0a7f1045c39b6b02c58d133ef20566288689a51e863f59626d2c48e61d14cd79

Resubmissions

30-08-2022 12:18

220830-pgsgrsggaq 10

12-07-2022 11:07

220712-m77chafdel 7

Analysis

max time kernel
4004803s
max time network
264s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
30-08-2022 12:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

hermit_e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3.apk
Size

2.9MB
MD5

db253c49fa9375e6eaa7f23661c58554
SHA1

527141e1ee5d76b55b7c7640f7dcf222cb93e010
SHA256

e38d7ba21a48ad32963bfe6cb0203afe0839eca9a73268a67422109da282eae3
SHA512

e15c29a45813977896487240692c5286053ca4e63f8da92709e4ea56ec354a039fcd5fe8168076da9d2e718cd89704e117e4ea690f5102383253f94f24ac362d
SSDEEP

49152:3wAIKVFQuVh59r9VWEOxeoRPipEauRMQ7QqyGdZEdyqDVNdo:3LTH9rXxOxnuETQL5zDV7o

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.androidservices.support

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.androidservices.support

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.androidservices.support

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

Processes:

com.androidservices.support

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.androidservices.support
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.androidservices.support

Acquires the wake lock. 1 IoCs

Processes:

com.androidservices.support

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.androidservices.support
Reads information about phone network operator.
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
evasion

Processes:

com.androidservices.support

description ioc process

Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS com.androidservices.support

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.androidservices.support

description	ioc	process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.androidservices.support

com.androidservices.support
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Requests cell location
- Acquires the wake lock.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.androidservices.support/app_webview/.com.google.Chrome.Rrw0gJ

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/app_webview/Default/Cookies

Filesize
64KB

MD5
dfb2098ca7b3bf16d6f5f1e7d3839af5

SHA1
ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d

SHA256
e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224

SHA512
fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

Download Submit
/data/user/0/com.androidservices.support/app_webview/Default/Cookies-journal

Filesize
1KB

MD5
8b42e70f0398e00c55d60533ca1d8e4f

SHA1
e5bf00e1a1cf85cde5985f815dabec7254581064

SHA256
2f892b5ac883c29a083c1333dfd569dac5250e3272f391986eb9627a0ff7ef1a

SHA512
24bd1a4abb6b3c14cf7e4694ebe45af85e77b7cda05124eb0303a6439892ceb367e9f6f3bf928699ad9405228eddf955e95c7d9d27863fad0f2c2d3fa8bdf66e

Download Submit
/data/user/0/com.androidservices.support/app_webview/Default/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.androidservices.support/app_webview/Default/GPUCache/index-dir/temp-index

Filesize
96B

MD5
cc0c9469e3a62b6f39142de506e992b9

SHA1
a4ff58ac1ea6168d18223734ba9ae5e1f3aa97f7

SHA256
af9fcdac65632dec73795484dcff3034cd057529be582ac024ebb7d279c5a00a

SHA512
3cbdbfb1060bcc23001e841a681fce860413c1a8df0fa3ef6846aca5446eb891708df68c6e144f8396bf4583c72cb0daf2d09c46f788ab3988f61e5598c42ba1

Download Submit
/data/user/0/com.androidservices.support/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.androidservices.support/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
7c5843a34fd4ed43677963b0ae40f5d6

SHA1
0cc06d1c73bebe8df191de46ffc6b99f0f0497f0

SHA256
ff12fe38543ea37445f458b05d278e4883c773dd62892d5c218decd2fa85aded

SHA512
ebae7ea29d9077e5709ac49349a224eba161a3bd5fc31cde559c912181b77b8ceea6780ea2704bd2bdb4c90d39ffce972f1be7096d4b09c283286b61e958fad6

Download Submit
/data/user/0/com.androidservices.support/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/app_webview/webview_data.lock

Filesize
33B

MD5
87bdf6c3692fdc3bcb19171d1889bc00

SHA1
b54313b277431e6b85670755c9000dc15d0530b3

SHA256
b7dfcfbab09b9323bf85d480597e73617b205f84b961801ad35be5ddadb7c681

SHA512
d8fbb8a2013e0f03db3cc02819c1d2ba3469335f693271318480fa5fd408dd9627a1773731e058b6a5134a62be9ecc0e69baa13a921365a4b5ef04a8cdb83df9

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
5b7c71493fb915d74ae5e7cc1e4243be

SHA1
eaa7fb2cc58c56d09897531173d76561acc22201

SHA256
23a37b6fb8102bd9ea3e17a1d5de3d8146cec6510bf0a44a86199e836ef07e8a

SHA512
e9e029a5ca61395bbd98c7e17804e724d958c8b14681f2e9e2981dab8abd42342d5cc7434d659ccee636094167b280f541d842d528f5c634968979d9851b1404

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/77e371dbde913892_0

Filesize
264B

MD5
29de0bfd9055e2842aa0a48bdea70ed8

SHA1
4aed1fa1d744936552efad28952db81079ccffd1

SHA256
bde727ead6285f7f80d44ac0d38efe80ef1e677dfe23e8f2cf4c418b46bc74e8

SHA512
51d608f072afb30ccf5ca60ef875af143153bc0449fc50409745d3fe21f87e8c3cc626351342b3ef7199f5885c52caf7df14b37c014602483d8b7f90f6895680

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
dd8e35fea83778c0d7b35dbef0d1819b

SHA1
4af74298e40cdf3a51a37d00983abbb0afcd1134

SHA256
3673ba6ca834471292c575684eb4d87519fea29a7c8dbbc6f5e8b59ed0308d5c

SHA512
d5e7548351bcb32a474680f99344fe78917c6e5dc85b7c791d2815d3bb930bde4618750155087ce098df3bdc9d4bcab6a4ecf2b6874f71c47a0029c2c8d2807b

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
1a9739e2ba9dab67ab3dd9159a493b82

SHA1
dcc5e2a5009a3ab9293642d3cb93f32063129923

SHA256
ed3082ae927e2575eec519e6ef61f198f230d35b08cec6953fbed530a3512550

SHA512
9cb0268a710b816b61c71e9197f211824aae3c18df5ec7bc675531a215c08bb50fa490400fba139373b9a995761b4f3e1a5c34652ab451cf2085acb21511a3fb

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
144B

MD5
a1632e34832077f8d70cbc41a57496e1

SHA1
f4bf994ed3b2b4434055c6226d77c51add42ee3d

SHA256
985560693ea45bba70e065f20d8978c06e789fc0075b81c2d15ecd5ae10900b7

SHA512
5771303936832fa50fcda9c48c12a43c657fd0ec776298ce7631da7c734c80b11b15f6e4bea19f80d2936bcdb8e96c235f7c377aec734a2fed3996c8781a6809

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
96B

MD5
4f8282f5737188eab4272f258c64906f

SHA1
05c43f4618adffeb509abca6824312c60e5cad90

SHA256
e51f6c37128f29f4212ef01cf7f700c752f7290b427cf2cee6c12e665bb6635c

SHA512
d6d0be14f768c2e8918f8dc9a6c455475df6b837288d995f29f8c3a75e1863a90d10a296ac189bfb43bb91a45cc7b055ec535b93693814c2db4cfdaa8126aa1c

Download Submit
/data/user/0/com.androidservices.support/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.androidservices.support/databases/com.google.android.datatransport.events

Filesize
112KB

MD5
42234a0297173062f6ed764ca6c0208c

SHA1
d8105d91e5557e0392dc749fbac6974d2daed956

SHA256
7265e8650b06d78c24ca70a41564680abfe6e529ce6ff5f5aa7504caf9113dc6

SHA512
001960aca53baf55b045b0b1d1f8609d1d614bb145306da3d8eca698d33d3a6d5b66a81cedb8a581b7e0a9fa97349b0ce0b19113564ecfcc41ba95201b871f53

Download Submit
/data/user/0/com.androidservices.support/databases/com.google.android.datatransport.events-journal

Filesize
1KB

MD5
737214593b4488b5969cadf432dcc67d

SHA1
d20683e3ccc20a9adbab5d21be0746b85f758250

SHA256
4412e5f53c38de5b2d7411d3aed87282be87b1c6672f5f04f2a77233023d8581

SHA512
af13a50e74f10c50ee40ba1f1ae8ec2bd01e102e6b590366bd800525fc605a724aa712f764064a3190ea19e741d0305ea13534848a3d4eecb8ff2d730fb9d86d

Download Submit
/data/user/0/com.androidservices.support/files/PersistedInstallation1626651821690360429tmp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/files/PersistedInstallation1976443805773637926tmp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/files/generatefid.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/no_backup/com.google.android.gms.appid-no-backup

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.androidservices.support/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/com.androidservices.support/shared_prefs/com.androidservices.support_preferences.xml

Filesize
125B

MD5
09833299edaa38319cc4f1788436b893

SHA1
8a5349984031d698364987fea0cc83cb9db7d992

SHA256
2f6a332db70747ee4117aec031727407afd15da6552b92a7d92b04019ae5ad61

SHA512
292a6fc5324b2d1c55daa166726290e4171eda89e7918a278611e62d384169fd39af5a80d010520c55b32bced3c8d81ddd53fb2dcac13f2d1cbbcb5376a1fd48

Download Submit
/data/user/0/com.androidservices.support/shared_prefs/com.androidservices.support_preferences.xml

Filesize
171B

MD5
8d16c9b405b0171ec1b03a7f81dd1f4c

SHA1
874fd564454c39602b2c07384b697b4eb520dfc1

SHA256
cb1cc07de2e09c397ff243d7f037d96afa8ac91e4bb6c2c38a8522d36270bf95

SHA512
0bdeaa7e4ddbea8fd5a31733e76bffa181c5e8fdcefabfd7c32f4c9b5361e51e24ae2a92ae83ed33a0977bf7315c4f3e84e48a97a9427490ce444d543118ef91

Download Submit
/data/user/0/com.androidservices.support/shared_prefs/com.androidservices.support_preferences.xml

Filesize
302B

MD5
4d9180372e3c82933e66d1210fd7e194

SHA1
da4031b86e558965e19c967d5944bdc0f0d8d9f6

SHA256
0e64c39f0f9ea87a7d528e9c9fcd2452a3736e2803894f6fd923d1e39a2b1921

SHA512
3d69ea56554ecb5eb4dd771061720c96171cb95a1c1adc45fccc80a13aa2fdcf654acbfea0a41502178301297990132a19cb5531bb9595f0965f853f6ecfcbf9

Download Submit
/data/user/0/com.androidservices.support/shared_prefs/com.androidservices.support_preferences.xml

Filesize
355B

MD5
6542262e0e8e7e9632400bab8913bcb1

SHA1
d831e2622a86ba9ef1d0eae86fe2211836514a81

SHA256
66d04608eb17edf928bf80e17e7d245862c307ee68dd8cf5dddb520d8621d276

SHA512
04f030da5626cd4706162e874da7ab809610a843b37d1279c0da48827d18084bd3a30f40c0d67aa859c7e18c120fe12de42eca28df6fe5a36592e15a30bbccd1

Download Submit
/data/user/0/com.androidservices.support/shared_prefs/com.androidservices.support_preferences.xml

Filesize
428B

MD5
863ab3692233842357814eadb1c78fa9

SHA1
f01ffa74d35d3995b13f5906194c5c63834e24b3

SHA256
86bd4689dbafb2bd7c72eb5416c2ba9e7f54cc18e63f2cf36aaa83106db9405d

SHA512
e2e027485d261b8f5015a7bce009913687d85c2157fbd210cf9b2d18041d1beb1d057b4dba251a86c8ecbe252ef2d6dddb99a5012ca0aac5d6884685691b9716

Download Submit
/data/user_de/0/com.androidservices.support/shared_prefs/move_to_de_records.xml

Filesize
128B

MD5
0e777fa46dc7b378b14a465da934467c

SHA1
ab7497b8b32d70c9fc2a5203ab618920d0601253

SHA256
63b2de8ef589db15b161ed905df89532d0b8ecdaeccf08f4771a4a2206089eac

SHA512
f43b46b82842ea2823ebcef50b7677e44c18675b88596e7abc6c090759af93b784c81e74f0f43b7649fa36c5582dc33338c6eeb7f5ef42d8967ad81d54e601e6

Download Submit
/storage/emulated/0/.cache_db05e717695102a349f5e434e8ea8e80/.nomedia

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit