bf3fcdba7148627abfed402d038c99d3b2e60cd87cd04fe22b6ea3aac5ac9151

Resubmissions

04/10/2022, 09:59

221004-lz275saec6 8

26/09/2022, 05:56

17/09/2022, 08:02

06/09/2022, 18:32

06/09/2022, 18:14

Analysis

max time kernel
2725496s
max time network
149s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
04/10/2022, 09:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bf3fcdba7148627abfed402d038c99d3b2e60cd87cd04fe22b6ea3aac5ac9151.apk
Size

4.1MB
MD5

cc551ea1e9bb262a25f25a2f15412905
SHA1

5856d942486d0ef997527591c7ae58b6d6a4bf07
SHA256

bf3fcdba7148627abfed402d038c99d3b2e60cd87cd04fe22b6ea3aac5ac9151
SHA512

8b511c9e9cfd784a0537027c738ae6d4c722f0358814b4fb8089c8302a07320e49990183fd5f6b9006e99e5c1622a17d5f7ef21613c7075761d3386e3cc44f62
SSDEEP

98304:Jeq7CtjZunGGO2mASwWX47tll0FCYHBjnDSY6vkyFmwnM/yd2ofrHS:5ytun3O2mAJRll0F/hLGkyFm//T

Score

8^/10

evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service. 3 IoCs

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.ohalqpdj.discopet
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText	com.ohalqpdj.discopet
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	com.ohalqpdj.discopet

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs

evasion

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.ohalqpdj.discopet

Removes a system notification. 1 IoCs

evasion

description	ioc	Process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	com.ohalqpdj.discopet

com.ohalqpdj.discopet
1⤵
- Makes use of the framework's Accessibility service.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Removes a system notification.
PID:4069

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ohalqpdj.discopet/app_webview/GPUCache/index

Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/com.ohalqpdj.discopet/app_webview/GPUCache/index-dir/temp-index

Filesize
48B

MD5
36b6a232c7eca6ceb3a1ff1a549e460a

SHA1
6eddc46abad934f2155bc0509317dfd4ea7e8b2b

SHA256
6ace73b75f1c24f64812aa35c6cb5c98fcaa95fe95a418907101a94bc962797b

SHA512
f60a635d36ee805480400970413b91f18cebd34248854687852c31987f1a12d686e0f123e2d15172775b39d4e5eca00f453f2c4c103638a03b1437f3fdeaedb1

Download Submit
/data/user/0/com.ohalqpdj.discopet/app_webview/GPUCache/index-dir/temp-index

Filesize
48B

MD5
63afe7c8cedec56c6c0c15d15406e441

SHA1
cf7f7af57423e59b101f9900a96153aaa2580748

SHA256
78c42c1f2e2f2e81a38c8c2f357b18cdb600882c2f66f23b73b6a7825c2f8605

SHA512
9261ee5243ba21e507e6738ac1ab97b2dc2f51850129ae756bd884bcf43b2f11659acddd1b30bff1add1489b5bd910299ae57cb2fd8634c94e81bcab4a77abca

Download Submit
/data/user/0/com.ohalqpdj.discopet/app_webview/Web Data

Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/com.ohalqpdj.discopet/app_webview/Web Data-journal

Filesize
1KB

MD5
2d18d11d69d60a1e76fc0118f461700d

SHA1
c639ddf43ca152ab14cd4d8d89e73fc9c2c0859e

SHA256
b6305d26ce63cdd8c8851ceef2c0c68c5bf74e814c4b8d6a4820861102d726b5

SHA512
89cde489766a858b0df0ba8c5da33731c9489c962d2e3706f05d05967ee148125e907c98080d74e0dd773fa3fa5083117d8501cdca544b72c441ee7ec45308d5

Download Submit
/data/user/0/com.ohalqpdj.discopet/app_webview/metrics_guid

Filesize
36B

MD5
6883189e9cd672a67de81e2a818a4305

SHA1
9b70174a79fd4c88984b7fbea927907c28d727f5

SHA256
e6cb62683f9f858ae46938f10d2f6ffcc7efbf582de625a1f17d0488e61329f8

SHA512
b0b3131863182788f2379ce9d6c67ab320588bcc2f60557b743bee8988ef67203ac2e15199e2648d5f694422573263b4ccb6b8756a7573f7c5590d4e904f1353

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db

Filesize
40KB

MD5
75c2ae59729503b80670f2d074a28a99

SHA1
9f360db658b651c243ef7f760f1098ed74ecec5a

SHA256
05b44e952f310abd586e375e9d5c98f6a8729ac2c6282398bc5b828bc0365592

SHA512
067e1423bd4e3f2723a310921614ba31196e6787420a007a572583ab9ec028204c495cc186d43bd038a1adf4ba3f51e7322d6f4a9fe1b710eaa258bf6e461038

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-journal

Filesize
524B

MD5
5088aa5729c570d4b2a2faf6dc19df96

SHA1
4c56251173d42b9e4545af01bbabd87efed2459c

SHA256
7a0f0316de73c308a7deedc737492269010430ef92e49e6cc00b68898f53cf47

SHA512
3003425367e8d98a081586f813fde7008cc02c607196e368639b6e9e167d08b63436bedeb0739660d3316fb60cc4aed3e698eca8385cd09e092199e507ba40db

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-wal

Filesize
80KB

MD5
97087f449889cbd86cb05f4b07d8270c

SHA1
6ea24f0b1b41aa467d36062c4f0cf416803640b2

SHA256
0859c5f52b0599d2381258942679299fc3fcac49389313905d366d3f4bb14d5a

SHA512
3d1433b015cfbe720a82e7a133dc5927a5873d4826b3046198d534efb46827a810c7011123cc6d1ee2c88e6f69e1bb95fc34fbbba2c2b1304664ccb3ace08236

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-wal

Filesize
24KB

MD5
227dba94bf74ce128934bfd8b27ba4a8

SHA1
c5644a4651960e454d5d1ebe33ed5d56ee00c3ca

SHA256
9bb87435b235aaa15d610ceff3a9947e5f2b2fe59eae974c274eae4dfda6ab9b

SHA512
7161a5e05cf6894a98113a0de7041c24d188a782757c488c4749c143c44d7db25f94af863302c3a0ecc85db131d5d62ac83fe363f9e67fad7b191afade6b4c36

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-wal

Filesize
20KB

MD5
0b5864988fb3a2e3c7eaa94b51f12dea

SHA1
a6313f6bd906302b008aa19e9f6cdb3617008f76

SHA256
11ae3a74b640df65f74f610fa77060920e5b4cd63a36df9e0a691280d134ce7a

SHA512
0b3bc591ad236bbeb726222611d71fb219c3b9269e1d8bc7a179a4500d023a0f4ce0f4e7b9d952f302744692b1fdef4947950bb6d2b0997eb90c86fc35bc9546

Download Submit
/data/user/0/com.ohalqpdj.discopet/databases/database.db-wal

Filesize
20KB

MD5
25c8ebad4bd740d2af11eaf227da8744

SHA1
26cd44ddb1ce81b9b099d43c971e1a44cc980d93

SHA256
3d514ea0e90795b8ba4abae30e43d3d36e63ea58830ca0859dd981fc6abb4a2c

SHA512
ef06a16cc295839ff30d47a33e9d24d587bb128b2ec40b1384b7d76fa44166b5f88abe795f0ec66fda158c6511ec097a7e7168b07bfee062d76be52dd0aa1142

Download Submit
/data/user/0/com.ohalqpdj.discopet/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/com.ohalqpdj.discopet/shared_prefs/preferences.xml

Filesize
152B

MD5
9254d2218d8a45f37fa6038ae2da8da0

SHA1
35ef16a6e95994dfb6ad6e0544d425f9a231fde4

SHA256
ffea655bef8844d95725bd7205c8ec35a526175f9d1a6afb012560c107eb2782

SHA512
16578a1043c0ca0c509f5c615c7021e3cdc30cb294f18d6dc50d76fb20b2ca0e43c3e387fb0ed8d74c430f4dcd26210b03fea8340a751202b9dc2fd199a3310f

Download Submit
/data/user/0/com.ohalqpdj.discopet/shared_prefs/preferences.xml

Filesize
398B

MD5
67dc3d324c33f5b28183584884b8046f

SHA1
6c8286c807e08a0cabf3e8111f4ef535f736c289

SHA256
fb02e8d9918597384f164611cfe49f3aecf0c8dfa53b1fc69bae05d327658357

SHA512
b4bdf6fc3203ffe53e7ad9bb8cfc531cde594c51890473a0616f18492006f048d95f10ead2e46946cb67724243289e1f80b9f763a8c497619953a98e1ba53c0c

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads