Analysis

  • max time kernel
    2277608s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    20-12-2023 00:41

General

  • Target

    75bc0a1913c404f1c02eea4a95900226a53b3775af78ee035e0b39c369d44b4f.apk

  • Size

    3.3MB

  • MD5

    8971f70b6ddcad8077f0832e4e96a249

  • SHA1

    9c03b3d74df86166e747bc85f3ac9651886e0175

  • SHA256

    75bc0a1913c404f1c02eea4a95900226a53b3775af78ee035e0b39c369d44b4f

  • SHA512

    7db1fc5e9d2e5433759ec5819ce95425685ba1874dd799279fa3b851e823c98520a41b63cab3162181fa6abc20789fca499103f601445941875b374dd83ee2b1

  • SSDEEP

    98304:ZEVF6aL7fDW3v0AMYfccAteMOQ/97o1einVQL1wviIu:Z46x3vKcAti+QeinIpIu

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock
    PID:4975

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.shz.shzkisi/cache/~test.test

    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    8730b5fee628f8bc6fa4b7467bf33218

    SHA1

    2e3bdff4fd335203c4f7064494cfaa84956d17ae

    SHA256

    75c6ccbef963d5bf87639ac9374d9b4b03ba7774d33bc52b13e49d38f821adb8

    SHA512

    916fc86fbe7b05d803cf0a09abb1c208f1767fc29e94d2f4d8131655c8b3d8eb0f2698791696d6a893ebb28500ce955eb12a6082120d3f0059d9137b36630252

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    344912788d7425afa659a949783c2406

    SHA1

    ed1a6bae006aec29d0d7d5a22cc0cc3685f9cfe9

    SHA256

    49688e53c25652961f8eea0dccb5e851f2dc275950131e070db8baefe502426e

    SHA512

    71402546cf9311d444dbaa107f76eac4134f81e2063a62f1d2951689dae4b2805bc048691ea30b26f690c445115270420ac265c56e5f991da2d71e1697a46ba3

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7333ff842d74d4a36557e7e7a1ae9971

    SHA1

    9f47c9ea668fd87eec43036a8a4b91aee4095797

    SHA256

    70c60ce74340d00badf982c202fdcc51212a9a234431f8f2b3e3cad9726be5ce

    SHA512

    7d9579d3867abb9a9d6a14fe9e04f55314198efda5857f4ad283793f69263ad978838a3221659f7fff0c869aa4536971e049c22fe6e6d9edc1a989f1342d231b

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    cce3a7e1789604d51e86fde1fde550ce

    SHA1

    0026eab4896bc2c50c0f2fa1e64327e3b0cb7c54

    SHA256

    c56e79cc2d0f2c8b93f4b177ab4a4dc7f67ab0fc1694a67afbc76d30e9d084a6

    SHA512

    ee65ed7952317dedba1ae828a692c97a277d4a8570cca1906cc6eabc0864bc31f09efad2188453cd69241725086a498e2e8dce3b8aee926ad103707e22668b1a

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    514543f87384ecf04806fe4bacdd36ac

    SHA1

    0bac62093ef4763b158cf95ff02d1aa23bb33efa

    SHA256

    0b0aa2143bab148688d24f96a5b8054d91b4e337146ba9da834e538295f118d5

    SHA512

    5505c3acb97a276cd05454372c5d679e1518dd5d09494a6f8a09f06e73ba6193b9d67c43b9f2b425cdc7429b1749b8d80a0fd4d15cbde95a68751db7da3504ae

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    adec2ac0e6c352ea3a6eea54b9e9e136

    SHA1

    8ad72ade1ec456a51bc41721c34a0ddc655c9804

    SHA256

    cb2e955ecd59c11a43d696b75fc88e50d213adb1575f4c163ad6b6ea8db8cfad

    SHA512

    493249f9c9480da07013cab658119c71aab1986167cbf30988f27dd2a7c588aa82c11441938709ec7f8af39db42f6e49073acb3a0decb550611dc4738a177112

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    9f72578ff8323f08aca6089786cb1b94

    SHA1

    f71b8351389d47ab7993fa411d612e07d5f8d80a

    SHA256

    ef0139753de85fcd107bc6de9759f6c94f844dde2dfd74157adeb898929f4d8b

    SHA512

    012597d63e5f3c46188a6b97cab87204d04aef5cadff840f85b49e9c39b84c428e36358998105934d63c5f3b91c7862d6a20ff468a67a607e5d230ff87da0aa6

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    78ab7df73e53683241b50203dd86aa57

    SHA1

    6ca314c385d2d22b70cc790347ab672ff452e373

    SHA256

    601eb61167481ff7c533d7e27d192951d300c719a6f63e5f71dd92b9321e24de

    SHA512

    aa4b2845040d1e117e0615213ae70851cc87788746f1bc019b1d2286afd08a4e58b8bca2f1bbb968c860fd2d6182402bb90d7d0f07ac1e8564c6f0e7a8b80dc0

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    a52e40b97892a764fdec6230e51aba7b

    SHA1

    95a4dd5ed700d234aa0ca0ad5b6bbb1fcdd37ca5

    SHA256

    ea4346df818857b0a1391e49c3861c612c25dbd229d6e6c78f2dcef3ba239690

    SHA512

    d4f81534ac4417b503bb68f92c080560fe6eb2c27f9cb35bb0b10d17ef81fc0efb62551e1674a01794649f69c357e3443d70aeb7c18c4b85d2d3862ea1f49522

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    7f7a73145405344311aed47bfb0351dd

    SHA1

    2459742c64a146477feecbb99abc8f37deab4211

    SHA256

    1ad29c2c8fae01018b35e55ecf1e5e9759ff1706f1ab5f3d45e796820cedfead

    SHA512

    a07e35d47c32929e6581fa985210c7ee9cbee346a0f12d430287708f716ef9e785bd0ca1c7a4e95b6e1afc58b057bed722656d2d990d73f83c423b8c2dd6811d

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation3306879989641982615tmp

    Filesize

    569B

    MD5

    7317dcba9444d30208b8e437f0f37faa

    SHA1

    d64807e751a10a33ab76a75e4fb717e0c9aee319

    SHA256

    2adfa2ac532a892407649bfe5f9acc70fcb4ab1fe2ecabf63ccfbe2c1b6183e2

    SHA512

    0dcf43680726b3be1e55f92dc9bd4770f16ca43ee2339921778d4e72f2eaf77bc2cee1c1bd74dc92ff115f37e746bed36b581bf38867fa67705d67dd1852ec3d

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation7624124795995251886tmp

    Filesize

    90B

    MD5

    212af7ccc90ca87af6230142bb5a1d52

    SHA1

    a0b8d84101fb6d22be12e45a6e1391ff89a2e31b

    SHA256

    9270035b636b88d1ee98cd913af515d7aaef30073bbe63d4c97d5d7bd193557e

    SHA512

    9ecb8cfcfc487780c511d334e2fcaf430d5d45ff736c5d803f4063f30b1c4754f166bf9670144a8f3d44a27b4b5a0913c7c0d97552a70eb8e07077114ea67284