be0ae4394b8592cd1325b86669fa78f9ccd320d23f839e81001138be914a760f

Analysis

max time kernel
1564740s
max time network
150s
platform
android_x64
resource
android-x64-arm64-20231211-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231211-enlocale:en-usos:android-11-x64system
submitted
12/12/2023, 09:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

be0ae4394b8592cd1325b86669fa78f9ccd320d23f839e81001138be914a760f.apk
Size

248KB
MD5

54ae16a13dd825ef0589cd5e78a6f356
SHA1

f16e355715924d9e37b6134433e312899f4501cf
SHA256

be0ae4394b8592cd1325b86669fa78f9ccd320d23f839e81001138be914a760f
SHA512

04066aa21ae6ac5786ec016a428c207aaf062d96d99a8ba20127b08333ed3bfc82df8e1052aebe75d2621aa7fd95ef33b334d9936e45a4825685edd8d2f12302
SSDEEP

6144:J7iq53RZ3wVazR4GXzwupzH6fDLkXWnXXuqdiMrz:NiqlR6Va6GDT2PkXWnngMrz

Score

8^/10

stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 IoCs

stealth trojan

pid	Process
4484	com.photo.android.p

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.photo.android.p

Tries to add a device administrator. 1 IoCs

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.photo.android.p

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.photo.android.p

com.photo.android.p
1⤵
- Removes its main activity from the application launcher
- Requests cell location
- Tries to add a device administrator.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.photo.android.p/databases/dynamicamapfile.db

Filesize
20KB

MD5
4fa65216d7c7a0d708f0fc39947bc574

SHA1
df4d662c7336532c40ab966647bdfb2b74d8a0f0

SHA256
90efb1b89a9732f3da0cbfc20437ceb7a03e6607cbdb3eed1ddb8521e28c50c0

SHA512
9f38d1fb651f61a8b7c95460c0a6a55b7e0d60523c680f7f11d1fd8887078d6694ae5d68c2cd1207a86b8e7e8aeedf8117a6cea47d1fc38719be522be062063c

Download Submit
/data/user/0/com.photo.android.p/databases/dynamicamapfile.db-journal

Filesize
512B

MD5
af52e6848d9cbb7ca00f472ab7cb107e

SHA1
b9612c9f77ac61a800d94e7ef02595e609145054

SHA256
4976ec712221451836b07b0309accb7914d62140b87cba929129b8239948fcd0

SHA512
8bcaf5297f103e9def250bd2965651417e85be848d900c7bb73049c5a6959cb828861c3471ee31d0c67d164b85cc037073d38bc37ab21f0b569dc44bea061be6

Download Submit
/data/user/0/com.photo.android.p/databases/dynamicamapfile.db-journal

Filesize
8KB

MD5
bbef3795afecf4cd30fd0d1d43cefbbd

SHA1
609d54d8d814a427c6f8adf1540815aa374a3fb3

SHA256
fd2214358a09b4ce7c8b936c958ecfaaaa80c16cd737e389267076cc9e7f350a

SHA512
4f803c3b830d4af71b0e6d9181c433ffe1e952ea241cccbbc86f49404ac377376dce817bb21fe25d3eaf2477e886a3d285656032b299154ada62e5eb2cf7aa47

Download Submit
/data/user/0/com.photo.android.p/databases/dynamicamapfile.db-journal

Filesize
8KB

MD5
b806eb4cd569702c827cad0678c288ae

SHA1
af052ac6b5b5b2d5ce8a076bd776fc6a218d4f8b

SHA256
9ca1c93c9c372fc856781fe306283a7e6d8e69ee88d4fd98a58111365db826b5

SHA512
316a4a958572ad03864cb58f59fa7461848c59a6104af36b759529ead0e71c4fb11962fdeea83e40aaf5503598e2400aab9c58c0d88ec6002f5c925f38b15b06

Download Submit
/data/user/0/com.photo.android.p/databases/hmdb

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.photo.android.p/databases/hmdb-journal

Filesize
512B

MD5
526aa4281314dcc4cce8aca373af0556

SHA1
33dae97ebf4a023af087cae50f683a1d9e079a8b

SHA256
18ef2aa8b2776195573534edef8a6b654071f5b03fc09c3f1d3475c4bbdfb87c

SHA512
4b39cf9b28022ba9bf305ee87cf4ed402523c6168f2d3b4204881d639d7676957eb8ea2a07cbc0da11386a571a55108f9f534ee9fd044873966c7af1a087e059

Download Submit
/data/user/0/com.photo.android.p/databases/hmdb-journal

Filesize
8KB

MD5
000503817c43ca720451a614cfda57e6

SHA1
a899d1853d137729e66b1160c5c391427d06cdda

SHA256
f7ebbcbbc68a9a342b26b1125f4a51835439449ea991f91ac2c9ddce029ba1f3

SHA512
02133d706782e7f760c6bf2607f0449fa888265c01b838aa3d6d2fab3dc5db46944fe6d426548edbbb53cb7bdbe25a42f80ef54aec6e80dfcf36f0b9fe54b96d

Download Submit