Overview

overview

10

Static

static

7

540f2fea12...fa.apk

android_x86

8

540f2fea12...fa.apk

android_x64

10

540f2fea12...fa.apk

android_x64

Analysis

  • max time kernel
    3891413s
  • max time network
    145s
  • platform
    android_x86
  • resource
    android-x86-arm-20220310-en
  • submitted
    21-05-2022 18:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa.apk

  • Size

    3.3MB

  • MD5

    2d827db9557250e275102eeb2cf98b92

  • SHA1

    8bf0d90029f41487a30524aefb8129a6c4f72cac

  • SHA256

    540f2fea12850eb21e4b190286581a02250782f2febd6a7689a344edb8ce71fa

  • SHA512

    cb9ba045de274ce211ecb926e6524c1d57644b952dc4b976709ff3d8208c0b6d667b0e0835a78652d74456e8aa4e68293ac03e6ccc6fd976944a60f95ee6edf1

Score
8/10

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 1 IoCs
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    PID:5316
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/xirphg.json --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/oat/x86/xirphg.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:5436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/oat/x86/xirphg.odex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/oat/x86/xirphg.vdex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/oat/xirphg.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/xirphg.json
    Filesize

    2.1MB

    MD5

    f9f6a1ed4ec4622b19af369e1e656721

    SHA1

    58dba6083b7f44a6ecaf34a8f251342ac89fe020

    SHA256

    d5806d4026443c70108e28ec8f8429fb666f03b9f4582d11462e733c678ffb75

    SHA512

    1180e476b37a2912a27b962f895f068966877f77c4a993bbe050e2272dae6c034f399c3ea2d4157be8515b3bb1949687b80efc972edccee975bd5481015368e1

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/xirphg.json
    Filesize

    2.1MB

    MD5

    609535c0b9ae2d4cb6ae727e254e953a

    SHA1

    be573ad14469c7d28bb53a2f8a188bc7a6f5d7f8

    SHA256

    40195c96d35fa8962abc2528176edbb50f3e6baae930a6e705b6289104675981

    SHA512

    010215f8c5906c9be7e3dd2a630c4063c43a2adc71ccb2e1c061cdf6288e46b2023f0b5470e7a4d6bc73fa8c9b305fb63e4088f7193b9937fc7dbba956b87f3f

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/xirphg.json
    Filesize

    2.1MB

    MD5

    4135c7c669c01caa64d0fb01c46cac78

    SHA1

    078e061ecc1f932cf049086c53e41f08000fbe47

    SHA256

    347dd99ff2a1f86156b1a452ed76222139a5fa8ef2f5999f4436b2b3797e3649

    SHA512

    89b33dcb4f0bab24e1da2be7226fca1019c193f21d5a216e76fa702dfbd0de1ae0a3e43489261f8c4afdb4206de7e6023e99c0b3b79d591aee57c1afe1a422c2

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/xirphg.json
    Filesize

    2.1MB

    MD5

    609535c0b9ae2d4cb6ae727e254e953a

    SHA1

    be573ad14469c7d28bb53a2f8a188bc7a6f5d7f8

    SHA256

    40195c96d35fa8962abc2528176edbb50f3e6baae930a6e705b6289104675981

    SHA512

    010215f8c5906c9be7e3dd2a630c4063c43a2adc71ccb2e1c061cdf6288e46b2023f0b5470e7a4d6bc73fa8c9b305fb63e4088f7193b9937fc7dbba956b87f3f

    Download Submit
  • /data/user/0/nyduuxnaqxqbkofyskhuzieyffm.qxmwqsrgdlifhkpjwlwlack.mua/app_DynamicOptDex/xirphg.json.x86.flock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit