Overview

overview

10

Static

static

7

malware_JC.apk

android-9-x86

10

malware_JC.apk

android-10-x64

10

chartjs-pl...min.js

windows7-x64

1

chartjs-pl...min.js

windows10-2004-x64

1

hammerjs.js

windows7-x64

1

hammerjs.js

windows10-2004-x64

1

jquery-3.4.1.min.js

windows7-x64

1

jquery-3.4.1.min.js

windows10-2004-x64

1

library.swf

windows7-x64

3

library.swf

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

com/google....class

windows7-x64

3

com/google....class

windows10-2004-x64

3

template.js

windows7-x64

1

template.js

windows10-2004-x64

1

Analysis

  • max time kernel
    153s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02-09-2023 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    com/google/android/gms/measurement/internal/AppMeasurementDynamiteService.class

  • Size

    13KB

  • MD5

    459e9441dc9b49fbc1012883be4399ca

  • SHA1

    4354e2de79074366a5f843147616b3eaafb0fddf

  • SHA256

    3e694bbbb060c941548b636598c89e7bc9f65e2bb8940494232cae05d3ac909e

  • SHA512

    9c9794b7f82be0f20681c94c4eaa2501b4bc04dc9fe7c4af6b6a04569ab7fd6aa554997ad4d2e3791b24262134de377a7da0d4141b435d4148b6dc46788314cf

  • SSDEEP

    192:vkwIFlw+UOIL3CyYWuQTJ3txzfXLJZ5/nW:vkbO+gC3eJ3txzv9Z5O

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\com\google\android\gms\measurement\internal\AppMeasurementDynamiteService.class
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:868
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\com\google\android\gms\measurement\internal\AppMeasurementDynamiteService.class
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2636
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\com\google\android\gms\measurement\internal\AppMeasurementDynamiteService.class"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    492aae466a23d955e54bf1d7b7aef84f

    SHA1

    18dbdb384da2a83ad9ab0b12d4b41edd96b48bc6

    SHA256

    d23c9876e77c217c3aca59d74f6f23c208ccc137090671e4d74b9548b0481b69

    SHA512

    66a8a4edacd38585ef7ef49ecadfa8ff209484baf3f75678528085c42a59336d9035e3dc74c6bd99890689b5626d3de0b6ab477a81649204686a6623cb39995e

    Download Submit