Analysis

  • max time kernel
    3549989s
  • max time network
    163s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • submitted
    25-08-2022 06:00

General

  • Target

    gen_signed.apk

  • Size

    3.3MB

  • MD5

    f3109e3234a83452de39ad40a285a5fd

  • SHA1

    e209fc019ab1b45cdcfb2231e47c93ca3f497709

  • SHA256

    6c943681c28f5f6adb65b48cf471ca09d9e02b7f67338827d423cda87aa35327

  • SHA512

    3865567e090b127a65dceb7e95699248c91f8c8db2b1a3500281c4dc454741263712c81ef351efcb0d94cc73a2e41e8c2c3f3c10de3515eef2aa8d5c550913b6

  • SSDEEP

    98304:VEVF6aL7fDW3v0AMYfccA5cMipxlgA2+XAHG6wj2T75i+:V46x3vKcAZCaAT+Qj2M+

Score
7/10

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock.
    PID:4428
    • ping -c 2 -W 10 -v google.com
      2⤵
        PID:4480

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/ir.shz.shzkisi/cache/~test.test

      Filesize

      4B

      MD5

      098f6bcd4621d373cade4e832627b4f6

      SHA1

      a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

      SHA256

      9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

      SHA512

      ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    • /data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      88KB

      MD5

      8dfcfdcef5a9793fb83bda404ec3f42b

      SHA1

      dd02caf5757e9fdaf184ab299c45e4c92ab3ae4b

      SHA256

      a59674cc863d7e977b030c7047072dc4c6d5ada1257917574fe184d886042cd2

      SHA512

      e04d1892c052fc3766881d3f21e26961714e575766cb316bcada34cce49cf6e17eb26c3fbdee0038ed2c75da0a9cab99e0e3e78374be20ce2790cc0d0d9cd807

    • /data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

      Filesize

      1KB

      MD5

      36931d9957c79ba6318d5c755ccfed7f

      SHA1

      538d527489d09f936eddbac499af1a5de3170b7d

      SHA256

      66ce27260f7987fcf0667ab207384893f0de7f238983b76332295b064a3c98ef

      SHA512

      f17ce9941599740a918d7178479308d5fbc1ca8184a2e3c169377a3467e97ab0044d5e18992ec366deb952f13d72d7ae58205933bce9ee50277b86ee3cf85723

    • /data/user/0/ir.shz.shzkisi/files/PersistedInstallation71659655340390073tmp

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/files/generatefid.lock

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/no_backup/com.google.android.gms.appid-no-backup

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

      Filesize

      239B

      MD5

      e89a15a4299d8b2918fae14f28f1d20a

      SHA1

      075c09ee7f66304828b39b789c291f4019f0f4ce

      SHA256

      e9582be037664dd17a3953fdbd84f8434603a5e2c0c6bbcfc7ed4c130f129713

      SHA512

      a72a26722021961442ed8443b6d6dbc996685ccd90136c62d273ee5fd98a17a7392bf99ffe5430f3cd4e098cd4cbbc80c5b614b8cc45f694e7315790f50f1317

    • /data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

      Filesize

      134B

      MD5

      670b3223484118b539e74a496e0a3e5b

      SHA1

      fc772dbd02792574146272b156a06470c829c03b

      SHA256

      c37f72555509319f9b270084e179a16aabcafe6444d06fe67ee18bf3348bf8bf

      SHA512

      57e61f348a16aa764630e5af957af00efd2ce6211edc2dbf95b6155e8ef53b9875c5cc44155aae72449d8f9a8828ab2e7b8cebd3f1c2d3a0ef55e77f4ca79a90

    • /data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

      Filesize

      188B

      MD5

      6005d7fd55e6ec9a9a1cd4cb820deeaa

      SHA1

      39675702b112cbc8f698f0432a4489c1f09be9a4

      SHA256

      137f7fdc4c72fed690ac5e9c22c9e2063d25f5ff0a5cafc388173de91e7851b8

      SHA512

      02fc0c90e52fd73f3ca7b4ac923a8ec11e9f74c1c660aee1c9695db6a091af905bfcafb47c1ca32881bd94009aafde041b3ab67c837c6361e2595013767f3a05

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

      Filesize

      192B

      MD5

      e2b21f9788213b403fae3c23a69970d1

      SHA1

      e21dea01401b6081e04fedd4eb177195efad3faa

      SHA256

      81b111798b9cf95ad73ce756ad1aee0042289ff0909cff75366a36d31448afc5

      SHA512

      1e3925ebc657c2b6e2fdd8d94205612397e155b9d1124f7e3cc53be3ec7532b9bd0ff95c29e7bf709a651c9b0e55e9ba6492cb8ad5e78f921e827504d65e9e19

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

      Filesize

      250B

      MD5

      846a9f5e24456604542b74760e6c99dc

      SHA1

      466f8b984e1995d888cf2221752f9a4627572afe

      SHA256

      39e4b8663b7195dd5e63c22b9c8b04141b36e1cc542afae85a18065606e44ba6

      SHA512

      032ba67810cf132ac6bf4dc45dba7a786472474a9888c64faee67226fccd680c9e9be6bce249d89fa818c6d48ee732f3e1f6cf210455b752c9c2b9e9327668c8

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      607B

      MD5

      c5bf66e2f935168bbe74bf41f200d54b

      SHA1

      f224870c184ba2a14b8c09eccb0c5e194742b5ed

      SHA256

      045573d96052d9084b8ce82e284226017ed4957d345a6d1bf64aa72b59473eed

      SHA512

      490a0aa288201d9625a21c755b9d2e9859d2514750fd827ea0ed355491247af6120a403b161218af93b03eb21d133a6cbf5f1d735d6e3aed63f3fd1cd81ffbfb

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      665B

      MD5

      2443bb413f4c4e9bf9c015b7b269667f

      SHA1

      a399d8e671b283c6693027a58ef2633f924fe05d

      SHA256

      3b7907eaf89c35cd129906d0ed96fb2382a8589542c34c297bec2ce54a51a354

      SHA512

      11afaf455c2b00e1d70890e02c441234d5e66af82df0951570c42adcaa0b957020cdc23ab3d0a9f00999dc1239a9b243670a541b84287fe181738c336442980f

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      719B

      MD5

      d8732e0c63e368b579a88ddb41d9930e

      SHA1

      b313ddb72c6171291243c4182de4207dcb5ef6fa

      SHA256

      4bfd589f5a2eafc88fbd39bca5dfc4fb4bd3aef803412de47ede1ccf95b4156f

      SHA512

      443d68634ba98e200db765bdab24db001d8e3beaf3ecc867363b32964cb2851afebcdf589d4d8ef70aeb7e17ea46c6ae54cdce45fdfa27d523da6b33fd7ce456

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      796B

      MD5

      0aabae57a169bcc4f7ee73c2a2b435a3

      SHA1

      456ce35db1cf1d55e216e13191b661cec7c0ba17

      SHA256

      ec9257172a82ecb23140f4edf56e7d0a95d1361626be48c514b01ea93720272b

      SHA512

      5544389feddc88deea70f38c4d2cbb19a1f0c8969d26f6cc058d875cef736d15f03899eff275df2ec09c395dc9dfd156a89deb648d270ef656bb7c58918c83e0

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      122B

      MD5

      250b4caeba60ddf53228405750ba66ca

      SHA1

      422ab714feb34e9f3b4f1cbe669887bcd581ddb1

      SHA256

      2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

      SHA512

      373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      395B

      MD5

      653dcbf8370feb36fe5beecd6be068a2

      SHA1

      36d52ff5cba385f806720782536ea2f6ce54cbd4

      SHA256

      8a606e5c291d719fef7e382925417e5a408f4fe8a72d085543011475dda86b11

      SHA512

      bbc2bae50e36a67077c003dd5fda1bf738aac41b1e69985ed0e71060da6d96b9741caa435498bb99c72d8c3e1a0b4e199e26e6fecc86c4a9e57226a4eac3a61c