81f437dcb6e3a68ad3badd2cc79ca95361f57bc690ddf4592a50596f4fa44b0e

Analysis

max time kernel
2382912s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 03:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

81f437dcb6e3a68ad3badd2cc79ca95361f57bc690ddf4592a50596f4fa44b0e.apk
Size

1.6MB
MD5

0346504bc015c70d3ef8a3b5274f1295
SHA1

5a226ffe700292cc9877e345ba5c544df502c05e
SHA256

81f437dcb6e3a68ad3badd2cc79ca95361f57bc690ddf4592a50596f4fa44b0e
SHA512

2d09f2fa751ef28385d30a6b6d380a2ec94272ada8f91f72c028377ba74ffaa7bdc8673bb6654a73920e11c5d7ff7c2abcdc63ad82de64f5eaedcc8c994e3ccb
SSDEEP

49152:yzVLm0XZUM3OZakjZSDZIfkoB5hkmiLCLtm8S:yo0XmlgNIf1jiktrS

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/93b3fe6d.dex	4439	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/93b3fe6d.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/oat/x86/93b3fe6d.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/93b3fe6d.dex	4411	com.level9.oiltrain.transporter.eurotrain.driving.sim.subway

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.level9.oiltrain.transporter.eurotrain.driving.sim.subway

com.level9.oiltrain.transporter.eurotrain.driving.sim.subway
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:4411
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/93b3fe6d.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/oat/x86/93b3fe6d.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4439

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/93b3fe6d.dex

Filesize
261KB

MD5
5448fade2fc7aa579b2f32cea470d4a5

SHA1
11150277806996f22733209a79b54d5bcca80665

SHA256
7816dc7d3f88748d5f0ab9219f0b10f3a30f534e66a2b2aa8f58753d9aa2b7e9

SHA512
486f76101c962af221dd47dd2fa160776b6d4ec14ee2f38710cfbe8426bc837a2d978fb16f46e82181e92056dbc4dabbcd7b1c55f245ef1a947b2820a8e9d185

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/BGEaUZrY

Filesize
503B

MD5
66e5432d419e60da96537ce9f4731df5

SHA1
ac73bbea2fb246e44b51bcf6b4e8af30237efe34

SHA256
d530ede9a06625c7a4da3ffa76d52a81de21e5e9c7b0445f0c0e45c07b1071d6

SHA512
f5f3d4ccf5c500633e03ea81a8118b74cafdcdfab8d63119cdafd1c14d5cd5616af6b85ce7cab3764028164cd119b8519d361c3bff2a01b11d4914f543a80e5f

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/BGEaUZrY

Filesize
739B

MD5
501287b1be38d0ff6d035fba21462f9c

SHA1
17d6fa272401ec3d2e8b8cb1f41b66edeb642364

SHA256
f43b861b2363ec6fc295978354386d8bc26ec443594866277a96ed0ad6796475

SHA512
c08cddb0ea6abf80575fe55622cc5401ef15ab65a435d35f7df92aa57f4b5375d9f2ae01aff5486c07894b7f87daa794016cdecbdd1a60a130b175a05ed5eae3

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/PersistedInstallation6327648014050646162tmp

Filesize
90B

MD5
df71428dacac3441e4b2400b4894376c

SHA1
98a45d4c7c8704f4db5f17c580bd08c484be36fe

SHA256
0ec33dc54423e4ecaa38fc266db79ec290460f97ee44e73904b06a01397cc3d8

SHA512
1e35bb78d5a82ce55cf51920ae2bb8a24a94549fe053bf19506f98df0273082b5d19bfe394f9e0cb3cb928ce0be3e781b5321c6522f3e1e4d15023f3a31ccf46

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/PersistedInstallation8303153058671356688tmp

Filesize
569B

MD5
1bfd7bc4d99af3dfc2fa2a09561bd011

SHA1
419bf77fb43d407a6bdd12d2f3b795c83bb3ed44

SHA256
107c0643c8a0b2f1c72eccf2592b0c0dece092b02be1347dda57918fb7693224

SHA512
b81725e8e304e76cbe63b86a9e4752bf99e6a30e0da5d558376adabacb9b2a8633d538aca65d712d25a0a222b7e7443ea92c4070eb4834c812c82512eee18799

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/TrPJFdsN

Filesize
336B

MD5
59f0bba04a362c2df97c95a0a366d937

SHA1
4c37989992d8b64d8aae5e86c6e958df9cd17ccc

SHA256
a1794bab86884027c52c0b0610308e3bb337bb700dc534a9d7d5775c69e8aff8

SHA512
e9700e45a36d15e355d5f17f64da9b609aeb19045bdd28e514b348cc2e98bdecbe0919fa4773e64d76d866fe8ad634f6c7a9df82806995f5879e14de5be72434

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/TrPJFdsN

Filesize
336B

MD5
2b22bdd1348c57fb6712121606f9eab3

SHA1
7631a11d5314e7f452d532b31ab464231826934c

SHA256
33d835669620c21bd9eaf35f32322e64d22092c4ced559e566ca7fb0b8013d9a

SHA512
ca860d69d39ef267adc7fbec6ff0fe5a6d595ea813deba33bbccc041d117e9ce063fd457f4f92a49bbfe262f399cea3236f92e842abd7542d62a8d203561e4a6

Download Submit
/data/data/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/TrPJFdsN

Filesize
336B

MD5
872fa7eee9d2c3a20f5c0af9e02dd775

SHA1
cdd191662e4592152813d8f21ab2991aa2c15c34

SHA256
79238bbb254b5bd52009056419d9c24c52fd00c1cb739743c18fe79127d48ece

SHA512
3b713ae7c29b9585c87af7fd0fc42ce8f8ba121de2611a71add0e6e7fd4e578b2d45548b84b8a4ad5b1a0152f3038fa6b4f545d4c5e0bcfe02ca0510bd95b29e

Download Submit
/data/user/0/com.level9.oiltrain.transporter.eurotrain.driving.sim.subway/files/93b3fe6d.dex

Filesize
613KB

MD5
829a78d6a6571604b7f7f49e577719e9

SHA1
6ef60487216abdeae20ba43c291ac93c7b1dd631

SHA256
5d72c4d14c8b256e195c360e2262ada4032fa2d2c5ce4528404da408fe2dce98

SHA512
5471b1b9b9714e3ceca5a30e26362416c17335fa0869caf7cebd0afb96125646727c6473bf91f48f46ed3e8fe95d72f602f3043a8c3a09365b442f822c73c531

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads