7f603216a0a7bae2c8cec65a800608ac22cfff8cd98c699677e44d36267a9798

Analysis

max time kernel
2350952s
max time network
151s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 02:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7f603216a0a7bae2c8cec65a800608ac22cfff8cd98c699677e44d36267a9798.apk
Size

6.7MB
MD5

43bd113a0952172bcba57055f5a707bb
SHA1

accdbdc724fbe4a45c4de5f9f0bdfc369e8fb35d
SHA256

7f603216a0a7bae2c8cec65a800608ac22cfff8cd98c699677e44d36267a9798
SHA512

cfd33f70fe0bc7de2e2af0f58c3eb215e8326e2bd694b0bd6ff9183abfdc5bf742f2e713ef21fc634ce2d38f8945b88e9a972b996af71c0f3a71616c74255845
SSDEEP

196608:wJevH3JnYUuWf6p0JyzMJh0XPfZWxFiFyTnf:wJev3JYUuZylGf8Cyf

Score

6^/10

evasion

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

air.com.arsnetworks.poems.moshiri

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock air.com.arsnetworks.poems.moshiri
Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
evasion

Processes:

air.com.arsnetworks.poems.moshiri

description ioc process

Framework API call android.hardware.SensorManager.registerListener air.com.arsnetworks.poems.moshiri

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	air.com.arsnetworks.poems.moshiri

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	air.com.arsnetworks.poems.moshiri

air.com.arsnetworks.poems.moshiri
1⤵
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4250

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/air.com.arsnetworks.poems.moshiri/app_Parse/currentInstallation

Filesize
406B

MD5
35d31dacc247b30c7de2075ec824f839

SHA1
0a383359d1e1b986011e964cf4de506893061705

SHA256
dcf14ac9701d53b21bb1bfc6812f940b352884a6ac0ba5e97a30e96db3503bc0

SHA512
795abdc23b8ac35ff659db28324a5fec590a712fc89fa1389bdfc6932bf261ad11e8f3a40843d9a0dd56c0f1dee46f726981b872a7b11115322255b4f5761093

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/app_Parse/installationId

Filesize
36B

MD5
c9de5245dcd897bc9dabe3fa5e4f2e97

SHA1
b14b920d7ef44745149a57a2d1dd3599e3d0d1cf

SHA256
dd93035efcb7862d94dc76dc20615b4541e510abe3508408d540bd691edf0b04

SHA512
5eca56147fef438148fb7dee56b79f7900c70e112b0493ab5b9ddb9614d0175b07384912a0233ebaafd5e62f03b2f19171224b0d96e625004c5d109eb8aaf205

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/cache/com.parse/applicationId

Filesize
33B

MD5
c8d09a0b17e615521946081ae53fd9ba

SHA1
fb75da3218d3624a92808836cff1ec5b155bfc6d

SHA256
267624001e7c4767714a84aaef592b80f82f18482fcb28c8db302dce8c22fcf4

SHA512
4d03a0d7ffa18e3a7fe16702b7be3dc606997828082535ef3628df3c6971849979d479d7bbd8a1a22cc4b5f92ff142760556ecf31eee38a3ffa58a88a7a15e49

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ef3ca892df2be10d08e6bceb28920dd6

SHA1
2cccda5f4f5f021dcda46e85182df4e084531043

SHA256
98331d0dfbd19a9b36f18fae83e4bc6f608347e466dceda41857010623ccf8bc

SHA512
d9f1a271b41a8158549123a0d5088c02d09f9f137509a4511d3645c8c128a7226033ffd5c8740f1ab56eea298d31fe9464f6ece40a6c75a60de748c7ec86e01a

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db

Filesize
16KB

MD5
63c34267d275188ad756e1e363d48f79

SHA1
38b2c6bec72f1037b1e2a3c762571620daaaa1d0

SHA256
c7937fb9d7f15211785704fc7998717b5aef7eabb10e25df5a09e34d6c3ddac3

SHA512
b4baf0442ff28d588b4ca462a339e5df521630f62db02e53f51c553b60188e3482c752939e57827822db35ba03ca1368ad39bfff3241684bcd945a5aa46d78dd

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8f3189834ff3d464f6537e5e418e45b6

SHA1
87b5d562772d0dff3e27f411bda667f5ba3470e5

SHA256
610ce3642ce3f95f57bf07c38b9285d2e9826816cde0c778f749b081c97306bb

SHA512
f4db8867b842d3cf423d4b8d55e26d8bcec885b90262ab161256e004b62d31ee1b02cdfd1a453ad6b6ff0bf014ba28c934c65eb81449094f46be5f7a98d0a5e5

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db-wal

Filesize
32KB

MD5
db72967403dd58ac6b8ac5b1f2c208db

SHA1
afc022269b1fa0c69f355e5c932e0678cfd4b342

SHA256
5948f87417dc9a48f8935dc24bb357e7ba94ff8a088f91904651e85341db9a27

SHA512
a85d5a350bb0cb2ea21d30fee19227c82b9d604fd726d8082dca69684e91ec16f65871698e05d0863238a1ae692141b69e1864994ba1211aab3b91c8765da312

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ce57a1265461343bcd3012cdfdb14083

SHA1
c6432a208c89af13e942e3a4eb17f5dbc87ce163

SHA256
3eb1695e56985a17e4d5ce7749cfb069a3f9952c8a6c7fc922cd2e557fcf9071

SHA512
656a6b07c94424dd4fe238aa774da51026df3aeac57cc594214213dda22898b5953c439802c9a2aafcfc3801c95aec6124187b44125474037ced8737976b9224

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3d567ff3c37f721988c02f8cd0837b56

SHA1
74006cd41537b1c30893bac1168b3dd2c099c2d5

SHA256
6863b4b5825d9af876c7ad5420f965643b30cef67fe5b88a69fea1b98e4bdd3f

SHA512
f92be1432d156269809324efab48081559ca4d68e711ac9c6653d9813f6e7d5eaca090a72b687689dc5e6c98f07e31960193f402b3ec03f8265dd42e30592729

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/moshiri_v2.dat

Filesize
109KB

MD5
989dca4e043d0fce213803cd083a361f

SHA1
051bb1e8f19d287ec1ef8d6c9b84c17a742139a4

SHA256
acd23691cf0564b725e72117946cc5ca2db2effd171c41f8f006111be5038903

SHA512
b0df6d89e7d34afbdbf53040603e653fc34d43a2cc9fff1d7927f350ef23c91a26ed1a5b0f83ff89b966c3d8283f14802f03e1b0819ad606503c75da2769c2f4

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/moshiri_v2.dat-journal

Filesize
512B

MD5
1f98e61f3252d9665913874307218ccb

SHA1
1783df725a8d7dbd708e861ca2a0ad438212e3f3

SHA256
a2b66b3cf7bb8b3725f71d450157b013c34b838fd06f201d1993303a632b92ca

SHA512
e7f474a11c5d3a7a3d0ad3ed6fcc367cdd463622a47e632a2e1b7a3cbd088ddf4f8b3bea92527a75be710ac9f41ce651e82b3cafdece07522386d0ba4ed1a561

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/databases/moshiri_v2.dat-wal

Filesize
20KB

MD5
1531490d8d57d232ccddae60ca57fd21

SHA1
b45cf036009114ef2e5bd2d3fd8f41e903698081

SHA256
2192f94245ff4f753f865022c7eb0eb192fb65f4fa1b1c28c8c28a61a201a184

SHA512
54bbf303b6d57eadd47b4921359e78419025f5fd4e0a8df8ce0b052704b5aef42a4db75d00a9b95d22d2e8d2f76935c2c0d5b57a65ed119c4409c9ef4a1531d9

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/231221.tmp

Filesize
94B

MD5
69ef529a501ee121d11596ea07ff68b2

SHA1
494752cc934c175438aaecb5d884fd043ec86c9f

SHA256
18eeb687cac8592829746d56e670acf70d47f84ef48cac3120ddfb7918ea1001

SHA512
15d657e360f1ac43c513ca40de674a43e4d67b9f2c5f7252ac204a5c7175f2cb8820b8cfd978ae7689221c664060894732290c694c1e2a19d644fc79b610862c

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/231221_112638045.get

Filesize
230B

MD5
1907c11fe0cd22d923a9787e6c680bd0

SHA1
6ccaa817c836b090bba8dc4adaa66fd0c6ec2d95

SHA256
2505db010aae9e8e9cc49094a9274e02fdbafd0b2eda4c23d092a46f8e3303a2

SHA512
6af854e55693a49e5e29eb9e6ee0ac2b1f35f1776be1ba6a23ad13d5b0c9ae940ef346ef1ae3e872ff1a7ae4d0f0011ad4b27db595036b4a77b03e663a1cb83f

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/231221_112638252.get

Filesize
51B

MD5
f8238ed12a61c4df8810190fe986d348

SHA1
55d1cd6e433cfc770271a6bf9d6e22f514e83c98

SHA256
fa873d189de4a41268211cb74ffd042bfc6ca200b7b3765bb841ab5fe9c976f8

SHA512
88a23fc07f28d7c8ef76ba691eefb075544f09437c3d5cc4753746fcf9bd3b6b20b0274e832b87c45fb292150d4c3feec5b66a98777962905e67adf96123b312

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/231221_112638428.get

Filesize
51B

MD5
56f067e025c47d9b8d20f2d2f7d9dcee

SHA1
eb16fa6bdd1f38f1de10a27be4497edd4e1b5936

SHA256
871cb419704a0f47ba704a662ce0bb3438b8a66a27a466d2e3ab21936c5441af

SHA512
78aa7748c61e266868690d5136976acfefcd838d976645071e59add7c234282f2398c70d76567ddaf4c3b5ecb90af0db6708ad332fd132fa6f1247488fc161c9

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/231221_112638689.get

Filesize
51B

MD5
c518d61b750762759cce4746f5eba929

SHA1
fbc9a9063452da88f3ac7f1028faee64926ef6bf

SHA256
6a59664e81b422333a033cd7e77ad9a5e7333a42dc2dd6440f1914328a83d4ec

SHA512
97b352303ec9d8be5c4f39d41e646d1585b4b4673d168024c9c5335e4319076d66a44db7518f663d4e995c3a956bf00a675c049f62227c66dc991873b46ecb08

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/231221_112639565.get

Filesize
51B

MD5
31c98e2d7be127842b8f8fe3337d5c37

SHA1
893dc8e38d8d524fcc3eb1037434da321589eddb

SHA256
3bbb16ba11cf0385349dff9d3875ec98daa907dacedc0336cbb81bce08a5495f

SHA512
d31c12ad026e7e7651155635dafba7e9dcfcbbecd840aba262140ad52ca32f68ad7582f54faf0e9be47b9a0b183546f9570060f882ff5c607a85fc762fca9d74

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638071.log

Filesize
384B

MD5
e5ae6f9de7b80a8069b54faf8ef97af8

SHA1
d1152121eeb96f3418227f29e9430d1a185f8bb8

SHA256
8d783cc0f984f904883681086e6890306dfe95c46dff29845c763efd49581936

SHA512
dfcee5cc3e892428ebd968d137cabdde7d5c2e25b9aa2947da1fc3d910b045838691c40ccf2d29dc7110c6c18f0a6ad2d284528b3131abfb8c97bf3dc53d3a57

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638071.zip

Filesize
377B

MD5
3d84e94aac64704d3fc7c474d06823b2

SHA1
40c2975875ed5a2493cdfda8a064a3307a7b9f9e

SHA256
cf09ffc7921bad7d8f3e9ae22f36174c478c4b495af3f5636b4b435dda7a5855

SHA512
8448fd953b42f344214ccae29a8a0d1060c2ba00c03d13bd1bc56199ba266e45a0f31777d3b8474ea9089cd31bf68826b60d8ed755f22984e1d823a41f8c3790

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638256.log

Filesize
256B

MD5
4d1e4c8b2eed418efeda702c1f628476

SHA1
64ac5b40d1665a5e824ab7021eee125629e6ee41

SHA256
63c891612a83c6514215f28cc9c94247db994e1b95c57a736938e2458c8eb333

SHA512
c7f84d419db80760ae14fac11f8e442cc1a8a5273712945eff201e1a5d4dc67d5a0efab8c4d0a037940d3f7631343a6f55400f5b537d43e1cafea1211cd94a3f

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638256.zip

Filesize
241B

MD5
9bc9980da821b0ce9a4fca0ebbf6c6a4

SHA1
45689172cc6093e64a7240166246815d9e8ce248

SHA256
a25b47d1f56646012ea5b9725243a97a383c9f75c65c3731c49c904c5a1619e1

SHA512
7ac2542c78c0bb489cf24e0f6831062209bed3762004b47d44273661a0d1ec21c1e2b8f7d01c321dd093de2cfb41b152431069cfbf172f1734f94a1bbe32fd6b

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638664.log

Filesize
256B

MD5
730a97d361478ae7da62c99eb23e7ee4

SHA1
7bd667afd38f37c070e6c7563d2c59f2aecdb866

SHA256
5965b42da1638bc8c2b725233a4841fe59c9069cc0e4b2aa2f92d6ddfa915b2e

SHA512
b56f506d1fc0ece9f529e457d95d4189d333bab4f65b48d9f2c65d5bc85ae60fb7fbf108c0b288bd594e21b7d275de4277e11133c7cd6537b36102fcacd36b7f

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638664.zip

Filesize
241B

MD5
666275231378d9c0ed5cd3c702428cd9

SHA1
1e2c68aef7853f284e3ae000fcc92fff5815061a

SHA256
4ac94be78080e6b9c128097fe1115190d653845ddbbedecf81c66e6f0bb40f8c

SHA512
b3889de6a7fba4eeeb9652c5712b5db60911a6db0e8550a3338ac5afa2c063c4e98e4ebd51a536e97a25fbac498096128264e3a0952846bd84e8bd24ee8fe0ae

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638692.log

Filesize
256B

MD5
ad8e002a549e7a9be1a13be11eadaf49

SHA1
04f408ab4dc7831a4aacf3116f3775108b11b3ec

SHA256
fb66500d801b0cd61f3f7b237086cd5b277c94857b9fc74a839b48d325384d38

SHA512
0d33aa423617f29c4cb1dd2ef79eb2572bd1141aa8cce6f6f009453a154c107e35ed86f5136bab8bf0e6c822884f397eaa475113511a94f85c2bc1304d5ca8dc

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112638692.zip

Filesize
241B

MD5
3de4bb2109dea488c52fff074ad57f8b

SHA1
60c0a433f0ededd00cf70317cd296856677a0522

SHA256
fb41901b89e7cf053b84babffb57c1537410fe97c08c1196ee0047afaffaf2cd

SHA512
0d5ed365a3854a5dea84dcade7ce79f254c51ea54ee49b1a1f83f013eb6f1038b5eda06127a5005b3e5b604295773428d45184bec7f7f370bc89929913861fba

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112639587.log

Filesize
256B

MD5
2af19227d070baf95ef8ba870eb7bcdf

SHA1
9bfc01aeb321256df714b0221f829ec755f75d05

SHA256
d25b80bb5c98deef1a75d36d1c721635d8551ae60a54c6762f4a4a49ffc1094d

SHA512
21d976d352ce1f3d1bd3131779f6a4e9b06385bba83154a693c86ab278d99f3d379b72a58460635901519a2734d52debf8c3aca54d23984f9347d892125f518b

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/files/bee7b7a7f0dca9f9_231221_112639587.zip

Filesize
241B

MD5
c57a2aa83c6f9c83af2b30dfc1129f0b

SHA1
d4ba6a9f95cb85be1976a5e1c157c69044cf12d8

SHA256
b9d22e08fc8a30c9d5655944a1fe20690ab761d505555174022a75f78a0a30a8

SHA512
c79564c7f102ba3e542eeb1db907ec653e84f7eeea07fb02bd2f5e649275f7996dacf7469352634a184dac65a49f040d233a4896a78a7008932a4069ad6c26b6

Download Submit
/data/data/air.com.arsnetworks.poems.moshiri/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
34463b527b047a4235eb00e5bf10e3e5

SHA1
18d1f3a516d941e16e9ca5815b724c8057a77855

SHA256
741c586b96998befa258bbe79db88e31b759a3011f9c1fff4fde4b11760d3ee1

SHA512
74057d1bf52b1d21eb7fcd09b58fab7f301e8bed24ce15a2ccab76422c5cb5dc4162f115957aa8428510f29ec9c06539576a90743ceae0cdc0192dde2229694a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads