Overview

overview

7

Static

static

10

eblagh.apk

android-9-x86

7

eblagh.apk

android-10-x64

6

eblagh.apk

android-11-x64

7

Analysis

  • max time kernel
    3616706s
  • max time network
    163s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • submitted
    26-08-2022 00:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eblagh.apk

  • Size

    2.1MB

  • MD5

    4118d3586b4a257476085f7d61fbaf0f

  • SHA1

    99e17190f50350433d45e1b1dde5e44800521e2c

  • SHA256

    cb1604c4c5be8b074c3738abf22c979033e76ed736822617865500a99e5d3dd4

  • SHA512

    3089f1b60c40c3cdd4ab3fe6278cbbd1ee98be4018e1ed90d1f0c9a1b55e2e78183bfc0471e30363cf5f9f54d172e8181aa5bb54e5d39e35aa09df29590e229f

  • SSDEEP

    49152:x/vp2ugmzU9BhzZzFnsPBomkcuZCirAMsdU03KZwHY:ZBu6UVzZzxsPBo5cuA0ACWKZw4

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.

Processes

  • www.devil.ir
    1⤵
      PID:4779
      • ping -c 2 -W 10 -v google.com
        2⤵
          PID:4908

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/www.devil.ir/cache/1
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit

      • /data/user/0/www.devil.ir/cache/~test.test
        Filesize

        4B

        MD5

        098f6bcd4621d373cade4e832627b4f6

        SHA1

        a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

        SHA256

        9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

        SHA512

        ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

        Download Submit

      • /data/user/0/www.devil.ir/databases/google_app_measurement_local.db
        Filesize

        88KB

        MD5

        7bd7e08b7c157fb7a04f9701b6965b65

        SHA1

        19ed78cffffd879509071b091ba60776c18e8d97

        SHA256

        c3aa0e8a52b6dcae0f988502bb3887f94c13148a8f36c3fcf5036c7c99afbdbc

        SHA512

        a668c141cd4d48396e9d67e79ec1036a8ad4498293e0f16d108e8c4d842f76714f561bbe440a3a5dbcfb6b7ade257ffed7fa07c56566c8ea938589c61943d4cb

        Download Submit

      • /data/user/0/www.devil.ir/databases/google_app_measurement_local.db-journal
        Filesize

        1KB

        MD5

        22e64b8f3a56c007bac7ae18cfcce752

        SHA1

        e098e05e47a642b36d7af4d3e6ef41976d56854c

        SHA256

        f55c80f0f5cbc8d6929105209cdb28074eccd04669fc8fe142d702f814534328

        SHA512

        0743c345f5e1db2a612a677ec592f333283a25e8a05c3979f6a61450630a83ce61c4f9676f1ee18ad0314dc962370aa53dfab6ce22a535b70f26af54a9c24240

        Download Submit

      • /data/user/0/www.devil.ir/files/PersistedInstallation235679196042916309tmp
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit

      • /data/user/0/www.devil.ir/files/PersistedInstallation5298934728702535936tmp
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit

      • /data/user/0/www.devil.ir/files/generatefid.lock
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit

      • /data/user/0/www.devil.ir/no_backup/com.google.android.gms.appid-no-backup
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/FirebaseAppHeartBeat.xml
        Filesize

        239B

        MD5

        73fefe71353431421685a22e92aac2cb

        SHA1

        60da6aa4b400d386132a9698e01fc26057792122

        SHA256

        a81e1ff5280c7fe4fa71e60cb54463d5d5b975267ba4010ae84e01006e1893f6

        SHA512

        cb3b9873a7ae92f356c9e0f7b659556afe6335ebfd66e4d8cd3de8e5cfadf3297c3404d2a7f9f870f5a8cd655a8e056ac97d9412e003cdaab3f37a0a145bfd3b

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/FirebaseAppHeartBeat.xml
        Filesize

        134B

        MD5

        3cffe1f9aa4e45b1e860feb454ea1ea6

        SHA1

        9a29c016b6cebe3ebd80bc879a31e8c763c58c5f

        SHA256

        54282da7063130ce7355dc9b004b9f719d87dc4749b9e6c030cc4a439254b349

        SHA512

        938c2bccdefd5d62bd7657d1c94cb067ab917dac0507a5679b4bf4e9a5b1921e8bad9f3c7fd31212153296e810afad1da58c1e8470d7fb58054259a23a736af2

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/FirebaseAppHeartBeat.xml
        Filesize

        188B

        MD5

        5b5dd9183a0e8eae830e67a525e9a4b1

        SHA1

        fa0b75369e357f4f5e5dbb69c69b22fd729f47ac

        SHA256

        1e2e197d2e83dcf6219f41197abd47e4dc9f3461721cb7cf9bf84e15bb5f79fd

        SHA512

        1057ce04af680859bb8ea498239eb1e98df506841c8444275e749fedcab8e86e63af8ed5393dc8af2509f7cac2de89235e29e2382a1460030c9575f53c3d9465

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.appid.xml
        Filesize

        192B

        MD5

        a1f07ff7020f248ba67a1f61313d05d7

        SHA1

        37edf42c15a8fac6a797f07ae95604b5734ee7ea

        SHA256

        561a56e170c211d0d7a6f81ce1899794da0629abc2407ecbe4914e19312ad620

        SHA512

        4e7e8185f2b5922edf74d429aae83e355c386f94dc82c902fb68da0c7da87d93cb91613fc9565411dbfe145d671fa102a94d19742411ffb25c2afe891250151b

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.appid.xml
        Filesize

        507B

        MD5

        dfc34ba0473328b1139b519118bad47a

        SHA1

        3a1f6715fcba15f17925cc64979a07b6f28fa1bc

        SHA256

        c226c35e0c7b73cdfa47ffa93792ffe1de20ce8d1cd1d9e515dccb4e22452243

        SHA512

        2da6b19b0c10ea2b9ececd28e6ec411ef5a67eaa22c90f7b1b2b9d78ac6e51e9cd6b148041051033f783934cbb4f527c46182cd2e1b67fb8a2db664b7f5d2f82

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.appid.xml
        Filesize

        567B

        MD5

        c8ea927b86b6b061e0f44dfd1ab65e0e

        SHA1

        6bbb8a36d03bc1bb1d0246ba9e5da870612dd22b

        SHA256

        54cfdf272b967421756ae8bff5bf9d8480306c7b5dd8bf6a772d9c15c9cddc25

        SHA512

        78248eb6754b7a61c148aec6d7dd3fcbb0f5ff8f7f1c076bb5de2a02b1f70ad4fea1ed524362a393746a102b4f51f66818b5bf6f73b29202b17059b4d0b47a65

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.appid.xml
        Filesize

        558B

        MD5

        8cf6213fa21eba87b0b36dc71308784b

        SHA1

        2aeb6953d9b22bd8aed0e70a45c11430ee62f17c

        SHA256

        9e9e0799bbbe528ec2c5e5b24e416411bd825f104add78950e21e6e585386e63

        SHA512

        6c9df19fc465b85760a8c3e80b3408820d2b3a88b0f7b8b4224e34ca30a39de78b0da1b43eba1d128e668491c03863566bc58a9e76d84858afe6d0017a7f1aa8

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.measurement.prefs.xml
        Filesize

        607B

        MD5

        4ce80baa45a2354db058bf9e4dbe6034

        SHA1

        f590eeb9046f385ab01a30f4519ebbad969f802b

        SHA256

        98694c293afaa6c8cd7c1af0bbabf49887251e32b53a96918b2e0e40a0954305

        SHA512

        fde29d1a26db889ad845572e93dd7b8dcc7405de84bca8572072fbef4b66298ea81b59a30c7e719a5b234b71e4a080d89d6e9f82a62c3a87a4ced684e17f6d8f

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.measurement.prefs.xml
        Filesize

        719B

        MD5

        2d8bf9c1db9f060c9368914fadf1ba2e

        SHA1

        bbad9df059ccb1a793191c0be5809d065dc88b43

        SHA256

        4f62756076a2977f42d0aee9cdfff945c818cb1c27aaab23894ce35857f95be6

        SHA512

        13815d123eb93f0e31afacaa45de0d133e996cca29c5bcab7e5e26a2cc4a9baaecef3004ccfe1ed689ea4673777f195b051bdb73e056ecab868188194596a7a4

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.measurement.prefs.xml
        Filesize

        796B

        MD5

        2d6bd7d9b8e4d0784b51091de54c70bc

        SHA1

        5c2249000a2f62f847d7721ffbe97b534472d3f2

        SHA256

        cc3b47154064fca396ec076260cfaf8d0b31a2e7d1d27967010436dffd6aca09

        SHA512

        29578646ee71ef2e0c6fa8f717b9fd2c4bcd7bd3c259eb9e1753f5ebe49bc1b36e1f11ebc2c9577f6c3de277279e7e8268775da33c970b5f914a09e8e56b7286

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.measurement.prefs.xml
        Filesize

        122B

        MD5

        250b4caeba60ddf53228405750ba66ca

        SHA1

        422ab714feb34e9f3b4f1cbe669887bcd581ddb1

        SHA256

        2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

        SHA512

        373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

        Download Submit

      • /data/user/0/www.devil.ir/shared_prefs/com.google.android.gms.measurement.prefs.xml
        Filesize

        395B

        MD5

        e7ccad1e163b19821a271d963b24129c

        SHA1

        fb32e6fc19b100a247da0dd09300f3dc16bebaec

        SHA256

        d9edff3632a025bd50a66d7ddecd93f9f0d74b4122e2b2763da88c8ff67c2ce1

        SHA512

        efbc09366a1217acd0d24159e293c49db426b5023bdf0eca5b2365926c35197db60da87439fced174c500e630ff6146d80e8cdbc3e5fb96ecca04a1ca33ed09c

        Download Submit