc3

                            SHA256

                            cd71522107cb28198456206287cd887f7e20abe62ca8be5466daf5ceb3ff5079

                            SHA512

                            a3a503ac89388315f8936294b5396bdeda5948d502728e44a713454cb5a03c7bc056f5b14d0ca203a63807b59641799445eb0bdd178df660f0a983648bf8856d

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db

                            MD5

                            9a3a3b75fccfd0f867aa701a3bcc1680

                            SHA1

                            a9502f26a77a0073cdc1e7db61c3163b2b99582b

                            SHA256

                            dad6e81e21c686e9f565f1566d67f150135334644af3b4db184e01331cf2a905

                            SHA512

                            8f3b3458a40628d469d7ea1cb8388b1a73bada8b6e30309cca48d1066d14f80d0d3f55953977a4b3e98a31c8ed421845691e4784a96419d72867d92faab66dec

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_client_data.db-journal

                            MD5

                            a3897491b83f984808b1555cc8da5050

                            SHA1

                            2f93c9fd04a4384b34cfee3543fd8a8e4a5b25ca

                            SHA256

                            ff4c00ff1029ca89cae62f0d1beb1cf2d75150b16dc95de0538bd2a19afbe3c2

                            SHA512

                            304349d7c6de27aa14404ecdaa6c73bbb75db3551b8bee39ede8768ee34635627231f963aef8345dc4045684d6e47e99b2d4bd75acbe64123bfc81cde3d63ab6

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db

                            MD5

                            c282b82154c35ba71e94df0dcb1d1926

                            SHA1

                            ed33420cac5df3a6d533c795b55344030c6fac94

                            SHA256

                            f3443bb31eae8ad1069b5fcb23206a66b01cb39dfe30d4a6a0425a610c78f44a

                            SHA512

                            09d8501bd4377b6c593f13eaeac0a767f3a85a42db5e988be61d9176557daaf569b22eaf902316155aa559602bcc14d9e5ed80147e165e3494afe2a43d4bfc0b

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/no_backup/metrica_data.db-journal

                            MD5

                            8bde570fafbb572ca44049050a1d8b38

                            SHA1

                            29e678bb2bb0bd8c1162caf51e9d97b6dd5ed593

                            SHA256

                            2dfe0e1d4791234d6f58926a8d288380646f7a343649a612ff5a8e31e5c491e7

                            SHA512

                            9b1d211d14390877d5ba9a3919bdbec862fc0f52406fb44a43c109e3d0c2c4184002dc3de21a3af541af65abd632d1f98e46d090300423891bb296522ff636b9

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/shared_prefs/com.appsmart.delivery.darbarmuenchen2087_migrationpreferences.xml

                            MD5

                            9781ca003f10f8d0c9c1945b63fdca7f

                            SHA1

                            4156cf5dc8d71dbab734d25e5e1598b37a5456f4

                            SHA256

                            3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

                            SHA512

                            25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/shared_prefs/yteSlT7daYsGlbVGqXfR.xml

                            MD5

                            52d32ab73bdba7357f1254573a6b3d27

                            SHA1

                            c52e4da69a91713416928aa73adaa2df696c5660

                            SHA256

                            12213fd0383bac08979c1a5e0da7c3da9c91031d52b00ab8f3309341ca04d5c0

                            SHA512

                            17adbc01df5af8b676fa17e4acb5d2b269883453d5b8cada6f24cf629b0eace0a959836aaa0f382f8171ca25db0affc8f48f59bc140a38b93492fae3f59aa95d

                          • /data/user/0/com.appsmart.delivery.darbarmuenchen2087/shared_prefs/yteSlT7daYsGlbVGqXfR.xml

                            MD5

                            7ce76fa54817dbcd4a6b3b18de351c4a

                            SHA1

                            a7d20daccc0bb358e28660b1ef036479a728a852

                            SHA256

                            6e353b8766f28d9cb1e5a5484ac8438c162a82db410611132a5aec91bc118276

                            SHA512

                            b82735a38e3e06802e94ff6c12e84a0a93a592fb5ec264cebc3739e9786e7f188e40a962ef75f1c58f6c1a7fd668698b04320af4968a29641b5d6c70eb9946a3