Analysis

  • max time kernel
    2311741s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20-12-2023 01:21

General

  • Target

    789af85632a69be79983872dd17513fb0e9fd090273751dcaea0b481e1323c69.apk

  • Size

    6.5MB

  • MD5

    f3742c122727d8752c71b52758520ca8

  • SHA1

    d5b3f774699ec91580716822a67f33624c8c5756

  • SHA256

    789af85632a69be79983872dd17513fb0e9fd090273751dcaea0b481e1323c69

  • SHA512

    c175dfdb9ee25c96ac897f570c401ed5d8f92d977692ffe3b3d8c21b277d975e0ce5db36a633006a5c651782251a0aaf8bcd1712355a607e5f7af16abe5ab076

  • SSDEEP

    98304:0vcRciFknsCMid9PgYK2Co6J9aI0gVjbbUjXAkmNY6y/btyMtiZNyVQxvSCzSJa2:7ciFknsadt6SIwbUiLJyjZUVaKCmn

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs

Processes

  • ir.mortezagodarzee.shirinivacake
    1⤵
    • Requests cell location
    • Acquires the wake lock
    PID:4258

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/__pushe_base_lib_db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    f402f112ed71c3f059450d46d82a70c2

    SHA1

    f3d6e5b5c67c38e4e7212a3bfe51a5a316488e3d

    SHA256

    ed6ea3bc5d2087f4d316c196accd87ec779658ca945778561b14c8c24c8e29f7

    SHA512

    c31fdb00f8074ae92140e2cf2c91b09500b98941a2709a6582366d2df40e9e58265c4dc3ebeefb8aaf8f644b71864c6a1c2d867ee6c33412fbade6a748717f7f

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/__pushe_base_lib_db-wal

    Filesize

    16KB

    MD5

    b5a3711bd06402b590610b60f643eccc

    SHA1

    8a47c5b0b0ed6e000788886998fec2e515b86c31

    SHA256

    088d6f136099967237f5f9d754e77466639d0737b46e6394063598b2e0223f71

    SHA512

    b6d24dbdec5b0cd77cfe5ec435c6eee0a528ed581122d3e75cb462126217dae5a29d829464975ee5c220c2e20f55f320e976c9e491650fcc19e9c56498cdb029

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    9284d53aa6953c84b7ab9845567aa4df

    SHA1

    659ef4064d6d7d01988a9db9905db65bfd96547a

    SHA256

    c3324413c671fe8d66a78ae23949645e9f639df9f3ef76dce034e2d53fd9cf76

    SHA512

    70ae3420435d6ea53eff64907b746e6f94b1917e77977d488990e49d5ce567387e7794eb647af1f22a358d1318d7d9895d0abb238718a86e76ddc75b0bb7f78c

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    86f46ee41a915045e67a36cbf081c429

    SHA1

    b7cef8e17d4a4e350062c66bd38006ed263d4695

    SHA256

    4b075eafc3810a569ef886b2d090ed03fe6266db396deff65ea37f7b61551857

    SHA512

    dbe5ce041b02fcc54ee58e2a5aecc7763f70ca88a6654f14b3b32181fce28bb3d80d14490d81dd650992780687757a757cb0658113d1e6f28ff583d885f23825

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    a05217e65cc6c1979547cd9b68241f46

    SHA1

    bc692d262a9116d5f3e92fa580a3c5dceb34a4df

    SHA256

    fee465bbc3dfc51f0457483b550d918d04424ca841012e695ada8dc7e7df4b71

    SHA512

    373c7fdacfd88f5d3978ede059434042b808a51067c37982437a01cad5aca9e150e25e7956af17f7108a960fd9586d8972226356a4b4940d16ad644cacc6fee2

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    978fdf85b8448e3a7c9015e51477eb49

    SHA1

    793bb88398dc9457935a4416638d5ed3974baf19

    SHA256

    8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

    SHA512

    852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    51f2fb03c09ec34dd0fece1c50c3818c

    SHA1

    457a5e9fdef9f08ba8fc442f01180b3bf237d2f8

    SHA256

    076391c393dbfe054b03d11801aff50caab241be95b060cc2c0323ed2d482d9f

    SHA512

    235889971c56b97e83822a73e8e2984954098f18a30ec25c5d5c3c9c8e47ee2d346b5262191e79c0a1f42dc9e2d35d70866e492fd0dcb0aacfc8badc3ebeec28

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    93eff23c7bd93c9d016d8748f4c1cf76

    SHA1

    78094c46de2a117fca25f2d7095d5e6cefcc323b

    SHA256

    2240662160ab9db820a3646631f6e08dc89d47407ad1792c1fd571c020706477

    SHA512

    b739449ece1834188cb5d791c392f0fe5ab6721c91d02f80b9c909c6a70d9969fc7583c325db026eb6c8d93f8bd507983cca9952fea65157536ab5398b15df6c

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    20b85cea24b713913c319a44da350040

    SHA1

    59b1d6f84af047fef583d23a5896d6566555706d

    SHA256

    4dc7b1b3d963df599768f63b71a60739df47b280364d90219c085a1886728214

    SHA512

    45109bf449025d2092c9d066aa2c904ae75a1022aedd5b1591741967a6d6b97db245c1947592874555ebb985d2d1afbab3f7e7264a2a45accce4098d228ea1be

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    e7276423296cf4f58c3cf3b0df92f4af

    SHA1

    0c2f32b72c65385892f7d140e797d0600db6ddb9

    SHA256

    7e4a3559130c51b57b9c5a9da8465e362a2e021ab19aa6f3527c955ad03a539d

    SHA512

    613b5c303d1989775b7d24db97f2f404c8778e342efbb255a1aaa30224373c1e6c3be7e9e54b24631c5f15770951f31ec18126ded0d9c0e9c9c1be4e566ee002

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    d86c39d6ba219d4e4813e4f4ed3791e9

    SHA1

    3170a66dc0e889ba733ff808c319ac6423ecbea5

    SHA256

    9a9a753c264aa00d760f9e84aba1bb2868570ca1931202850c3b97e6498e17e5

    SHA512

    71db3b2699a496823f85c6a3a1b4139d3d5910d8723aa3754c1f6dc0587ec0d8e097f4aa865e9451dfa1b6412e96e4561583a542eabc213f976287ebe4c05fbe

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db-wal

    Filesize

    28KB

    MD5

    7ea0f27e55b19a830af92da1c1ff552f

    SHA1

    18bbdf07b4e8af9a61b58bc571cc186123596147

    SHA256

    84159e9079490bd9b310770f50bee5e7255f80b5e716fcdc37e353725628f613

    SHA512

    5a42b1b9b2108ad578f7de64b1ddf922ed7ca42d2c9a0d36b233a71ac3cc57c719b6896d8588f9eee9048a247bea0ebe384101a6f1cc20155c8e6768d0e5ff61

  • /data/data/ir.mortezagodarzee.shirinivacake/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    0d960f813b129463c18d8d26b88172f7

    SHA1

    2e573ca50e17a5379fc13cc1f71e96f6ba4cdb89

    SHA256

    54948345496fedc72325c08b09718d9b8c56f618c723e8cb131587c34f5e581b

    SHA512

    a086fd3d5df5142eb9333d3fdd77896ef20e565f879f43e4177d9344df556411544f7b1952dc73c80996dd0365e0f4742cdf9746ebaeae203ac3218396e75edd

  • /data/data/ir.mortezagodarzee.shirinivacake/files/unsent_requests

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1