Overview

overview

10

Static

static

10

dabapkapka...ka.apk

android-9-x86

1

LenovoSafeBox455.apk

android-9-x86

1

LenovoSafeBox455.apk

android-10-x64

1

LenovoSafeBox455.apk

android-11-x64

1

busybox

debian-9-armhf

1

toolbox

ubuntu-18.04-amd64

LenovoSafe...15.apk

android-9-x86

1

LenovoSafe...15.apk

android-10-x64

1

LenovoSafe...15.apk

android-11-x64

1

aresEX.dat

debian-9-armhf

1

athena

debian-9-armhf

athena_v2.dat

debian-9-armhf

c

debian-9-armhf

3

c_x86

ubuntu-18.04-amd64

1

competing_su

debian-9-armhf

3

competing_x86

ubuntu-18.04-amd64

3

cputest

ubuntu-18.04-amd64

firewall.dat

debian-9-armhf

godEX.dat

debian-9-armhf

injectso_arm

debian-9-armhf

injectso_x86

ubuntu-18.04-amd64

iptables

debian-9-armhf

libphonehook_armv6.so

debian-9-armhf

1

libphonehook_armv7.so

debian-9-armhf

1

libphonehook_x86.so

ubuntu-18.04-amd64

1

libsystemh...mv6.so

debian-9-armhf

1

libsystemh...mv7.so

debian-9-armhf

1

libsystemhook_x86.so

ubuntu-18.04-amd64

1

nb.apk

android-9-x86

nb.apk

android-10-x64

nb.apk

android-11-x64

Analysis

  • max time kernel
    2s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    10/07/2023, 18:26

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Payload did not run: Failed to set clock: Failed to set time: Automatic time synchronization is enabled elf interpreter /system/bin/linker not found
Report Analysis Logs

General

  • Target

    firewall.dat

  • Size

    24KB

  • MD5

    3d50d9da6ba85d301c41ca359c610cf9

  • SHA1

    f5ae10c2ccdf13fc0d966b575eb65eb7ad65a7b1

  • SHA256

    123a5defb63cbe34b6cb817d4ed010079c34af20ec9952879f65a9d6078d51d5

  • SHA512

    04ac3fb26a123ae8ae97435f514248ce19aa23185d0f75516fecd2f4c121ca81ce97a1cb64936e88bd38b09d304cf0c08a4764e73adb7c042596d19633830041

  • SSDEEP

    384:tgiX0N4GLjqj+uODtsTxuRJE2Bdf1HEKueLzs7lhcFkpKKwtcfD:WisXs1mNuKyDcGstO

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/firewall.dat
    /tmp/firewall.dat
    1⤵
      PID:351

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads