5b4e17f5ba5f07774b88068ff26e7aaea76649044f9613d98ffb880c5695507d

Analysis

max time kernel
1813051s
max time network
44s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
30-05-2023 09:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

006d1b792f0253711fc1ceef51726321.apk
Size

15.1MB
MD5

006d1b792f0253711fc1ceef51726321
SHA1

451ddd7440c879f89a71643dcdcbccabb1c3b636
SHA256

5b4e17f5ba5f07774b88068ff26e7aaea76649044f9613d98ffb880c5695507d
SHA512

4ce825072f8ada74bd36474e05a9f32af7ef9d1baac5646e56d5fc2a981e9e314e4b7bfd0bd1b8bff7fa67e97113f84a349b11b63997862130e2e4a1f48b1d24
SSDEEP

393216:j0Q6p+KhQTxwjmI4psbrS8ne9bvj8dPuqxEK:P10opunavSiK

Score

7^/10

Malware Config

Signatures

Checks known Qemu pipes. 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

ioc	Process
/dev/socket/qemud	com.tool.downldmngr.downloadmanagerm
/dev/qemu_pipe	com.tool.downldmngr.downloadmanagerm

Reads information about phone network operator.

com.tool.downldmngr.downloadmanagerm
1⤵
- Checks known Qemu pipes.
PID:5056
- cat /proc/uptime
  2⤵
  PID:5160
- getprop
  2⤵
  PID:5203
- ip addr show
  2⤵
  PID:5234
- ls /sys/class/net/
  2⤵
  PID:5255
- cat /sys/class/net//address
  2⤵
  PID:5280
- ls -la /default.prop
  2⤵
  PID:5305
- ls -la /system/build.prop
  2⤵
  PID:5341
- ls -la /system/default.prop
  2⤵
  PID:5360
- ls -la /vendor/build.prop
  2⤵
  PID:5378
- ls -la /data/local.prop
  2⤵
  PID:5396
- ls -la /factory/factory.prop
  2⤵
  PID:5437
- cat /proc/cpuinfo
  2⤵
  PID:5459
- cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:5477
- ip route show
  2⤵
  PID:5495
- ls /sys/class/power_supply/battery/
  2⤵
  PID:5513
- cat /sys/class/power_supply/battery/
  2⤵
  PID:5531
- ls /sys/class/power_supply/battery/
  2⤵
  PID:5553
- cat /sys/class/power_supply/battery/
  2⤵
  PID:5571
- ps
  2⤵
  PID:5590

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.tool.downldmngr.downloadmanagerm/databases/androidx.work.workdb

Filesize
8KB

MD5
b6ca8b30661a7844ed292db75a29a953

SHA1
8e0d397ab1f2ced1f143829084c3f53333743bdd

SHA256
63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

SHA512
d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/databases/androidx.work.workdb-journal

Filesize
1KB

MD5
d61e8885fd83d07287b491d25cf8ffe6

SHA1
d690b1e4a4b15b3a957e54f0bd69596776d51fea

SHA256
a91fbc792be7928486e5604865c7083174a80e2fc55e6fb47a36ffe8c47c5d3b

SHA512
020821deb90731eb7a195992e0ccc6971e10345c7620d0da7ba20737d462c741988527176ad6d206b90fe5905d5e1e3dd6d66d9e413f0a42576428505c2f75c7

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/databases/androidx.work.workdb-shm

Filesize
16B

MD5
4ae71336e44bf9bf79d2752e234818a5

SHA1
e129f27c5103bc5cc44bcdf0a15e160d445066ff

SHA256
374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

SHA512
0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/databases/androidx.work.workdb-wal

Filesize
177KB

MD5
413cfd5d703159ec3ecd63fcb8e0800d

SHA1
4437db9a399f4653bb1ebbbfac9a57a95e436f65

SHA256
510a9c750154ff518183a2160da4088cbb8bcc6b1c082a52b52d032ed31ed04f

SHA512
c5738dcd551cccc684ee8fb4047a8436b2e8875060a330677ed293af55c1f9da1e4548c43533017466d242c2631eaf15d3b0faf82b324612f503bae74c52cc83

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/databases/crash_reports

Filesize
80KB

MD5
969d3d1a640e584d819b74834d7fae3f

SHA1
26bfa458230a245fb02d6f0c9759f12531cbc007

SHA256
cf53bd9fa07c209e9322f1ac061ffba02a47e246a25d073141c5018f12411e4d

SHA512
6f0f1f912dc1a25eb32c0e7d5e827ff887f25e619a009c438f9559d3b58ba73bb242ca297b2c4c05f8563209ddb6f5a0d75f9a65a8ffb075aecfdc5ae3b4773d

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/databases/crash_reports-journal

Filesize
1KB

MD5
f791b1b61d6e8dbd64b2ae63487a49ac

SHA1
dcbad24f7a34d5f8858500253d5cce2e41673ae4

SHA256
78cd26f2b6a418e535feaf3e54836afbd917f5e554e6302be8ab0c59f0429a48

SHA512
2e54c892c9df3c685ae289b1793d8d54cdf4d048710800ae8f4913f88d0f3668a5e17a2dba0b934fab777de1536da29e19356308317ddd8b71a96365909349c1

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/shared_prefs/com.google.android.gms.measurement.prefs.xml

Filesize
122B

MD5
250b4caeba60ddf53228405750ba66ca

SHA1
422ab714feb34e9f3b4f1cbe669887bcd581ddb1

SHA256
2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

SHA512
373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/shared_prefs/com.google.android.gms.measurement.prefs.xml

Filesize
354B

MD5
178445acacae5c5cb6dbda03e2010638

SHA1
487afa94324a0e25e3aa73a4cadc6a277c2141ab

SHA256
5a883fe2fea01dc977e9e06ceafc41174291d5c412ed352e0e38aaad99ef8c06

SHA512
98b8235cff6bba08636146f27ac0f704934e0c8acd9a24041daa16f3095e8817b4b0f43d326ea0f27c1caa8eb25457b95afc6117e773da2fab242ffd568753a2

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/shared_prefs/com.tool.downldmngr.downloadmanagerm_preferences.xml

Filesize
258B

MD5
a1388cd7877bdfca61f82363966fbe56

SHA1
40efcfd62201bae4d5da3be14891a1b8bf3d50d7

SHA256
9950e39a8299f991737e5d65ab1a27ae7e320560288df7bf672f60d8561de317

SHA512
25b66bb761e50ce862b010169b00f039574d1aaa290b430531a9c09e49cb56502884f59a74602190867acb1026170b77febee483f88b04d0088dab7fa547f513

Download Submit
/data/user/0/com.tool.downldmngr.downloadmanagerm/shared_prefs/com.tool.downldmngr.downloadmanagerm_preferences.xml

Filesize
118B

MD5
973e726ee2c5e3f881c9fced6e57dfc3

SHA1
6fe0ad61f468ba8879a36cf51e9cc5376966fa5c

SHA256
15afac09e8294075c3c3ec184e88d3d43d20a1e7d2ab7e01986955748c3475a1

SHA512
4e6d1e770e327ab976e1a2021afed9535a4edc1b1ff023bd1eeefcda8be57f9d24825cc22bfc1a6e9a6671c55cb440a6c9fa1f870f282d5dac51457e3a4c530d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads