dad4a7f55953b824e41e845c3fe134eee210bc58c15ad1fa61f310b448e5e74b

Analysis

max time kernel
2797259s
max time network
24s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
12/01/2023, 17:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

adblocker.apk
Size

2.0MB
MD5

9a89ee8b93b1ad4b3fd9420044f59029
SHA1

78b950ae68d768c618ece6c801bbc435e43e1c78
SHA256

dad4a7f55953b824e41e845c3fe134eee210bc58c15ad1fa61f310b448e5e74b
SHA512

1202297894a8b0738745273b786ada0093ff4ebdd53f76b0f4dde25fc050e00093e6b47716682ea853c93988bbf3b6491fdcfbc921b70ee0352773dc6e34f4f6
SSDEEP

49152:tG/tnlORDY45PIhSQasxSpUvdL7wRXNK7K+XaEjK:o5M952SQagiUFPqdX0aEjK

Score

7^/10

evasion

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.footballgame.footballcup.nearme.gamecenter

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/fe768956.dex	4127	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/fe768956.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/oat/x86/fe768956.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/fe768956.dex	4054	com.footballgame.footballcup.nearme.gamecenter

Reads information about phone network operator.

Removes a system notification. 1 IoCs

evasion

description	ioc	Process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	com.footballgame.footballcup.nearme.gamecenter

com.footballgame.footballcup.nearme.gamecenter
1⤵
- Acquires the wake lock.
- Loads dropped Dex/Jar
- Removes a system notification.
PID:4054
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/fe768956.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/oat/x86/fe768956.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4127

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.footballgame.footballcup.nearme.gamecenter/app_webview/Web Data

Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/app_webview/Web Data-journal

Filesize
1KB

MD5
7f6cb4d72d4815a2dc3860e66288ae5b

SHA1
c85f5bac193c7f13328c070f34e81f3450ef869e

SHA256
927a46ccfa95e8b3e117c21d6afa2988ba88545a55ff0b519f4b143c3d61e664

SHA512
c5ba7ad31a08fbc359d400cfce3eef6eb02a07ec5c0bea57964a34ac387cad464c488aa1487f1569c6dbf9191628770b925ad6a366385c0a398fe539a68a9ffd

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/app_webview/metrics_guid

Filesize
36B

MD5
a3f1a8f11b26a2583a5e8114763b1e8a

SHA1
7aeb3790fac5c09ef6ebb4e63175af1e3ff821f2

SHA256
2d589a4b842bee50ecdcc744f03941b660f8a3aafa3eeff38b1f2ab201e9fa7b

SHA512
81b5a8aa248d82bcd7581a13cd4699de544fcce912dcc949e4079fdb922b409bda83bc27452269d4898d044ba85ec3814bdfed225c85577f11869dc15f6cfa8f

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/databases/com.google.android.datatransport.events-journal

Filesize
524B

MD5
71b5fe2ce98e0be610089bb4f9b23457

SHA1
70c55be71362c4c66e2b7f46dd6377e6daa731c3

SHA256
9801449c63b0172c25fef57eaf0dbcaf22fb3399ada6fe540ccf21fca6ab879d

SHA512
1b692f8fa89b873fdfe0d4fc5e69f3cce8976f70e265b1f289423f22560d7b8b82871016f40e29426230d732ce68a3ac0e3fed899d43c86ccc2a7e52d50b6851

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/databases/com.google.android.datatransport.events-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
9b031ff262159629ad6560c62c002d18

SHA1
b021b2438f94df5b6ad2d36526bb6bb91e35bb61

SHA256
0cb9f0af26783b22ddf3dec21fe028b87cbd4a49f166d71307387fb52fb6f499

SHA512
341a8b8fcc69a01986a6b5e3d4abe6faf9b3edaa10ef3e79e3f752d623d87af910094bcd3543aa8f9117a0ef3385e5f816312ba1be2d556133260711417b14e5

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/D

Filesize
421B

MD5
8d3cb0296815c8a112516466f3db21c0

SHA1
dca4404d7f8b02614bf73399ff4f13eec1963640

SHA256
281ed94566d2ee2cc7523308a126693394388e63d3a099b3970ab8a20cd40931

SHA512
12578ed2c25fa3510771f0fa7a4a4327e5615d775aaf6d6d4279644aa547657672f232c68db5e4d6b55facab2ea7f475d62bd1e1440b6f6d288449e74663caf2

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/ex

Filesize
228B

MD5
a93fe988f132da0e860e57d3c60be107

SHA1
690d2934acbfa4fe6b4ca7cb96f271597a14aaf2

SHA256
e10a2c7ec45d6d8e26f649804e1a67f5eca2049a7635fb15e8025a83b790464a

SHA512
83fff4636c5c36f76c0e97f195dec3356f831b4028049bd692f6140f499297bb33b2333b43f5d119e347496880617e99928948cb690c9ca19a7bfe8a2172ff85

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/fe768956.dex

Filesize
2.8MB

MD5
2d2b05011c296e4d36cdadd9e21bb8c2

SHA1
d38e6e0be89b1d7817200281ae602bc5d702c6c8

SHA256
1d8c8c8f466c22b200e572194f34667a05eaef14c86624d7e35d7bd15e919357

SHA512
a8e3efbcb0056eceacd7f41f2310ee795d5827b4c06ecd7f8e56365f29cc21961e4d47e05053d1d49fa603ae00dcf13cf5ef99a30d092c5ca74b287670c8e8f2

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/files/fe768956.dex

Filesize
2.8MB

MD5
2d2b05011c296e4d36cdadd9e21bb8c2

SHA1
d38e6e0be89b1d7817200281ae602bc5d702c6c8

SHA256
1d8c8c8f466c22b200e572194f34667a05eaef14c86624d7e35d7bd15e919357

SHA512
a8e3efbcb0056eceacd7f41f2310ee795d5827b4c06ecd7f8e56365f29cc21961e4d47e05053d1d49fa603ae00dcf13cf5ef99a30d092c5ca74b287670c8e8f2

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDgxNzU2OTg2ODgxOmFuZHJvaWQ6MTM0NzAzNTkyMDliM2JmMTAzNWEwMA.xml

Filesize
519B

MD5
1e9ff8616dd2e5783ceb9aeed2efdfd2

SHA1
c1c7f9bd8c17833c8840c2931a6bdb6707fc016e

SHA256
7a227e9e61947b01c2b856c6ec5308e75575d9e87f5219273aac5a5384bd215b

SHA512
abebc1793f02177b5baea1c7fed84a7739111002570c29ff278528f69c87062b3c3af21939a8ea54e6d9a9b6e3eab358981525bb9eff76c67cb708f13e9a0d23

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDgxNzU2OTg2ODgxOmFuZHJvaWQ6MTM0NzAzNTkyMDliM2JmMTAzNWEwMA.xml

Filesize
178B

MD5
35c58c3e70fa6f6a199b8be0d46ff0fe

SHA1
bb02627f5470828de7eae6531b93a8834b4a09e9

SHA256
76cc76a9ad3083315a0466d82670f69e0e93b83a80ef3f9f6d44726c8faf50ac

SHA512
32708cc0895e04f2681af0646bdffd94d290d1eb22ed89f54736196b8b08c2b2472a269e93087c240c814a30b810f4ed36bc49ce77e129a3d248ffb901f97f56

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDgxNzU2OTg2ODgxOmFuZHJvaWQ6MTM0NzAzNTkyMDliM2JmMTAzNWEwMA.xml

Filesize
465B

MD5
5f07987492457883b3f3695caeb9c525

SHA1
e38cc201324935089ebd975b1dec81a264f853e7

SHA256
74f861cd8d89f9ff0b1a69524eb0aa469c70cb3fc37c82106edc91d22c79f382

SHA512
6eff0aeb4d7766b70554201ce9d26f703dce9f69fe5cb926b1615eb15e46bd43f32cbc01e824c08855cc9ddae7d7d60a643eb95fe03987ea1899abd788868e7c

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/com.footballgame.footballcup.nearme.gamecenter/shared_prefs/com.google.android.gms.appid.xml

Filesize
388B

MD5
07d8405ddeb6c730d6f9c9d606c8e15f

SHA1
fabebacc7ae5dffa76beebee764054f21a627d4c

SHA256
da9874063a5cd9f20106039e5d4a40d5086589cd350b1fcf593ee43eadb016df

SHA512
d5506fbfe0f27c6bd7a556bb6053a82e91afecf53ecf27261a9ace88c0df89dde4ae71d47f6c9c155c4d629d8d369890417a8dee35078865f288e012a1366c02

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads