7034b5f1670e96c49c6a46db0fe2909728da60adf308cca2200194329a64ed15

Analysis

max time kernel
2268754s
max time network
159s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
19/12/2023, 23:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7034b5f1670e96c49c6a46db0fe2909728da60adf308cca2200194329a64ed15.apk
Size

19.2MB
MD5

786b9cd3c39ef4b09c5a4132bb281c56
SHA1

a3b5d2030567029a021eb2efc2c10861596e222d
SHA256

7034b5f1670e96c49c6a46db0fe2909728da60adf308cca2200194329a64ed15
SHA512

2b248ac2fccd4550d8a6b68adee7bf6abd8b6e5895302afc5a6e783bc7959376104db48e13f40018ea6459a61225fa908a0fef3f73a0f7b39dbab8859f101987
SSDEEP

393216:5XHxwz/5jZb/tFNt6VgNNJ4XCIFduzElF/RkhLJbG4PVJIlmdXxP:dHC5tL4H95u8KV2mdx

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	cc.petnet.LovePets

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	cc.petnet.LovePets
Framework service call	android.os.IPowerManager.acquireWakeLock	cc.petnet.LovePets:pushservice

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cc.petnet.LovePets

cc.petnet.LovePets
1⤵
- Requests cell location
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4251
- /system/bin/sh -c getprop ro.board.platform
  2⤵
  PID:4281
- getprop ro.board.platform
  2⤵
  PID:4281
- /system/bin/sh -c getprop ro.genymotion.version
  2⤵
  PID:4437
- getprop ro.genymotion.version
  2⤵
  PID:4437
- /system/bin/sh -c getprop androVM.vbox_dpi
  2⤵
  PID:4475
- getprop androVM.vbox_dpi
  2⤵
  PID:4475
- /system/bin/sh -c getprop qemu.sf.fake_camera
  2⤵
  PID:4504
- getprop qemu.sf.fake_camera
  2⤵
  PID:4504
- /system/bin/sh -c getprop ro.secure
  2⤵
  PID:4535
- getprop ro.secure
  2⤵
  PID:4535
- /system/bin/sh -c getprop ro.debuggable
  2⤵
  PID:4560
- getprop ro.debuggable
  2⤵
  PID:4560
- /system/bin/sh -c getprop gsm.sim.state
  2⤵
  PID:4585
- getprop gsm.sim.state
  2⤵
  PID:4585
- /system/bin/sh -c getprop gsm.sim.state2
  2⤵
  PID:4610
- getprop gsm.sim.state2
  2⤵
  PID:4610

cc.petnet.LovePets:ipc
1⤵
PID:4302

io.rong.push
1⤵
PID:4331

cc.petnet.LovePets:pushservice
1⤵
- Acquires the wake lock
PID:4367

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cc.petnet.LovePets/databases/bugly_db_

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cc.petnet.LovePets/databases/bugly_db_-journal

Filesize
512B

MD5
8eef7cdc5ede964ad9c91901615f6132

SHA1
bec12dbc7511cea178d25cc81dbb2fc295f65ac2

SHA256
8e8be4e8e2644a7dede8d75d6ea9eef50c26f1403fdc235192cafc7c74d8d5ce

SHA512
3eeecff6f16dde3658c0a644f7894d38625bdbed475d70258fd9e5b49e179a683e8c48620525c68527e826ed2ab4effa822275bfcde5fe0e8f6bf1edf43cab7f

Download Submit
/data/data/cc.petnet.LovePets/databases/bugly_db_-wal

Filesize
16KB

MD5
445244315379c0707c0048623b719f19

SHA1
0109ca1830e9d21fa0777b899dddf6f67f53a705

SHA256
2b75397ce52ed3e6efa5745257fb78eae4fb22e5fed67f02eb26ce678522b8d7

SHA512
f18ac4e9748bd6a8d7b6953483232e3739b7465c4ec19ebaade386ee0e5a377f8bdc24dee8a1e240aa7541de2f96249d3ebb82c0077642f0a5b7085748bfeb11

Download Submit
/data/data/cc.petnet.LovePets/databases/pushsdk.db-journal

Filesize
96KB

MD5
708c81eacc64004509b90af330bd60fc

SHA1
a75b1b5b45e225289100d42aebb59ce86b8a1d1b

SHA256
85a3f3fe7e0e16c0ad053238dae9a6c72536785da9a4a6cbbdfdbf4cb524260a

SHA512
5718b1d3dc5a8ca2135b7289d567ee0faf0592ebed7ce00d8225b03b27677541a8ef18b2555dcf88c87cdd6425de999e9f96c325c8bc23e96414f21e8f1f493e

Download Submit
/data/data/cc.petnet.LovePets/databases/pushsdk.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/cc.petnet.LovePets/databases/pushsdk.db-wal

Filesize
60KB

MD5
d4cdae3b13d485cee94bf5be319b901b

SHA1
32db1df680457a3227592516212fa02b09e084f4

SHA256
26d114afdae1d31461fceed6b6c56cb458c9ea85ac2d95c42064b949929c9c85

SHA512
dcd5458b3b70fe6772a4811fdea5a239aef9d67eea15387853757f9d66686f38d787bbf75fc4a03fe207a9653eedf3fe077a541ff5122208aa9cd79c162d2fce

Download Submit
/data/data/cc.petnet.LovePets/files/init_c.pid

Filesize
4KB

MD5
8395292032def8ae0f35168c73b75dcf

SHA1
0128528aa536c2d015f1779d4836ead9373a79a2

SHA256
a5d7035a718f7b62337f60d8013f40f56baca4869408239cd30a7d7d1568f737

SHA512
985e1560d97889602f8a0ed20125f5626da2fa94214429869cf32e97a70bffb3dcc8adf62e1b6049f4c2528ea486d2f8fbe9013a41b20a10935105f43cacb149

Download Submit
/data/data/cc.petnet.LovePets/files/libcuid.so

Filesize
129B

MD5
3607b268ac74e85fc7ef4e24863d2779

SHA1
d481a083d1d0c1e57e9ed75944c3c90e93d305f7

SHA256
da341e3ca33c04e7f5b06f883490ee312412a7ebb20d6854c9078b35d8f9f791

SHA512
bce4be3b06471d9c28f15ee0ec984dcc4bbe2b59a1cc784ad36db9eb148a4a86ff7ea25fdaf361e93be22d363876a6c563ced7bdfbc477028d4a9db5d4665053

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid

Filesize
89B

MD5
1031566614e63d78ba69dcbc1667b1a1

SHA1
58d55fae0e2aaf2fde4a4e29c6725e6103311c2c

SHA256
4756715370a5910bba328604a4ca1c91fba9ccc5b3308f917067a889b89d9791

SHA512
775ee8fff042e3f7a20b160d9a7a174a1522a6614efab2d71a90fefe61d76d446123e73b5cab181bfc076a2c48529caa56165f83e899bd836f141fa712f5156f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads