Resubmissions

18-08-2022 16:49

220818-vbqzmshbbp 10

10-08-2022 02:41

220810-c6kr1adfg3 8

Analysis

  • max time kernel
    2984015s
  • max time network
    36s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220621-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220621-enlocale:en-usos:android-11-x64system
  • submitted
    18-08-2022 16:49

General

  • Target

    220fcfa47a11e7e3f179a96258a5bb69914c17e8ca7d0fdce44d13f1f3229548.apk

  • Size

    12.7MB

  • MD5

    07532dea34c87ea2c91d2e035ed5dc87

  • SHA1

    04ec835ae9240722db8190c093a5b2a7059646b1

  • SHA256

    220fcfa47a11e7e3f179a96258a5bb69914c17e8ca7d0fdce44d13f1f3229548

  • SHA512

    270319f1a8a8fe9e19a78741cdcdf5f7c62d3072e55ea68a8c5ecb154bea9fb0895d1562164a0a04ffac19cd2bfa760ee219e3e0ef3890ccce564ace0c1f51ea

Score
7/10

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs

Processes

  • org.schabi.newpipe.mask
    1⤵
    • Acquires the wake lock.
    PID:5664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/org.schabi.newpipe.mask/databases/com.google.android.datatransport.events

    Filesize

    112KB

    MD5

    42234a0297173062f6ed764ca6c0208c

    SHA1

    d8105d91e5557e0392dc749fbac6974d2daed956

    SHA256

    7265e8650b06d78c24ca70a41564680abfe6e529ce6ff5f5aa7504caf9113dc6

    SHA512

    001960aca53baf55b045b0b1d1f8609d1d614bb145306da3d8eca698d33d3a6d5b66a81cedb8a581b7e0a9fa97349b0ce0b19113564ecfcc41ba95201b871f53

  • /data/user/0/org.schabi.newpipe.mask/databases/com.google.android.datatransport.events-journal

    Filesize

    1KB

    MD5

    d95687df4f3d5516bcca1a19e0d8db3f

    SHA1

    fd02d67272e7cd349bb92b91f0d1cf44bb49f521

    SHA256

    89251aa122bca5254d4ccba8723ef4f6f5b20d24478fb9a60faad84cadd366c9

    SHA512

    6541faa015a7cde48e6132377886ccea07aa656a47f12f7d9d7ec39a6f9696cee474853ed772b2701c75ab25add1d9c630b593713d5d0129bd997e6561dc766b

  • /data/user/0/org.schabi.newpipe.mask/databases/newpipe.db

    Filesize

    8KB

    MD5

    e579a6b00eef1318f9166352228eba18

    SHA1

    76988896854f0139083e77862eea1a4846cf039f

    SHA256

    4b34cf505050facf47aa7936e4e7667e1969105665c632b3eefe7ecddf9a6935

    SHA512

    c47632e957d87727bf6504a82ca7a44d8da24d30cd997a0f449a96e4f97c656a1b4d9da3fcd827e2a48c59677688da0b872358ebd0f9369d898d1b8ec18d5699

  • /data/user/0/org.schabi.newpipe.mask/databases/newpipe.db-journal

    Filesize

    1KB

    MD5

    3f87447e2729570662cf4cf02b4f1882

    SHA1

    c2a45e4bdcd5ab14acd801ec7b9d40c7c9f77ed9

    SHA256

    22b4fa0a50ebce8c62ee40dbc338c92416936c3ac99fedd2388c72451f82ad63

    SHA512

    c365e72bf82cd83810b45e800ce86512287e73e9f0d880f12e88b5c45b94e32688077cc4ce1104b9f075165619b7f4334229364253e26721853543fbadab99cd

  • /data/user/0/org.schabi.newpipe.mask/databases/newpipe.db-shm

    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

  • /data/user/0/org.schabi.newpipe.mask/databases/newpipe.db-wal

    Filesize

    305KB

    MD5

    2ebd566c7d1c6a72f6f44731fef7e348

    SHA1

    33a7543301925cc9475e0c6fb3b9f853069305c7

    SHA256

    14a5d38d3c7911adfae070706299ddd1424440660c1a421fc7bf3a1dcda043f3

    SHA512

    701fc49f85004a4fb386e0fd32951f31bce7ab602106d4295b493f5158646ef1886a717cd7708a1833e161151e9007483b4f3968526d4080423f365d08c78058

  • /data/user/0/org.schabi.newpipe.mask/no_backup/androidx.work.workdb

    Filesize

    8KB

    MD5

    e579a6b00eef1318f9166352228eba18

    SHA1

    76988896854f0139083e77862eea1a4846cf039f

    SHA256

    4b34cf505050facf47aa7936e4e7667e1969105665c632b3eefe7ecddf9a6935

    SHA512

    c47632e957d87727bf6504a82ca7a44d8da24d30cd997a0f449a96e4f97c656a1b4d9da3fcd827e2a48c59677688da0b872358ebd0f9369d898d1b8ec18d5699

  • /data/user/0/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-journal

    Filesize

    1KB

    MD5

    29ee61256849748a7fb817da0d88b0a7

    SHA1

    ddbbf817c8eecf2bd692635b92f6591935262d0f

    SHA256

    3cf143904e7a6134593f47a63b73611aacdf29fd118067a4c08e73b0b081137b

    SHA512

    dfbdf784af3630d2e845e60cfd4f31f3e5d7958e0e1ce8e0d5b8e6bb92a55b245d1bcd94c109e3e6261c0246a03614d33c9460116f3230b02a283fae6ab4356d

  • /data/user/0/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-shm

    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

  • /data/user/0/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-wal

    Filesize

    732KB

    MD5

    c7d0924992ad168468a76f59d78981f5

    SHA1

    eb2fc1d4ea8efdedfc91e92eaa15250834353124

    SHA256

    e1ee2987f15c8c13fd074949ba1f67362840aeaa838759ab75116fe386ec8539

    SHA512

    ccf94d8bd990c67b1b2d09d99bfbe7385c1b192d76f121ef6db5acfbf781f68186685ec0d527df7449238f2e29e66fa4ab0ec49d6679f6c0117891687cbdbee7

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/FirebaseAppHeartBeat.xml

    Filesize

    134B

    MD5

    658ad5c08c4a77a9f7655497d461e256

    SHA1

    276ac0240a9237c1e816a2884cc7ee30c95ffc2c

    SHA256

    169eb75abee1f50b6d8fbc1ca80240b77f06bb44fa9d85ad48a2516892735df5

    SHA512

    1ac273b50c7f46805f4fde1426b64d6eaac964e7ee61bc80845677739528e5b922dc7968d30428ad4f9b3c359fcc5aa3c4839533bb7e8f83be3cef63658526dc

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/FirebaseAppHeartBeat.xml

    Filesize

    188B

    MD5

    5637beef4c732a50004172bcc2c5e7e5

    SHA1

    ee5b406b239f094012dec57adfb1bff43e1e22ac

    SHA256

    82a52b92a4b8e3f219458cba7763027e77c5df0c0e0b41324133603f05fa5762

    SHA512

    f849abfed46d7161480574ef7ae32769634cdf15c823c2cca211cf45718494c84f7f19dda75cf8298243b8dcf6bf74f103d2c9039220ec3ba17cc856809d2dc8

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/FirebaseAppHeartBeat.xml

    Filesize

    239B

    MD5

    45fb840e42d4308f4274e05927a45c97

    SHA1

    76a9753768aaad123a36519b0fb48f913ed1a314

    SHA256

    457f7adf5f22a4c64644c896c585ce8291ca1b524cbbe66cd237502a5e4f35b5

    SHA512

    7f320d81f4eabc17a06522f3bcdb6760dc3f30ad825895a6acb02a60aed319bd016c3854b98e92d6ad5ed7137e7bfe3b2260a60ea0baea271722e8022d66433c

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/_has_set_default_values.xml

    Filesize

    130B

    MD5

    f2b4296ffe441b87312ddc80a3ac98ff

    SHA1

    0603dc05dd32b5dec50acfcc1951a85c18b8b4dc

    SHA256

    70b6eecd62c222a39f6a2f3d8164714dcfcc2e7afcfbf0a7e773887266230ce2

    SHA512

    2dce930f6c49eef639567068731437f6df2043da467b41a51f1c5aab66d346c1b0e8197905700d30c8c259fe5e445a0ca66d7da5ee1fa983d7b33a5c9971f4e3

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/com.google.android.gms.appid.xml

    Filesize

    262B

    MD5

    17e79d15a1452f31c8827e9a0062bc04

    SHA1

    0dd8b3008f1b9abd11052a48566fb41571e71599

    SHA256

    1560d42a0aa24e24d228ba839f3f9b4486a8d788e72f23a0ad197a286dadd9a1

    SHA512

    15ca23f370b830e70aea414b3fc28ceb83dcbadbf2e48140000459eb4a60369d7212d0dac1c2dc5f06f91eadea3c0d41d7c764918035ffa922017d69acc2e85d

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/com.google.android.gms.appid.xml

    Filesize

    579B

    MD5

    744adb06ce526a0dd6b4591973e9c484

    SHA1

    8c510960ac8860d1564a6c3b85df682e1ed73f7c

    SHA256

    5e76d313aceaa3875f4e98a3c5f10664cecb3c813dbacf81dc9c95a2aecb8512

    SHA512

    6419d2925b3b590e2193d4c54161cf38e992861839d313c46ae4e28e9582b22da640a2cfcc753fa62c3a35469808fb33440846007dd1d34e53b1fa8413b5b5ca

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/com.google.android.gms.appid.xml

    Filesize

    192B

    MD5

    5c7f71515c58b247547be72cced523e0

    SHA1

    fcacfc834aada3efbcaa43a2b6f03769bba6cb8a

    SHA256

    d64a335b0ed106c982622fb38e70bce2c20baaade40a2c543a0fbe7eac86076a

    SHA512

    37383ec29c976562693c7ea17643ee2b791fbab0b103ca1ecb7ac2a92c4e207aef7cedb6016237259ab639e43e1eed63482923fda12b96c552787523a5ea53f6

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/org.schabi.newpipe.mask_preferences.xml

    Filesize

    141B

    MD5

    3f592c836aaefd97b6846bdc810c1200

    SHA1

    f2dcc34fe49a45deec63f413dfdb39a2397ab325

    SHA256

    246787dca5913cc01e571eba600fbc318fce75039f464bc8c259146b99206396

    SHA512

    d46d58ae4d152291c18af044e6873771645738821b20708a96c5ab7475002f0c180fabe94ea5a0c1f6343bfbf628b1477662f00f6d65452f0e974af4b7accdf6

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/org.schabi.newpipe.mask_preferences.xml

    Filesize

    261B

    MD5

    3d6e85981991ed2fc7d34cc2a9ae44d7

    SHA1

    769e317ea50cc8b6440b9c274fa5cb0d3ea4e4f1

    SHA256

    a454f5f1bb2fb0d3e9bffc737d9f8b6d8b996af9aa11d6cd3bf8a11d0c927382

    SHA512

    ddba75a6a88f57521b910399c1fc03d236445f4d47f84c17663d6e0c597923a74a6c0ec0b90902d6e24bf9a0c82d56ddf6ef6226db3edc98bca381a3801a3180

  • /data/user/0/org.schabi.newpipe.mask/shared_prefs/org.schabi.newpipe.mask_preferences.xml

    Filesize

    3KB

    MD5

    e4c7f1d9370887df6d869cb92743e352

    SHA1

    cc6127e3586d9d607ed0075fb7baecf960e8d7b6

    SHA256

    7514c218a74b8ce3d7b495ac0b126f9ab649da261d0135cbad9e2526b119bb61

    SHA512

    2835374b35bc877f1dba107b5de1998aeca12036ab0274a7db84f80bd091f53b3bba6aba19b75d30d7b39f45dc160ea7a79d65850e1933ed234614e6506dfc6e

  • /storage/emulated/0/Android/data/org.schabi.newpipe.mask/cache/uil-images/journal.tmp

    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56