75443cfc528821b9849ab37bdb494425585d7ed9df5bca4247100588b2ed51fb

Analysis

max time kernel
2290460s
max time network
159s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 00:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

75443cfc528821b9849ab37bdb494425585d7ed9df5bca4247100588b2ed51fb.apk
Size

13.4MB
MD5

02606c58ff44b1ce5473912682c88729
SHA1

2def1002ba98a2b9969d9348959d8daef025468c
SHA256

75443cfc528821b9849ab37bdb494425585d7ed9df5bca4247100588b2ed51fb
SHA512

6843f71a5e67dc47b177e6ebce7be0f80aff4c205d94d5941f5d1dcfd9c3a43d61a28c5877cd9744667d0312557f2482280624b221b9e8d7e80142520c212d91
SSDEEP

393216:imaBC9u9O4X9uGtUNCK54bOZkLx0hb2r2fZRporc:mBVc4X9uGtUXzset2r2ffp4c

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.fp.backup
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.fp.backup:remote

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.fp.backup

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.fp.backup

com.fp.backup
1⤵
- Requests cell location
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4252

com.fp.backup:remote
1⤵
- Requests cell location
PID:4291

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fp.backup/app_data/5009

Filesize
23KB

MD5
5529d8e2e8e5a90bd02a6d78e0136fdc

SHA1
903b0beb0c9734db3c9636d9447c7917b2612c35

SHA256
23e6ecbd057fd703bd9520df0588b50f42079300a742dae57040254c7cd64702

SHA512
bd97a657d1dd7b5102f5d48f16882308e188e65458e77f83459d99a3073d12777b36d4290d857bd3ef7527c808adf9c2fdc432676ffc820867a38c5be04dbf32

Download Submit
/data/data/com.fp.backup/app_data/app_start_up_method

Filesize
12B

MD5
67dc355047b31db64c78f3b97543e913

SHA1
be92cc5667ab12f4f812d0f82c8377a194efdb99

SHA256
1bde54030b6e2219c53932d5780fa5b4f69df62c0ec184513144d29c0493e297

SHA512
36a25f1f1198e8bbc180e9e1331870433d7b98dfa5dea5e7911417d39fa7b65d0ac8e1013728cc12ae0721ee255d95e0a6f895b20efc5c981154a6975f64e87d

Download Submit
/data/data/com.fp.backup/app_data/busybox

Filesize
1.8MB

MD5
2e43cc2e8f44b83f9029a6561ce5d8b9

SHA1
f0d866ebd1bda1b4c4e99ee268ce400a2b4443fd

SHA256
c2bbccf5831d623c1fe19f3e7e2283df3496a79a561fb70dead7f3bc8b9e679e

SHA512
8772fc435c363422711e0652bf9faf4d6485e461269f0a4e3e66e05019e81c11cf99307ab6fd62a39c7e55123f18bb74703b51c5f8fd5233a5f58051ecbe292e

Download Submit
/data/data/com.fp.backup/app_data/cs.log

Filesize
17KB

MD5
0a29112666f00e341389d00b1a852de6

SHA1
f5283b25179b20fc8735c704bfe18866ea10c18a

SHA256
cdfa63e0b8a56c68fa3d0770c01a5370ac5fe2c44226a2e690e27b636fc0cf0a

SHA512
771459ceb4bf8f410b8f53528d062adf0778b989b3f77ece851c2e3f6da66e8492ae7504ea28d6a53904451cca90d6920cfefad8d741a5f9172241a7f7fbec71

Download Submit
/data/data/com.fp.backup/app_data/cs.log

Filesize
2KB

MD5
3f22dd331bad612a20710bd386711efc

SHA1
049091fd43dc0f2eb1f9ace6951c9aea2b7f4155

SHA256
51c2d06233b6b0ad7a20b22871186bac194e1981f4f02ef346b3fb581ade1f45

SHA512
158c4691409e1171267584d7e9dd1c3b0155b76ff0c86a9feff8e327ef64cfc2bd65e213eacff6b8e425afdfeea414108c94110a347129ee5cf68e7ef9c123a1

Download Submit
/data/data/com.fp.backup/app_data/cs.log

Filesize
23KB

MD5
7f77c8a80398d77acc077b4ddbd5d972

SHA1
ef0147263158f037b897f91a844067796cd4917e

SHA256
3ed36441de774ff0cf08c08942db20911e79bd778a8908c03b9db188713a2b78

SHA512
f6258fe163e2d7c914607359624736c6c73b0103afc97c78b02db3a8ca9043722a89f7a37f6ec28c421adf4cc598ec6c853314b211ad956978eae47f16a3cc01

Download Submit
/data/data/com.fp.backup/app_data/ddmmgr.db-journal

Filesize
512B

MD5
9d611f523ebafa7151097055db9f5019

SHA1
1ff80114c23daadd137767eec6712223d008393a

SHA256
69c72a7a809fc1601a802bca9b9dce8ba34cd3781c4699609d9c6ffa7159932a

SHA512
367a21599a05e0334ff0b105f628a6f2850f97f0db9c55aead0431b5617b490eef251fcb576a61fd916079479dc01e7d65088d029d7e2e8a5e0737e1b3c76448

Download Submit
/data/data/com.fp.backup/app_data/ddmmgr.db-wal

Filesize
32KB

MD5
e53a96d307d80576ee85023b11a17698

SHA1
aab1742a48a01ff828f91fe1043bfe66aa7dd465

SHA256
38fd377726f9c2457b9844e599babf61513d7f314d5515678033da9888f61cdd

SHA512
c603bede4bec8629e2f94bbdd58da60c0e01e6cee676e7d0afb07e69dd9589fa778d92b402b1531ab4e15e306373c68aac42b2944cd512df8dbf920929754d8e

Download Submit
/data/data/com.fp.backup/app_data/device_id

Filesize
22B

MD5
063a3db0c52ae378ae7173d1ab6bad71

SHA1
7c1425580aeb1dff4dcd35ae3145a2fd781ef6dd

SHA256
101dff13b2d09b3dcc76bab8208d1c4de8972c7b2415501025af3b69ad822a13

SHA512
6eab88571f8c7ed1dd76b3ff494a1369f8fb497788dec49b816518dec34f77d64484b4b00bdf447d358af3fed5155a01cea2d8ffd6f859a9c8503063de5e8ef7

Download Submit
/data/data/com.fp.backup/app_data/events.db-journal

Filesize
512B

MD5
a9b6b3bfe18001830099aa7f9e6900e5

SHA1
8b30ce580d05e2fdb5ac9eafcbd0b23a8fa6e1bc

SHA256
37946e4c5cc7abbaae808566fea7fe1539b293f481f9ffdb645dbf707d098789

SHA512
045d0341ab4b7fed8a2082317a46729f3825af4f5640a6ad5ddd72d8bd3020766834bba8ef6e6528fa8ec93218872b46eb6534d5d2eba004a0065198e2be08a1

Download Submit
/data/data/com.fp.backup/app_data/events.db-wal

Filesize
16KB

MD5
a74e7743810f0d7e8f157b8f0098a006

SHA1
f7a7804f45d326047ef719c7fba173c27bc8a4b6

SHA256
00daffbe3d2cf4c9d9b7fe587e4e066274d2d515044f56610d044617d1ebf6fa

SHA512
46432c8913fd1d76dace46ff7e79e174fabe4392c6637f38f902b392c4eef09c597d1d15b34eab00c4f331e184b725db49bc77c55ff9200c4c4e37ed64d2e022

Download Submit
/data/data/com.fp.backup/app_data/ffmpeg

Filesize
17.6MB

MD5
efab65c8885bd5594996d41fd5d13b1b

SHA1
871888959ba2f063e18f56272d0d98ae01938ceb

SHA256
1f268a790407d56ddc65afc0b10658a646156bf535519345510ff8347ad7ea5e

SHA512
ed7046029b9f945cc55d4c9149eb12000d27a31d11d6b80ac24ba33d6da6e40de854dd7cb5a3bf4743b3d9a73653917ab5d0220697ff16e89ca0483be8428e78

Download Submit
/data/data/com.fp.backup/app_data/phoenix_db.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.fp.backup/app_data/phoenix_db.db-journal

Filesize
512B

MD5
08e3c6900309b8b1443c17da856ad890

SHA1
67cd881f2716590efa12e02b664b33e80e079124

SHA256
62d3b1ac0cef7c4ae951be5ae99d099de175ef7972d38ed960d5528eef616778

SHA512
587715e202193b57696e3297fe7368fe56af68b0b9ee05a85c258c161007a6ad70a17725050aaa073a37aec2bae572c3a22aba2fa4e6cc2fc01ee718f31db674

Download Submit
/data/data/com.fp.backup/app_data/phoenix_db.db-journal

Filesize
512B

MD5
511a0cecbfb2851fed96abe324bec588

SHA1
77d3c858088204ecae1afdd421cf0bbac61eef44

SHA256
a1082e07054e4d8bef9aa9fdfa49e37e2e3d7b373acf85775cea8c657eb2987d

SHA512
4b1d634d4e56a5528b54cf8a6535837b30d99b224b6ef3108bc7a53090958982e50e27cdae3c9272bd1255f7f73ebf7b8c079a84f5f9d4f8555511271019f796

Download Submit
/data/data/com.fp.backup/app_data/phoenix_db.db-wal

Filesize
60KB

MD5
7801ba5505b0939678735b26412c5449

SHA1
ff93a0f23ea45bcaac860deedd146e24e839821b

SHA256
b27d83706818574a1daae83bc0bca27eebaa69354b6c388457735c9a3e6f6e4e

SHA512
d906d8c8f7420e7dd50705ca923f02d0f024cc99d84693a6eb49f2a1dfdfbe36c9f2cad3415449154afc8f08de1022f40bd927c1931f35ef796e3910c0a6d88c

Download Submit
/data/data/com.fp.backup/app_data/preferences.dat

Filesize
5KB

MD5
33945acbb44dfb21fe05831ca236ceb6

SHA1
82231bf0c2129e042bf9f73da6e04c394d7a26c5

SHA256
2cab1de1a7ae7eb0e35b8bdf5f262049b61416ee2ca2733104ef6de52203568b

SHA512
d4512fef4483024651eddae4bdca81fe655384c08610c92068d1030067b231fabbf310eece983286babf708c4963116bb2cd8c35fe98cbb1d7c15d88017d8e58

Download Submit
/data/data/com.fp.backup/app_data/system_url.dat

Filesize
397B

MD5
7be0709473f4901651517048e3e8ea2c

SHA1
dcc4eebcec1d7c58c3006a3918df8fa80ae752f7

SHA256
b42d22ee303a05de64fc30063740653ec76bf290b109c5e085d6b2a7d8feb465

SHA512
0dddcf316375d176de70aecb006f50fed335556e6d174aa0dbb88440632ff4bd2091af16f4809cb8bea592166d56437cb57c161c21c0383724d41bba025cac7d

Download Submit
/data/data/com.fp.backup/app_data/wd.log

Filesize
4KB

MD5
a67da21af543ce8b417d02fb489220c0

SHA1
de2bc767a5e3eef6ed33f450ad3e082e9dbaa9f6

SHA256
ad42900bf41b45b28e021800f6aa2ad785f37b403d6e03416f90c8934f871a6d

SHA512
3753f7babd00b9eb5824612a73cfb6e8f4b099e8c3a8c6c3dd5e468ae6be12d001851d33b911357093f627481a87769c42baa4817a967a0db1ffe00db0b824c7

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e6c753641779a1016894859df0513960

SHA1
b72747af5512037b222280667c55edf80761c9c7

SHA256
20e04623769a499dda57f58c7c8514ddc13d8b52123b9d3eb1f681b3d33d34c6

SHA512
59a109ada7f2b60a878d49353b138db0319e08cb66a19b9ebee10a718f8fde16c9783f600b9e195811f3b7c04498887b787ede3e59001df2189eae10d4299df4

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d2e67def4df5a22613f40deee0df37cc

SHA1
ae20c48873f842e92f90b198b67a76bdf210e5a4

SHA256
d6c67275473dce1bb9fae882bdcdb3915fd3f60acffc23b25805059d9362dadc

SHA512
7cb5cbfa594d457c32f7a7697e66c4c57284e8beda744f1f5313c586da278dcb421ff3fded054c992f557841a950c7851024b66b75f44585691f5200a8c8de87

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db

Filesize
16KB

MD5
53ba1f2f0030d1c23d8c64feafed689a

SHA1
44c215e7dd3ab75e2289872798a3e5ae845efcfe

SHA256
d496a52a6dd6e2fa024882df68298d3ed0a0048951a68b3861cf3de1331d8aa8

SHA512
80d54f88ec2b592ab8540b746fb7f7392ca317a23d757134d590c2a7571614c660171859be9a6b73b1ddcc4ed65bee425ab44b5922a0a33441fca67f162d6d7d

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8b49e8702f93449bd04a8b03238044a6

SHA1
16c23b1db181b487ecaec8d6e8b37241c73600d7

SHA256
435e39f768d978700a43b027efe3c6f28ca80c209af10e3d87c395fbb132897c

SHA512
f2bed36a4f79eb5c0eac1795aae77b0887537a9388816f6c6d45f59ba16028f58171b801fb9b11e1f0011f3be67590eefa65a8a1ffd3b694e97f6d606405207c

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
714698801b5bb940ad060846eda358ef

SHA1
319a3e2ac0d48dd471a609904f0eea57f5a4c2d1

SHA256
e2e960e37890eef0cfc9e277cb092423a098a1bfca7a0218364a1067dd95c9e4

SHA512
7afeaf0ee9e6e95ac07164f2b95e08e694e9e08d5ace9f53df8bbb57c60aeddfc5ea8b1ae1e7ebd46d736fb915c25452b756e050564ec6a3ab4384b9c7425492

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
62384c29285fbd336a72dd7054f25fa6

SHA1
71eab8e4b22d19a61c1e8af7b6ee5166f7acc455

SHA256
4652457225bc29bdd0fc3e257017a4f710e0ea5180d8c3e24ccd1cdf59e24825

SHA512
5aa49e33b6a3fea286bc833fd94f0340a28b563bdc638e1827921c71011717c9672ce0db455b4949f31b52bfa48265cc9fa4dd1f13e5e2aa8d00ed0a70cd65d7

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
215a3ffdf49d842d35819bdbefbc3c61

SHA1
d9b31cdf77ab150fce6c85ca7dd866adbeb2a767

SHA256
05d5a95c89dcbb1eed78ff8eb07e277713e6ba48c45a4cb0562bd6fb80dd19d5

SHA512
bbc4940781e1372551419f3ab6aa0b30192ccc05176d2b9419967f275d5532e8bf35921dd67c908edfbe3966085c0f5fc86c24720704cbbb2f5b963a0408f5a6

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
585f27a5042c08608c31894a3538a52a

SHA1
f59f69122fa616060e9cb0d33b5886f48e8125f5

SHA256
44c36ebb60e887252ae26d67ec8810813836f010135905cb9bd291e0ec7e7cc8

SHA512
cb7b0cd2dcd3b2a3a507170c70f32f675311f1c884b791bbe7a3868dc9aa3f8f8e7156921b174afb39df1c4a69e403b130f80ee1aba45202169064a6b7ab2a98

Download Submit
/data/data/com.fp.backup/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
23cdb4a0c3ce14b0f6b346e64eeb6c42

SHA1
1141802c0508a9a7bbadaf03d1df0c5f808a1e76

SHA256
5e8c54f1fc4c7b1148dc77cf90c9579da3f2cf822c2b48086324fa6f275d9876

SHA512
64e69dfc110611f5729a939aa26c22511244e05cb6bcfb551dc46a8a507b46daaf62afdd6eaabfd38f5596a311526129b472099d36fdeb3de5d28450c24d370e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads