Analysis

  • max time kernel
    3590956s
  • max time network
    27s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • submitted
    25-08-2022 17:25

General

  • Target

    gen_signed4.apk

  • Size

    3.3MB

  • MD5

    464f4806e8af7556c5a9d8d05c1c0374

  • SHA1

    301180365d843785ac00f6041fd953f8d064d7bc

  • SHA256

    3704a4bea4687f28c981c063f2561f6453ae7a1a85b4e866790275941151c612

  • SHA512

    37e9290b58eb2f559d7574b7cae8516cef63358c1de7506b60b4028b16b96a40c322ee85d53ad95dc7563bcb8fab4f4b928c555565b1404524a18813520754b1

  • SSDEEP

    98304:QEVF6aL7fDW3v0AMYfccAczVrqTXXXOk4hlU3cIp+4ij:Q46x3vKcA6VaJ8U3p+Rj

Score
7/10

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock.
    PID:4536
    • ping -c 2 -W 10 -v google.com
      2⤵
        PID:4597

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/ir.shz.shzkisi/cache/~test.test

      Filesize

      4B

      MD5

      098f6bcd4621d373cade4e832627b4f6

      SHA1

      a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

      SHA256

      9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

      SHA512

      ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    • /data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      88KB

      MD5

      8dfcfdcef5a9793fb83bda404ec3f42b

      SHA1

      dd02caf5757e9fdaf184ab299c45e4c92ab3ae4b

      SHA256

      a59674cc863d7e977b030c7047072dc4c6d5ada1257917574fe184d886042cd2

      SHA512

      e04d1892c052fc3766881d3f21e26961714e575766cb316bcada34cce49cf6e17eb26c3fbdee0038ed2c75da0a9cab99e0e3e78374be20ce2790cc0d0d9cd807

    • /data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

      Filesize

      1KB

      MD5

      b1efb60bd432bc3fc56044fab228e7dd

      SHA1

      a528ffcf4051af90e51bca80be9a5263425553c2

      SHA256

      6f11c84c5d9e74017347e758513db004c9909b978897ac2a1c6a38fed5c0c41e

      SHA512

      53363d165de2fe21013fcee67ccaaf5ddb72a2fab7bc337ecc77425860782d5d0fa7e109942caaf3ef51d1dfea2f300046ed6f655176770bfe0ac296011ca188

    • /data/user/0/ir.shz.shzkisi/files/PersistedInstallation419247040383966181tmp

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/files/PersistedInstallation6372136036147411426tmp

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/files/generatefid.lock

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/no_backup/com.google.android.gms.appid-no-backup

      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

      Filesize

      239B

      MD5

      c924774d9e7b35461708db439b7c1d63

      SHA1

      768cfa6d98de416daaea5162abbcedb422a02630

      SHA256

      a6254388d361e160f20202d73ccef9f3806baab2b2d6a2008ef16502876ca3e0

      SHA512

      ef313526d77b743ea513309c5e90c77a8dc70ec6b8060fc84962423ae7f2203955aabd5c2edf72187e94095fc2758c55a6db5854a3029280334f41fa74359d50

    • /data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

      Filesize

      134B

      MD5

      35999a2fc01821caa235bc3be5ca55fb

      SHA1

      0d4e6285f54fbc0e84e21d5ecce9021d5269be57

      SHA256

      9274f564539eeec8be3331f004b936797d11392b0429c393407e81f4fee0f2e3

      SHA512

      24f158519f3059c7030acf49ff2ca23770a947a35e87fb210aa1b01c40ed88cdd413c4334be68c03fd8b8e2b0f8b7cce6258fa5e702350b411131ab41d3445ff

    • /data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

      Filesize

      188B

      MD5

      0b26a24962266aed2854f7642511978c

      SHA1

      072caa384ae9d2cb2cecb431c9b65e9c39499b58

      SHA256

      ae0ab88bc9298e96cd5efcfa4ccd0807821d85299185669b0af55fe47f01b32b

      SHA512

      ff377dcf4addf3d9f5cd4872382be93c453e30ef3ecb1b803dd53a07ec61969e1215f11aab33e991f91f9e34533565c5bc239434ad22089ca61ace693508d98e

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

      Filesize

      192B

      MD5

      f674454aee75ee0a2286b7ed156861d8

      SHA1

      a845898683c23d3d75198b77b5bf9848d4980f38

      SHA256

      65446a999d1c0e33442ed4d0229432267f995593d758981b05c741880a3c26cf

      SHA512

      e9fd13aff83a9e45a4aaa39bdcdd0b54d6f0962bda86e243b363067cedb6ec432468ae1499a3a7cd4cdb59e852e583fa2c5301132cde9212bd2201702de15301

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

      Filesize

      507B

      MD5

      8836ac7a06925e9747c55960a8f80ae9

      SHA1

      e84dc097137bcc045fd3ebb6d373c508008162d2

      SHA256

      d13b43633347b9f223ca6baf89f98d5ecafd84f0421e9365bbb31688677e647e

      SHA512

      a779bec9627350766337099db6cd14c802a3b1ab684cf2973c75b6849774590cc3a5dfc1b94a0ec752d9fbb00053f3f197ec8ea15e321d6c0ed1e80c706a0cd3

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

      Filesize

      565B

      MD5

      5d36927bf4aa845ac75d7412ae8a83d8

      SHA1

      174a75fe3f887201675beefaadbb8f75714f62df

      SHA256

      fdfccafc60e874a7a875f6ff2253ba70227b05e65f9238e318c34ea2b79652cd

      SHA512

      6a3db997ad8142715029deff998d2428ab2a1c3e80797bd9b9c39216e313baa21d90ecf089bbc0aebd2b2c3d2e37ad75a1cd24ac532dfb89ae90632257297f6d

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

      Filesize

      558B

      MD5

      fbaa214f841da4da76dbdd7addf968a8

      SHA1

      17dae5726201f68a8de4aff3074c90b081b9ddca

      SHA256

      e65c30533e33a3312aaaa58d1763aa424e1c1e35cd79ca97c544d6d29805a09c

      SHA512

      3dd895020d35f9983113100d46eea2fcf34be5913f56863e34672c5f8e59536ede9d2b4b3e4707199a3717c5dc0312530bc6f63f3c8ae89754cac7064b81ca0e

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      606B

      MD5

      4acbbfbc61cd7a88d4fe0f4eda5b139a

      SHA1

      1f9b8d0b4619d75da7786579d43ab4106da4cfb0

      SHA256

      9108dad751f5dda75d698b5995ccb388f2ad770723a766707b7bc2d279a1967b

      SHA512

      95cff069554f438fe913e0d3fb6d1a8b797eed510c502be30d3e132b2cdc128d6013bb98cf54389166310eaecc882ffcd4307087ab23eab5c36942f220419aa2

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      607B

      MD5

      c3b38133ab156961d9ca7b6bac7f6b13

      SHA1

      91250db70e36a1898780a3e7aa14c5387b12c45f

      SHA256

      ea58d0cb1078adf173e1c1a9fcc180b0590c1c9c1e01221e267006deccc769ba

      SHA512

      a7bb37d4f088ac11a4d49799bb954e0b5131250056da37a808aea1337ce1f6845cbf8becb0be158507eb88a2440c9e9d199d8776c30f280fcdccda7368465bdd

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      665B

      MD5

      f14d58f283827b15e73faa44ad0b01e2

      SHA1

      3152d35281ec08053194e4767ae6c73e29e665c7

      SHA256

      737967deb55026e2c96eed93a73f3b73ed9010b85afc1326352d0ea628f36473

      SHA512

      db6e5a834229ba0ad02267fe9c1ee0b5ba46e53b6362d6b0989f10127b4b29501b3d2294b92776fb1ec7d071437e0171bfeffa947ac19b5344508887f488db81

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      719B

      MD5

      62aefd6316b62cb1973ef043f35a0d88

      SHA1

      cf616a10f3e30c79da7e3c9e891ff1283262693d

      SHA256

      c57fe29cb59400b530720891fc9f845d5f51140f221a55a19a38a68465467208

      SHA512

      24ebee1d19271883a976556074bffb217a5bbc9042e5bf6fca8b8f3c7dd9976436f764f6f8f5f6b6b48fefcb060c5216165e67f3d91f439e3a3249b6f4abe05b

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      796B

      MD5

      cc091f298ea5660084428593afcec892

      SHA1

      6696fa84491e13b1dc7ea9ffc3536fa94a0b86c0

      SHA256

      230ee8e790d3f381753a98975fb5d95f489f7683504f5067a1d64c9c612c0327

      SHA512

      acabce099ca1ad91152d062248f871dc09cfbfffdd067f722be5d4c254da39052cd06f87184e1203c8480a421276f04af50729c3814d655b97312ca29bd2d6da

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      122B

      MD5

      250b4caeba60ddf53228405750ba66ca

      SHA1

      422ab714feb34e9f3b4f1cbe669887bcd581ddb1

      SHA256

      2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

      SHA512

      373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

    • /data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

      Filesize

      395B

      MD5

      63f33ddd301f710d0d1cb4d97ff5a05c

      SHA1

      45cf5c08a9ea6e7cf537a15611ab9e18e381a187

      SHA256

      d2dc19811f9c1f0927fda53af7adafb909b6d9a02d9f37f480179e14896c0993

      SHA512

      a4f574db9b2116bf1fa24502395897839b2a57f3c82fde905966a269cc60f8f32234468f157e167348f9784750c17cf54ba867681c29f1997d81e3f383aa9243