Overview

overview

7

Static

static

7

faf2adf8b9...44.apk

android-9-x86

7

Analysis

  • max time kernel
    3138556s
  • max time network
    13s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    27/11/2022, 03:29

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    faf2adf8b98c70b37eb085eb87f0cb818839ebf07b49e2707fd0c44c064d0344.apk

  • Size

    2.3MB

  • MD5

    c9bcfbe7b7e7e7b9e829f3efac2c172b

  • SHA1

    4065a04829b5067e5ab1fde61825889afec60f2a

  • SHA256

    faf2adf8b98c70b37eb085eb87f0cb818839ebf07b49e2707fd0c44c064d0344

  • SHA512

    4b78b70f94b4b04eaa89f980a4445e2bd9f85d0dab3358849b249f585acf06919b58af808504b18a07eb2f8fb552fd9d9bc8c7f71150d1b9e7e5a99f3b84d785

  • SSDEEP

    49152:Ilkqx722ZvUCLF82xC+pONsNJWhRq+MWou7RvHVSVnjpg0HRVYm1Oepboj:IlkwSQvrC2xnEsNJMYKRHVSVnjC0H8my

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • bn.kabfue.l.w15f859bbc748b.jb05
    1⤵
    • Loads dropped Dex/Jar
    PID:4038
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/files/f919b40b8751fb30ae91881b02b9ec18.apk --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/files/oat/x86/f919b40b8751fb30ae91881b02b9ec18.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4135
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/ecbc9149b41f08b23aac3396bb6d2dcf.apk --output-vdex-fd=48 --oat-fd=49 --oat-location=/data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/oat/x86/ecbc9149b41f08b23aac3396bb6d2dcf.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4223

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/files/f919b40b8751fb30ae91881b02b9ec18.apk
          Filesize

          86KB

          MD5

          bb5a6a8c59cb5e0cbd561a2f63d2a5e2

          SHA1

          2989a02e08c48f5ad621700b9ff3d2d163e3c242

          SHA256

          82ee464b198c21d2daa4b69d8018c21a31fd2e14a70ec500cafc2167c5d510fd

          SHA512

          c8b1c684b1c1e0f910a1868fd155328351613e6d286fee5de6335d361971855fa104fb3fc9d8a285ebc9b2ab08021ea618bdd1645439bbac84b17fd73981c96b

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/files/f919b40b8751fb30ae91881b02b9ec18.apk
          Filesize

          239KB

          MD5

          59dc955f00f9cb83becb567dcfbdb3af

          SHA1

          ece9f07c14e3aa9f3c5a97a85adc0e9fbdd39dea

          SHA256

          e95d29732d05fc02569e7d5760a329dcbee274c2a714993130e37dbf30a5b057

          SHA512

          c9b1428865632e943381f09e196cfd18ed28e69d0393559dd9e94454e812a6d9c335ce2cfc974fcd3cd6eadac54c79570814dc91958f77a6885e7582ddecb57d

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/files/f919b40b8751fb30ae91881b02b9ec18.apk
          Filesize

          239KB

          MD5

          578ba14d576057f5fb0262abec82ff47

          SHA1

          e270bb694a5c4aa8155df8c1897765eae2ae1917

          SHA256

          00ce791b710a3c9970bc0c64337fe2a6f327a192998dee424c5546bc849acfa7

          SHA512

          750d8e50dac71c7a3add1fcab51bdd11ea1ab605a9a26fcf9f3c94635695e2966740af5f2a3988544b40a16f9f9bd48b6310633b8596d7167478acb6269247f1

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/ecbc9149b41f08b23aac3396bb6d2dcf.apk
          Filesize

          1.3MB

          MD5

          bf15f4fc526a326d7e44c1b696310bcd

          SHA1

          c7b7a99c770bf29d51c7d4e7db2e4cf433f2662b

          SHA256

          6ec14805c69795bf3e352bc04866066983464d340d3bf54abefb71dbc68e3a42

          SHA512

          8a141ee5ea71679f85349a75a06e017c602dac333ac500f33d169a4c0269583096de3f8b7a32afcab969ee25c3453768d4f627ea8cd2abcfc6584d833ad821cf

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/ecbc9149b41f08b23aac3396bb6d2dcf.apk
          Filesize

          1.0MB

          MD5

          dd9d574c4e57f33ce54ccf4959493f92

          SHA1

          d571e50d33f326292e07d17f4ea3390e283dc1ce

          SHA256

          76bf49da5c0f6134736ac2654aeb34648a502ff5bb4f1bd81e4dcc8105465243

          SHA512

          e74e7e3ae560929037a6cae088f5b9db0c16ae73f86450301054d9237dc7e0a530f62ee970f8ce01a151cb37472ecfbbc7abe07e73d9ce6059624a1f114a0d3c

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/ecbc9149b41f08b23aac3396bb6d2dcf.apk
          Filesize

          1.0MB

          MD5

          4e65a92079f9f69999e8d9e566842120

          SHA1

          2bf6ec0117ff84c06465719a2baa48fe182a43bb

          SHA256

          c7bd3441cdaa5d9858c51c3b54ac18372e949100067a085a3c17ece4aa3d1128

          SHA512

          ef35b4e41123475b55d9115de44a3d5b78270682312260710a97d089624cc4d752b3d805e6979140c10e57b2a5b2d1f5378c9abe0c1eb5ee77e874e13e20af05

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/lib/libegamepay_ext.so
          Filesize

          277KB

          MD5

          c7f239cb465bef6cfdee8f7d282909d7

          SHA1

          61f12e232645ba7934b55fa8c9ebbe8fa2868681

          SHA256

          3c3d2b00c1d51e8bc73c983de1ed2740d8ef57099bda003f18302be6c3fe48da

          SHA512

          a66408355bcd0d694f52e7588de6c3b6ac81330ef9fa8aee21888a27aceeaad262f621a13e4721a940c040d4e817b3b0a83f77a3c81ee7d349330274ba856aef

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/realshell/lib/libmy-ndk.so
          Filesize

          269KB

          MD5

          eb80286aae6777eb1b0fb1c90eeb46f5

          SHA1

          012bcbbba87423fdfbcf87e05de05df36d111c68

          SHA256

          05d03d287fec8e49aae5528cc9fcc5dea2310be98e9aab3182be08dfa95245e9

          SHA512

          bf711a12a52df837e6f155c6417e09fda6792f61773b909b6d2521991236112f71334314f7266719a8606f2f00ff192d349eecdc7ebe4b6577e6e06ac5e90c66

          Download Submit

        • /data/user/0/bn.kabfue.l.w15f859bbc748b.jb05/shared_prefs/APP_START_TIMER_INFO.xml
          Filesize

          117B

          MD5

          73fdb9755ede5df09e68574977348487

          SHA1

          a36514d29173333f92345e8660137dfaf35fd3af

          SHA256

          f94cf7487f5fafdc2eb3b9a720687771316c38f2c2aae294c0933a5e292dbffb

          SHA512

          704a94b5555e2ba0b42f8ab0f0ad6d7bb64572cdaf8a5d899d127ed20726a64dd4a411d8ad9ed6246f8050687b5115f94cc12c1d55b5dc5b0fb320d4f1cda36a

          Download Submit