72f3547d6ebdce78347b4e28a9b9a547d5edcf1cce2f3e1aa0f70b66c6b79d83

Analysis

max time kernel
2332110s
max time network
136s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 00:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

72f3547d6ebdce78347b4e28a9b9a547d5edcf1cce2f3e1aa0f70b66c6b79d83.apk
Size

2.2MB
MD5

3c6c007e1e25192a23c2d790a37c307c
SHA1

b1b6845460586ff3a48b6ffb46a8208b8ff87828
SHA256

72f3547d6ebdce78347b4e28a9b9a547d5edcf1cce2f3e1aa0f70b66c6b79d83
SHA512

a8f55157f6cbaeafe4431487a38d600e59c04b43c70ab93089ce861807d4a9346c9956eeb7d4b43df3c02efe58703c725ee55b03e328969a4d46d27b3d5c22a4
SSDEEP

49152:453GNnayBBuCwML2CsZDggdgr08PvfRgP8WvkZ3Knh:45snRuCwPbmRPvGPXvkZ3Kh

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar	4340	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar --output-vdex-fd=87 --oat-fd=88 --oat-location=/data/user/0/com.erenalp54.screencleaner/cache/oat/x86/ads7904591198467793150.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar	4236	com.erenalp54.screencleaner

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.erenalp54.screencleaner

com.erenalp54.screencleaner
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4236
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar --output-vdex-fd=87 --oat-fd=88 --oat-location=/data/user/0/com.erenalp54.screencleaner/cache/oat/x86/ads7904591198467793150.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar

Filesize
2KB

MD5
d80f6d032778b02d10a9c9a2f1a24714

SHA1
e34d4ea9618b1b499b65032723ea029ab3998500

SHA256
ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b

SHA512
34fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext

Filesize
28KB

MD5
d8637408e8f39960bcde8644a4e9ac6d

SHA1
e9aeada08c3ca6efc8e26f44f965d86776ecb922

SHA256
8c50b2f72921d146c035602cb8653931ab4c56cc0d681d6a671487db5fa58eec

SHA512
fee11d32f9044b710035be17960de5b4533a0052377ef0caf211bc7e1a6d4e290d1a830e87435756cb6369ed64b097806dc623549644092e84fb4677f8a55bb2

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext

Filesize
28KB

MD5
0704f62b95b2f55413dc2f3ccecff43e

SHA1
de158e1e8ce92889141c2adf36abdcafe62e71b1

SHA256
5e3969da34088b6aae82bb36dfa4bdd0df02d4c5f9361408177fa80dd3e0cfde

SHA512
f4a2468cdc4f31247c8a1ebeffc39ba05d3d832dcb008e3f1fb5c485815e3491423330300be690f74111e27131cb9622830462328e07974c8cce781603941e95

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext

Filesize
28KB

MD5
c3db527cd1f616aa2994f315a11ed7d8

SHA1
4b346b3ea6396301119e9441469feb1a8112323a

SHA256
cead145121adf043450199025d9c1abe5fd5a4199fc9c228ec7082d644609c4b

SHA512
d703abf4bccc60dcd3063ffadbc7f8b606084b885b3f23769469e6c9921c5e4251226a4d6acfad7f1ca67ca6289ad9da51355c219d460bbf3cd1cac932b3d1cc

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext-journal

Filesize
512B

MD5
089b92ee7d21fbebf9527bf5edd052c5

SHA1
09dffd0b49caf84aa5c2579e4e9c45677e29b0e3

SHA256
ba18f9ee7012aed2d891f245665924f0a7709acdd97265b61dd2c705cebe1b2d

SHA512
84159c90a4d4ab890b9b2dd68dbfadb892ba94ab30a766883b3a9cba080dcef2d7154b5602d2d14e23571038e0df97e6105160fd868b8dabf438860af828cdb1

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext-wal

Filesize
40KB

MD5
80008e9fc493a86df5355af18b4257fe

SHA1
e3631282ca869dbeadd01a79f8d51ab70283cdc9

SHA256
6e256fdcc8035c12ffc56273acd36c4885f2e0c01d1d0aff5adb3af7f3a098f2

SHA512
6c9c4c0ba1e8331ade0fa7f7d9153c2f5e349689bf861aef5b2fbbbfcfdf3d1049d7b17b43139602ec867d466b51771fdbaae32733d0456cd0966a1973b3dff0

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext-wal

Filesize
12KB

MD5
405bc8762c0da3c9e0cb0f69bf32773f

SHA1
969abd926fb80cf07a9cae408f35c8d1ce7d86b4

SHA256
c8d7647da5e8636c3996aaccf28a894cab1a4a33e0e7fa7c5dd522454815bd46

SHA512
a569a927209d91aab7bb42964501c5e1311d8de6022d46976c73415dca26c9ea71a1b7677a80de444ab7932808501fb707c24a077bb9726b533861c68b884548

Download Submit
/data/data/com.erenalp54.screencleaner/databases/tapcontext-wal

Filesize
8KB

MD5
f066e2cb3e133ec4d8dab24726cf3f15

SHA1
3376893cbdeb433a793c827e897d257d0ad99a4d

SHA256
ad23c2c404f9409367490174e65397d283370e2e031b579f5d6fa4564509a4ab

SHA512
35fae580a1837be28e648aa58444e75d8e9c97ef448dd552934587d4a7e5a88cccc649274f592f52ff0215193564d12340d05e5ec10b8ce1263d1381cb6c4f0f

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall.zip

Filesize
155KB

MD5
15ff9d47bca2c6a43c58de54a8584a47

SHA1
c15085113dc4713f79c9ddb86a9f8a3b1413681c

SHA256
3fbbb2fc914803073ab81533e9dd128a38d7abc461f8a17c70962f59d836e226

SHA512
79b2f389f7805c23ec25f59f564c412724de3737652350dbc7caa47d7be3382db7268578f286e2f260f038007a4aff7e4ac91a08a56202a091293a72c5769366

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/css/main.css

Filesize
8KB

MD5
1a5f7a80b92cee57c24e38a4b586ad62

SHA1
de37c97d10d9345c7c8a5282d94becb140540889

SHA256
c8f450b916778e9caa8f85369ae960c316716699cc06f51528bfd7428c5e7352

SHA512
f3fbd0053cdd4b64cb304caeb91ddd5d00f473a0e41b74777072d44fea139124402c6bfb472d5526f207ac2a68afdaab73c0524b2801cbd38842dd42c4d18278

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/fonts/Roboto-Bold-webfont.ttf

Filesize
25KB

MD5
5d1aba20e25af8bca71b420c7de37d46

SHA1
540882ca0ecc4862d9d82b85c417498eb5b51fc6

SHA256
ecb3a1671a94b9671d1336fd46d00f9dd279cf83084cdad5d1aed2d35f233522

SHA512
aa15a6c4356268f9f134ffba218c138a76ef6e8dd2db1f9a39400c51fec100390ac45fbd84056819aa8c44b2eb3d16881e0981e2bb44902e30802ec8a51b9918

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/fonts/Roboto-Regular-webfont.ttf

Filesize
25KB

MD5
4e03528f1f48da3726edb5ada9fe4636

SHA1
b818e0acfc74ecf7701940240b6c31a2319af217

SHA256
b12cc7b6bc437f7dd5408f65538df2e068890da80d37771031bc6a63f4dfd734

SHA512
3680400b45a02a719ec526391c22c8a66fb1e9b0c8d15ebee78bc9475ae8a1ee7be89a853f9d5a11e741d5297efe5b9b6ceaaff39413515588f306b36971fdb3

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/downloadbutton.png

Filesize
9KB

MD5
407ffdfcc533caffe20ae7bde64d470f

SHA1
94691c69e3688a0afe991461f1b9bb06b8a63407

SHA256
5f05f515a59fa67ed46576fec844fb0bf052798ef185237b254048449526b74e

SHA512
b73242ba58f19c45d9f3e0d4f669670f3028e8e722eb074cb1f3415e1920bd1e0d49123c646c02cd14d2fa708f6c06e37e015e94c4c350a1a671bad3c0799eb3

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/fruiteninja.png

Filesize
23KB

MD5
124f9955436bdb9ec6c2ae5fb155b630

SHA1
b8b24b70eb024d8451fad9acff8343eb973a8bfa

SHA256
b0156487c63223edc2314a1899f4609fdf699150070c38c3c7fd5037744d399a

SHA512
b0a73e52848ba9598080c93f14b1d702ce1fc28bff374cad4b2bbf95e636867da0efb274ae69bb81e2510b4fd3c3f327af607da9e7f282130a90377db30ba422

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/headerbg.jpg

Filesize
3KB

MD5
328ac1a461f85f8f4669930544ca24cf

SHA1
5712ee563972e3b9ad02cc01bc16fe3d76bbed33

SHA256
350f7fc30ace8a6e09b448da4d418cf70d6a907d755f51e89e759fc02fba7d3f

SHA512
a36b800352fa148e84c82c661343b8965d7b5891314029ae5cbd3cdc4e7f327df26084f09c81a27b4f754c5747b8683c5d7adf122497647a6bf72f84f5e43f15

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/logo.png

Filesize
8KB

MD5
7f5bb650b8c535f2150080aef5d4360d

SHA1
8941de259ea709db0c10716269a802d5b29a3b77

SHA256
4b5f5157f6242f771751f0a657edf29b0ca97d5b80fe28ea8832cb14340e0413

SHA512
4149480c49e009a360d2f3251d3b78828e25a17346dd1b9b32d9f727d7b6aa365b2425dc375ed9eb2b079930bca0060d77bd8149de1da3db907e0e9bef2245df

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/powered.png

Filesize
3KB

MD5
5b00e825e6935d570fe69ab1ecb3a302

SHA1
d2c149612a07e5843471e0fb2d35e22e0174ef33

SHA256
971d89d9395b39805ed7f93efd6fd4dca829e8d83101469ae9a583639098c171

SHA512
bd2313bd3bc424e03409efe93b70179a473fef1aed29264d7a92f03d35dcb12222ee92d44f77e7e55b46a87c566f631b505cbce167b193644fb2086640f1e649

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/stars.png

Filesize
4KB

MD5
d845939a9fa291f47967ddea2c445d0c

SHA1
457ec0ea2fbd175978168c1baa665a852b1e548c

SHA256
e0054877849410017bc8dbe6876b7d52c1b30b586e9dc1670793f49d7195c8a6

SHA512
81cfad467b2b7e9f5bdbe496ad417d0eeae666ce1a69c124fd8b38818939db7c20c33f1e6f7a6b0b07e24278e33f4d18d75f246a429608afd79edaceb6441517

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/superfast.png

Filesize
12KB

MD5
636ddd62ae3c6c2112bb9399d0687a2b

SHA1
40af7218e081459b98234abde1e319f4b0491416

SHA256
84d9d9a214c3ae88e0b572a599baaa169a7a81144943d70d3a05e5ce6887e098

SHA512
d2a65ef3b66585548208de4dee1348b0eaa598384541581927193a5338a8e21a681048384f77de8a2499856c329596ca6f20f463058a686bb23f534685f7bfad

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/talkingginger.png

Filesize
22KB

MD5
1f5d1af203903f37a7edb3d1e12a4f27

SHA1
12c5bbf79791aa547faea7741cd3cc7c2fe84ae8

SHA256
ce663ea588ccb9e04688b34df5564afaf7804d51ff659fb7eb82628898682d48

SHA512
1b483b6db65c934110289635c5ee084421b742a63bf02d297dc129c6c89b2dfd3387e6479c26e06ff93b8eb71862fbd916df57bcbaf75f63466693a7dcee0ff3

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/img/twitter.png

Filesize
4KB

MD5
f7910379d8e262bbf618c8d0f0589412

SHA1
a9807369073f64122c875be12cc2a21a0b7e3f07

SHA256
dc3bf1d445278e7c2226e3cc02fcc61691eaa9a5bd5b9208edaa7acd8c7b2a77

SHA512
01248e5a1b3961c4cb905b69daa52e3577c88ef8608742941b8840a57b2c680d08b66d5f1e7abfddb813ac23869f3a17fe7d722079ea1791490151f5c6beb8e8

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/index.html

Filesize
1KB

MD5
7653713e9115bd5640d8c18d49c4ead5

SHA1
1008b30abead1945f2fdb4f8acf106bddb8c314b

SHA256
b87f7697bfdc20197afe2b9b5950f52230b9465b37d8ffb77a9092661d91bc2f

SHA512
7bc988e32393c548f0c7ac6858fe13665ca835c1b2b2165b7a652e6bbdf6669acfae1f8e69ac03b646a6286640daef8dbd6b552883806e3df3890a5c5710c05f

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/js/main.js

Filesize
1KB

MD5
788fcbbf403fb5fd860e9677f301052f

SHA1
595ce1dc8fa3e909e24451bb30441ac983a09893

SHA256
ee7d3e02a08257f8e9df5cb62282014812aad14caff3e9d7df2a3f33eed28751

SHA512
fe97cae087e32bcf04b3c8c07801bf06ca004104f2ba9d8a4ece658df847e0011f017e212b15aef062e42b3c33827521636ceb684784677aff17a5856dfa9a0b

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall/js/vendor/jquery-1.8.3.min.js

Filesize
91KB

MD5
3576a6e73c9dccdbbc4a2cf8ff544ad7

SHA1
06e872300088b9ba8a08427d28ed0efcdf9c6ff5

SHA256
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

SHA512
27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall_feed_json.json

Filesize
1KB

MD5
af0218d581da8f5062ccdbacedeaa69d

SHA1
e70643530639fbeb49327bb768ba7297bb7e525b

SHA256
d7f41426355991a86510d3d4086451818ed1d88886a3a1701cc8325f13e16a9a

SHA512
1787de705f6078f82c72bbd1927ecfc17c563ceea6c8ab80a7c5227d126ea51145aebb6b0708b6b299f13082d95687e5e134b1c6e5acfa0f96568b0f2261cf64

Download Submit
/data/data/com.erenalp54.screencleaner/files/offerwall_assets/offerwall_flow.html

Filesize
708B

MD5
24874e584dcd80c9ce530a3257e1321d

SHA1
faa6f64ad2d1366b6bc42bf64defb294b653c047

SHA256
5c8c4e3129dbe8258b5440a9bdef666e65088654ad8fa42c0f48693b30c4213f

SHA512
1b755d50395792f9aa82c8daf78e2cf7cf158cb428b557931589e513d8569e18afdbcdffa4c2cff874ce5000b66e9f24fda57104853bead1e4678d859a462529

Download Submit
/data/user/0/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar

Filesize
4KB

MD5
6175efac331cdc88f352d62e1e1b596d

SHA1
d2e2e8ccdd8ca885dfa83f28208459ac60e9ec1a

SHA256
3d3736a254adb3086b9cb9017b52fc7dbcaba3043e284ebf90bf27c0fa6b74e3

SHA512
c5ba4e091370597ff6780beac694a37b1fd9400a21f20b5a388a62a04253054ed91ffb14d2e84c233b7e4760f6f92fa324a98b88cf90dd868b4ad7f6db3e49f8

Download Submit
/data/user/0/com.erenalp54.screencleaner/cache/ads7904591198467793150.jar

Filesize
4KB

MD5
12670a32ad1380c9021a9e74aa5f2281

SHA1
7e8caf0c7a4d78452efb90958e8ce1aae5148e44

SHA256
f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9

SHA512
1277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06

Download Submit
/storage/emulated/0/.tapcontext

Filesize
18B

MD5
7e6c787c297b755effc1faa040edce95

SHA1
95fc631191a2034314028727ee13730dda7408da

SHA256
8cdfa9505fbe0d9617f08d27d7d99d3f5dcbae701cfcccb9549b342cd16c253e

SHA512
b1d96c1e05f38c3993e7bbf48d6ae74c7d6ab73f2af3bdc8736d72efbeca05f67624a0850b170ff2b103db25b680840b564818204e1f8b05c61360228f369059

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads