Analysis

  • max time kernel
    2298571s
  • max time network
    129s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    19-12-2023 23:36

General

  • Target

    6d61844ed0f9935e83a914de327b5a6cd17564ae7b4fc0d53d16fb63abac482e.apk

  • Size

    1.9MB

  • MD5

    718ce79d25ca660540199e1bc0761d50

  • SHA1

    2136206845fd32f27a502f2cdb064387a7d51726

  • SHA256

    6d61844ed0f9935e83a914de327b5a6cd17564ae7b4fc0d53d16fb63abac482e

  • SHA512

    9832118918b90b5df8b18fa936189858da8e6e9906519461d673e1556be6f0f80b887c8563ec8600fde541947dd9cb4748a5267a4b4b4b9fe8c03954a64bde6d

  • SSDEEP

    49152:LXEZGNWyfqXqcZk3icS97xFKyB64P3UPxHnOLDEPoglMIvbTdpBvlg1:A0NWEq6cCScS78yB7cpHnO/u/lMIjTA1

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs

Processes

  • com.Pesarbad.p
    1⤵
    • Acquires the wake lock
    PID:4255
    • ping -c 2 -W 10 -v google.com
      2⤵
        PID:4302

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.Pesarbad.p/cache/~test.test

      Filesize

      4B

      MD5

      098f6bcd4621d373cade4e832627b4f6

      SHA1

      a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

      SHA256

      9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

      SHA512

      ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      db2135e745171981191415e7adf41d1a

      SHA1

      24840ec4de83393ece3d54a8ef9667ab61868312

      SHA256

      9e93b2c8f52e35757b2af9bd2813acf5c18ebbedb1299815116ab405ab4e0eb7

      SHA512

      1c0a8a263ccc3c4362fa5a88cc2f3318fff1e84b6be5ec01db86d1a683c5bb944015acf54623afc8f3e2b92764cf3707e124e7450f20af9a9e69cc633c710897

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      e762af318030ba5ed2b8cdf85016c64a

      SHA1

      b8a830711341e9998c3d87fcc8da17c1084f7865

      SHA256

      ba09b0378b47bfbc9d164211704895eecbfb83f16db7b423fa5b324f61f66196

      SHA512

      57f9d94fbb1823e5f2a361a6d034d2d8a7c45376a09c8124587aa991a380622412b833755b833082c8e33493f856a362ac6b68df53a13544d8ecb49517738c69

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      6aac557a70c7ce9d2c0f497382aa94be

      SHA1

      6caa75fa70e4b3eb75e9f27153f750737c724f1b

      SHA256

      1750b95861e82fc2a429ee038f341b6709eab411701fbcd91061497be958a3e7

      SHA512

      4450a7ad0252f3244d6f8662af8b6df9543ee9793249de406e43b338f039a5c2407a14240fecdccec76eae296147be64930340793508c7c0bda8a2dad243df08

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      7237409e0640cfab7bdbd429bf821a3b

      SHA1

      4c3da934842f8d4835dfe2a9c275a300e5123309

      SHA256

      5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

      SHA512

      c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db-journal

      Filesize

      512B

      MD5

      421d9900e018abc09e3d5ca4d3cdf712

      SHA1

      68653520ee91e8f00ec208bccad32c4c34fafc0b

      SHA256

      895492f33638cf6dba13ffdc7faa103c9780bfe15e8cfbc86b554582cdd77a86

      SHA512

      538f84b6e619b42d286e79dfd519ab6375d145409c051c4254a717b5dd0ca4f64ffbfc793fad422cc43d8b4c1b01aa43fb2a13828c0f414d125672be663b52c8

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      3029c3e3906b7cda1cc9435c6782de43

      SHA1

      59e6b22ddd3e6d757eea7dff28cd39a9726ca8e7

      SHA256

      45f448bc6a19f2867a32f102fdc902a9a081d39047d8180152a8089eed551c49

      SHA512

      ec9acb57d1c58840592c3c0530ccf5ddee41fb740cb6e955cbe0613f231b18e2e6c8c4372569eeac7ed280e27fa7738506683d995dc1ba8c64f573a1c88871c4

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      fdd3b79f42b3ff197a6cb4f6016cc137

      SHA1

      6f123010dd140d67729e52a5e7cd37365fc5312f

      SHA256

      77e326458d8e443ea16973cb1899eae683ac34dd54d2ace1ce55be89ac9495f0

      SHA512

      52236c7e2320fd48bb040f997a0d3c29fa8872ba8d455da9acc0c688accb9b36a10eb403e7a69fffa5d0fdaa0110b0d3343df1eb7d08b926d0d8203042ff7dc2

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      da4c363ccbf238edc0a1666a7aa4b67d

      SHA1

      bdd58db88003716a8d8e7f682719448ec89f88e6

      SHA256

      aee5bb9df249634d4d07d8012f3fec4a23af5ff895eec736f8f53594920c9efd

      SHA512

      2701fc6f0d14212f8a985383a8238702b3a455ec757068c1e796756b3d905efcbbd7ee44297a24f6a97883882c897b7fd3e476b15a6e66048efd7b8107a4f660

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      833c8a1c717c348282e580996fa24f11

      SHA1

      cc416919f41a9443fdc8b84b7ca3b7f58cd1134d

      SHA256

      f81a2b0cc0103d0699e8b4e74f2a8de0729c58fe00929cd548e54731a854dfa5

      SHA512

      4d42e73965ed833614dcab853363c2ac7f8df50604767d5d874fc0aa26d991fc0e6d5ff7c57954dd093dca2d242ae3b82a408e048ab4c6f04b43b3bda69bd216

    • /data/data/com.Pesarbad.p/databases/google_app_measurement_local.db-wal

      Filesize

      36KB

      MD5

      8117c0ba7801fbce8a31eac43669b8aa

      SHA1

      366740f4dd6613517ea979da9490e317c0bcb295

      SHA256

      823e17d898df0065c67532c1691149f56d0b1b5ad8416cddffea17f5efdba6ec

      SHA512

      fb0507ad5d49868a199b40a4bfab6380a4bccaa89e3232896f18a552d7e04904dabce2696427c0b95581e6fa0b6505f74d0c0de98b0ded1ffb8243d7615cc7b2

    • /data/data/com.Pesarbad.p/files/PersistedInstallation1567388988483427076tmp

      Filesize

      90B

      MD5

      0d4b5456f26622e81142d09d683d3fdf

      SHA1

      2f6ff0af214c4250fcfec179e7c73dc2fbd9bcfe

      SHA256

      37add0c22e2b49d3319eb036151117ea1e37e637fd3233913c33f5c99d77f87e

      SHA512

      b90922ff5ebd9f1a6218b35fcfe6315cabf764018517dcb44a215a4a58e5fab841fa31a44dbbb71b3b96855438955eb04b20f7eec9ee8cb1b6c61d7c763fc00c

    • /data/data/com.Pesarbad.p/files/PersistedInstallation6060745091829365450tmp

      Filesize

      567B

      MD5

      dff512f391f23a71b76890e80ccf4488

      SHA1

      90e03ff6138ab0c86c0b88025a453a82077d6b40

      SHA256

      15958e9513568a2bb8cc0f3974df82f549c5383a07244f7fd1d8bbe166a668db

      SHA512

      5d1fb888c8cb202990ed5b795dbecc76dc9b4177764dd6c196e2a309c6fba3c1f45dbb1c7a3227ee493e76280f4be7144ca8cf5dd229bed04b59b3ea4e7c5b52