8c2e3c0c7fd591f1377e9318fbcfbcae85db4875a2f405b99da46edf9b70eefc

Analysis

max time kernel
3624184s
max time network
136s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
22-01-2023 05:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com.skyclean.clearlite_211_apksos.com.apk
Size

3.9MB
MD5

017613c945f5b8f07ea88dce7629a1ff
SHA1

5da104368c047b40ba07aace5bf21f38ed10aec7
SHA256

8c2e3c0c7fd591f1377e9318fbcfbcae85db4875a2f405b99da46edf9b70eefc
SHA512

7708f0ed3bb2a8f09be525519ef30c6d47b406088fb1e2906852028b490777efce8cdf4765546c6f35870b544e6349f2d87254a55f8c100b5c665abdc823cbad
SSDEEP

98304:ZalsueP6Gt15eSye4RHIKWLdNA3u/l7JMTndWvfrBwJ:ysuXy1wq4RHInLM+/l7I2w

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 5 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.skyclean.clearlite/[email protected]	4784	com.skyclean.clearlite
/data/user/0/com.skyclean.clearlite/files/zzxqmsm	4784	com.skyclean.clearlite
/data/user/0/com.skyclean.clearlite/files/zzxqmsm	4784	com.skyclean.clearlite
/data/user/0/com.skyclean.clearlite/files/zzxqmsm	4784	com.skyclean.clearlite
/data/user/0/com.skyclean.clearlite/files/zzxqmsm	4784	com.skyclean.clearlite

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102
Reads information about phone network operator.

com.skyclean.clearlite
1⤵
- Loads dropped Dex/Jar
PID:4784

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.skyclean.clearlite/[email protected]

Filesize
13KB

MD5
665767f2c11ef8f609ed38bf23d5db97

SHA1
cf7ee39599a508e83a9dc49e55c48bc8c2846591

SHA256
dca2d34d6881cfa25c089d49e7f0e4b4fed7851e8443eae4ac3ddf9b4fa5107b

SHA512
4353f7c251a065fbd28ee71b1d0193b2cd2e8f57d2ef6e2bc6a1b7be65fb01f4415b14a8303970f183ee02635b97b0a3f26df22fa5ee58f722ec7895db907511

Download Submit
/data/user/0/com.skyclean.clearlite/app_webview/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.skyclean.clearlite/app_webview/GPUCache/index-dir/temp-index

Filesize
96B

MD5
29f2448688bd4fce9652ef8d4a1b0bad

SHA1
554c681779fbc1a845060b4ac9373162cf932bc3

SHA256
5a28243eff163d05a39dbf4145344859bf8bbe7541a88263d54a14c7cc2abe55

SHA512
b7b2ce90e468861515b935169263808ce7a7ef48e650843c384c00a5a4a1b8c00876da5af112c055522a19e1a4d12a88271c033515438f3503eb8e33495268f0

Download Submit
/data/user/0/com.skyclean.clearlite/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.skyclean.clearlite/app_webview/Web Data-journal

Filesize
1KB

MD5
2e9acd5cdef9aec71861af592b85dea6

SHA1
de202b7229373f87166efc7efb93f336854f7877

SHA256
31fd0fdd53e319d272ab318ce69d885bcce0124a344248a63a30b5c727e1130a

SHA512
17fd0c094666f6d656f100aa77fb9e34977e50e108ebe03074100d88cab8c6fcc880f5ec5d76901511ea6b43e38cdd88a03de447e34519d5026995d721adb6a8

Download Submit
/data/user/0/com.skyclean.clearlite/app_webview/metrics_guid

Filesize
36B

MD5
fddce8ddde7e0f075399bb73ff8f7ec6

SHA1
b60d8fb0485d4845060216609bb17b769e5cd09c

SHA256
47815a6a4f11e4b7466352664b6eb35936458cdfe65844f43e123c4f368fe02b

SHA512
517e0db26ef65f8a043de58293474f9e47ac004b23468dc7ba7bb1fe0d4c045f115a4d931d5104a49f3a546207e0877c983070c75146ba15a6087924c45b1b3a

Download Submit
/data/user/0/com.skyclean.clearlite/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
757556da5a9ff51b82847d24d6686aa8

SHA1
705befc9a8e3cf8b5e0dfcab51304a2e970d0c3f

SHA256
7ff6071f71a55b7892d9da1c3c7f2ffa7ca8ff3497358f738aa48196f2c2eb6e

SHA512
e6028338ee3b6e09cae7d19f3ecd6d620a34e43bf2f87ad5d268bed2259c536d008f5a5fb8d14b480ab1472325418b95accccf25f3c8a78f0a02aa058022de53

Download Submit
/data/user/0/com.skyclean.clearlite/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.skyclean.clearlite/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
32808bb107ab2f49527a7827bc2c5e73

SHA1
e1286e9e05a6c7b10991d9c9760882f1cc55568f

SHA256
00e4ba063fce4580db4b2bdccb94c1609bc9192c4153f2baf8ae9d88fc1077c7

SHA512
b89492ca3c47deb12690dff6da415078d76a0a0d20b07a8cd8344190534703326794a7f661b70418577e7ac8d05eac21dc5b4820b152d95877ee3421615798b6

Download Submit
/data/user/0/com.skyclean.clearlite/files/UnityAdsStorage-private-data.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/user/0/com.skyclean.clearlite/files/UnityAdsStorage-public-data.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/user/0/com.skyclean.clearlite/files/zzxqmsm

Filesize
26KB

MD5
3e314b1a29a1fa6ec13b1ff61e491df3

SHA1
b3aab4df657ca4bb2b44407fbc770433bb44affa

SHA256
5b8461ad3722b20598638abab3ec9f9c743b1feb0c848ed84ee7e1d34f28270f

SHA512
3e2d6f1997f3647aa5a6a400f97f1a08f8456b777d733efc9084de9a8dff9ba8f55dc9e4b3b4cf378da1ce2446dbca9efaa2e3d4c14eebf6e5da92751b2697d4

Download Submit
/data/user/0/com.skyclean.clearlite/files/zzxqmsm

Filesize
26KB

MD5
3e314b1a29a1fa6ec13b1ff61e491df3

SHA1
b3aab4df657ca4bb2b44407fbc770433bb44affa

SHA256
5b8461ad3722b20598638abab3ec9f9c743b1feb0c848ed84ee7e1d34f28270f

SHA512
3e2d6f1997f3647aa5a6a400f97f1a08f8456b777d733efc9084de9a8dff9ba8f55dc9e4b3b4cf378da1ce2446dbca9efaa2e3d4c14eebf6e5da92751b2697d4

Download Submit
/data/user/0/com.skyclean.clearlite/files/zzxqmsm

Filesize
26KB

MD5
3e314b1a29a1fa6ec13b1ff61e491df3

SHA1
b3aab4df657ca4bb2b44407fbc770433bb44affa

SHA256
5b8461ad3722b20598638abab3ec9f9c743b1feb0c848ed84ee7e1d34f28270f

SHA512
3e2d6f1997f3647aa5a6a400f97f1a08f8456b777d733efc9084de9a8dff9ba8f55dc9e4b3b4cf378da1ce2446dbca9efaa2e3d4c14eebf6e5da92751b2697d4

Download Submit
/data/user/0/com.skyclean.clearlite/files/zzxqmsm

Filesize
26KB

MD5
3e314b1a29a1fa6ec13b1ff61e491df3

SHA1
b3aab4df657ca4bb2b44407fbc770433bb44affa

SHA256
5b8461ad3722b20598638abab3ec9f9c743b1feb0c848ed84ee7e1d34f28270f

SHA512
3e2d6f1997f3647aa5a6a400f97f1a08f8456b777d733efc9084de9a8dff9ba8f55dc9e4b3b4cf378da1ce2446dbca9efaa2e3d4c14eebf6e5da92751b2697d4

Download Submit
/data/user/0/com.skyclean.clearlite/files/zzxqmsm

Filesize
26KB

MD5
3e314b1a29a1fa6ec13b1ff61e491df3

SHA1
b3aab4df657ca4bb2b44407fbc770433bb44affa

SHA256
5b8461ad3722b20598638abab3ec9f9c743b1feb0c848ed84ee7e1d34f28270f

SHA512
3e2d6f1997f3647aa5a6a400f97f1a08f8456b777d733efc9084de9a8dff9ba8f55dc9e4b3b4cf378da1ce2446dbca9efaa2e3d4c14eebf6e5da92751b2697d4

Download Submit
/data/user/0/com.skyclean.clearlite/oat/x86_64/[email protected]

Filesize
254B

MD5
5144c97308dd115a3a8065b9e717136b

SHA1
2fb8fd805339f95308c6cea6e7738391685c19f9

SHA256
ae3d1a73a8a931397176a997d09b8fcebe88f593b5adbe9d94a251a06cf62d37

SHA512
85f5d2b55180cb21468b82f9f865c35caf691841e9bedcb1e9ea334970b564f50205da5bab0a6b8f3866ccf813cadefe6345db6031cbd45223a2bd6365a6c490

Download Submit
/data/user/0/com.skyclean.clearlite/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/storage/emulated/0/Android/data/com.skyclean.clearlite/cache/UnityAdsCache/UnityAdsCache-ce34c2087c2fca509099ddac149d36e21a1f48b4ee06a95637ef8b15c5f7aa32.mp4

Filesize
6.9MB

MD5
76c0da31d3bb07a5854bf5826e6c5eb0

SHA1
58e449be681135dec86a99eef0f2008fe60721ad

SHA256
450c7dc90542186953a1a242524874c90d211121f804d02746d3eb44546721e8

SHA512
d36d0a8f11594629553c8ce79a9e70be8f4daaa69db03a44b3dd3761c5950b120fc0ff15909fcd08b6e58057569bbba6f81e598598ab16fb3f660a7fb7145cc2

Download Submit
/storage/emulated/0/Android/data/com.skyclean.clearlite/cache/UnityAdsCache/UnityAdsTest.txt

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/storage/emulated/0/Android/data/com.skyclean.clearlite/cache/UnityAdsCache/UnityAdsTest.txt

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/storage/emulated/0/Android/data/com.skyclean.clearlite/cache/UnityAdsCache/UnityAdsWebApp.html

Filesize
1.8MB

MD5
6e932cff883464988485f22f1b7280de

SHA1
392b18b6b6172edbb1ae57456054a34479947e1c

SHA256
a1508dd6363c9eda0757890b6f6d800a01a9520354074da1eb15b5142ecbe354

SHA512
9de1d67b4c66ce102139e0d8b1b1e110426ec590e9e62e20b56de46adafe70474df2e062381a4b0185800b0208306678c6282237935885d5a5414d9021e36b43

Download Submit