Analysis

  • max time kernel
    2236991s
  • max time network
    59s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20231215-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
  • submitted
    20/12/2023, 03:43

General

  • Target

    Duolingo-Premium-v5.132.4_build_1766-Mod.apk

  • Size

    54.7MB

  • MD5

    f1329bcf46ea6209c8ae3cd62424f5c8

  • SHA1

    c41b1da5604c16c10fec6cbb72c4147759e8df5f

  • SHA256

    ee5dfd247138492436c2df5ea99714192794280fbf25bb49202128f2b1031b10

  • SHA512

    77ecd7c575585b51960f47c927f4240d34b9ecbf415e91a6b64bc9cbf6cd4c7daa5586eee36c614c3f4c9795bbeec6cc896b8bef8992b5cded564376d9f7515e

  • SSDEEP

    1572864:pWR4ylDUwduiae7GCVBvphWdHjxWfCUL1hXpd0+Zxx5xV+VlXP:cJlDU5iz7GCLvrWdDxW5L1S

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Checks the presence of a debugger

Processes

  • com.duolingo
    1⤵
    • Acquires the wake lock
    PID:4366

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.duolingo/databases/com.google.android.datatransport.events

          Filesize

          56KB

          MD5

          c1c96a9687bf3fc50b88a7c573030445

          SHA1

          db475d98f10cd3a2f717e7e3c04045e8c0892261

          SHA256

          3cb365575cb38ea00bc5c011463fb3f4fa6a9d89c1817ebdfb5d2b5f5ea6445e

          SHA512

          ef6e7bf08f53349f261c126f21da47c7fe73a46ec5ffc893cf153bf9b1812a0f4246f572edcefc86706f6656341cc5ba9b01711df08589a2dbf513d3cf4fbf9e

        • /data/data/com.duolingo/databases/com.google.android.datatransport.events-journal

          Filesize

          512B

          MD5

          4082f0fcdb66fd028fa3a3f46e48496a

          SHA1

          b525e1ab552a49827cb85fdabfae6d792606429b

          SHA256

          21273e7c1d6468adb3911746592927faaaa795e50718b14bc07fdf1eefeeedb3

          SHA512

          aa6a4bb7e8a5aa50ca48732ea5a37520365ac38bef43ae8734494ebe18805a5a37607495d7eab754e2e1863d11806d27c6cdae1bb5c38ee1dfd88662ae99beb7

        • /data/data/com.duolingo/databases/com.google.android.datatransport.events-journal

          Filesize

          8KB

          MD5

          740d5a7e222ee7bc8a3d4efa51d73173

          SHA1

          9925f7487b3b2b9b642e5ec1e964f09df8d6d3ff

          SHA256

          07aa97a5ba8f127683c909fdd4b72ce88843d472e493a486bb95fe7b07130ac2

          SHA512

          1dec90b04d76a3811dc6b2b4afd2354fc92a6374f533a084a439f748ae3635817f32ce2390e2871ced260bcdb66d35e25a1451cb725748c3277ea430be1592c3

        • /data/data/com.duolingo/databases/com.google.android.datatransport.events-journal

          Filesize

          8KB

          MD5

          075af0ab20f4a98885596f78c6beeda8

          SHA1

          6e6c0596cfc7cdca9bd3a73b8e565c4c1dbafd68

          SHA256

          2955a8dcdfc7639ead174a5793693dc340a8748b3328868a142890a34197dd33

          SHA512

          5cf5c5c55c4e6c96d65c6528d005fca03506aafa243f32b25eb76cde46d826da8b3499cf0bf43137f405778b9a2a894a54d6c192f4966092089368791d1b591d

        • /data/data/com.duolingo/files/.com.google.firebase.crashlytics/658263B602B60001110ED95F10F4C9E9keys.meta

          Filesize

          556B

          MD5

          a6b8743544e8dc4b7de506655f27520a

          SHA1

          c87efa3b50cb6d814e5d98ba637b956483f8932b

          SHA256

          a0b77272fd7f89d6c799eef8d27b6b82b051bc22d74e7eae70e800b66a12ad07

          SHA512

          3ceb8af28e1219895f861d6622537af901303e764adf186f2e4e65d39f421788749e1524648475929685e04cc190b99fab221248b88e423247923994ffaded89

        • /data/data/com.duolingo/files/.com.google.firebase.crashlytics/658263B602B60001110ED95F10F4C9E9keys.meta

          Filesize

          490B

          MD5

          8f8d233bf8b9d9a648c5839e5585a5bc

          SHA1

          704240a1eeae0e4a233ab704cc215176dc10b4a3

          SHA256

          82eef4c67813c1f3209ad88df69ab69e965a1bd5cb8c9b065ab8424b2b444260

          SHA512

          7e05e7e5f26bdeeab924e574abfaaae767ad6b4597c2d8181491f42de3755083dfb312b0e7681e87f7c289df5ec24c2a4f9115cced0af33854b75952ba9dae50

        • /data/data/com.duolingo/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-658263B602B60001110ED95F10F4C9E9.temp.tmp

          Filesize

          16B

          MD5

          c33583fae4e0b61cde1c5b9227963237

          SHA1

          fe2ebe4d27469af1460f7e852031a04208ef629b

          SHA256

          35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

          SHA512

          fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

        • /data/data/com.duolingo/files/.com.google.firebase.crashlytics/report-persistence/sessions/658263B602B60001110ED95F10F4C9E9/report

          Filesize

          739B

          MD5

          678126a165dd5b8b58e12bd0a72ca435

          SHA1

          ebf1195e2140050c44671edd796e468e4ad17d0b

          SHA256

          a6fbb4631f4330ddeb434e21d1e2cc44aaccdbde4dae9180e6c299bfd54149d0

          SHA512

          475e7c0a649f1f852ef0edd3d56ac2e8dcf4ba282f6645dc05d70bf8b915c7766bd40a1a6793151e59a98111639eabca004066647ecb1f99817cf431c9a0761b

        • /data/data/com.duolingo/files/excess_events/event_store.ndjson.tmp

          Filesize

          1KB

          MD5

          8b0c659c5a9538030c42b1b43d48011d

          SHA1

          f1187571bc0159037621199aeff9b3d61485ab28

          SHA256

          4bf1bef6532dad9cf15cc14834d78195e2f8f2fbce9e223adcad3344750c4417

          SHA512

          21a6c4a80b4f8cdf4ef5c31f9ad28271d93e6c50231f95ab965f412587523482cef1393ca7aa1210ce61d64840402c4e99603824fe33a6853e414ce88007c046

        • /data/data/com.duolingo/files/excess_events/event_store.ndjson.tmp

          Filesize

          3KB

          MD5

          a8fe3f1098dd51e30199bcf89333ed7c

          SHA1

          035171328d504d6f9035e8db711ea75273cd6e3f

          SHA256

          b72be62f6a3d7363b1492594136ebd4b754e74394260ccb060c92e78722bacbb

          SHA512

          bb9b1b7ceb9764638f78841fa9c31fb634900b878e087db712f27abd04561963513f787c671e6941fb51d915320600f4277845b7ef75c192c7e4aa89b3f34fd3

        • /data/data/com.duolingo/files/excess_events/event_store.ndjson.tmp

          Filesize

          5KB

          MD5

          738f87e728f23082eaae9a7adf46b38c

          SHA1

          8bbe008c4debedade137f9f3a0e517e48112811e

          SHA256

          70924d812b3f2cc776aeee5bbcf9b169bdeb8ceda90ef9b5acbe60e21cda06cd

          SHA512

          968f475f6db03d0bfdd99bb6b42732732a180f5806012d2de57ae92da2b9363b090f83c206c1082cac7d868f6c0ccf611f172f30f2321168279d34431c0ad7ac

        • /data/data/com.duolingo/no_backup/androidx.work.workdb

          Filesize

          4KB

          MD5

          0eb157e1a86d4d00aa601dd2f6ff3ee3

          SHA1

          fee434f784e73cc7916322e949f727caf8363102

          SHA256

          b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

          SHA512

          b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

        • /data/data/com.duolingo/no_backup/androidx.work.workdb-journal

          Filesize

          512B

          MD5

          a56f0c013d8446aff39b8ec1b84c6b8e

          SHA1

          20b4f3997d40381ad4a91c00285d50deb4b64219

          SHA256

          9b33f2f891218b77aabb3ba4fafac8ce35b520e5a1201c88473d333b93f0bcd7

          SHA512

          a4a0152b545778477822822b8c0317f0200badce485236c1f5e6fae537ad709833f34b58874b6f56188dbf29ac249ce92d9786d67ce8d62af2fff5f80b2c6cff

        • /data/data/com.duolingo/no_backup/androidx.work.workdb-shm

          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

        • /data/data/com.duolingo/no_backup/androidx.work.workdb-wal

          Filesize

          16KB

          MD5

          55934d04d129c67a58a71701ce38cd78

          SHA1

          001bad32fd053858c9e17f27a4203cf384721686

          SHA256

          139a537211d41971aeb4b90f07e9b084e66107032f449921789fd62a7be0616f

          SHA512

          b0ced62b7da6fa5fd808cef23151aa0b5fad64915a2a5b35319da4417e498a1cb573ca6c384b1746441eb158e17cd547d9c461b4f325c820231140fa1f9c0328

        • /data/data/com.duolingo/no_backup/androidx.work.workdb-wal

          Filesize

          108KB

          MD5

          532666428f596d91c44c6dca0d7c97f9

          SHA1

          869f54bb776c6f75c5a0d57edca1a67f3e3c1113

          SHA256

          127d119351bb01f8d49a6ae31b372b7a24fde03e1525b11be7336ac99c60b608

          SHA512

          16f81a8d346864f2af2ddc3370dfbe5dab5a9d6241f68852bc14ce2cabd7190ac599342673c7d75d77fca0066c6236221f56a3f797aa07e14837ddac0f875a90

        • /data/data/com.duolingo/no_backup/androidx.work.workdb-wal

          Filesize

          213KB

          MD5

          48935bbfa17492801b7ae2572ac7b7f8

          SHA1

          b2ef4d87fa5fa663a62f0ad4316a8b1533783c6a

          SHA256

          ab218f41611490b0d14d9898f98873ccb3837f522a2845422b24363f05024ed9

          SHA512

          e77d2f0cc8bcf7b1a1e908f108d4faeb7bd1dbedc43b26af8e795c7a07b54f98b5b1403ad06c92ed0d0a68b44b4a22011d6bf07599035f655263c367bbf4bfbc