Analysis

  • max time kernel
    2367614s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    20-12-2023 05:33

General

  • Target

    87f30af436938f2a776e7d2020457ea5599558e401a3389faaa8b5414e6e2721.apk

  • Size

    2.2MB

  • MD5

    a492cf1a84c67ed311f4f519082956be

  • SHA1

    0d9150161259c752b6dcafe21e6f501582ae1625

  • SHA256

    87f30af436938f2a776e7d2020457ea5599558e401a3389faaa8b5414e6e2721

  • SHA512

    466a36c13465bcbb72faa070b41fd0f2b7c54abd899e262b770df3a4bd6c4394a60b7905df9deefea066bfa2df113f5082b09ed161a7ae2c244ec1c68a9b1f43

  • SSDEEP

    49152:yvg1pMZjfr8sTD1ht9YktvhgiYqsm9/4jO8qXO076Fpf:yvgPu3rTDd9Y6yqsm9YeVu7

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.stop.devsalmedime
    1⤵
    • Acquires the wake lock
    PID:4913

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.stop.devsalmedime/cache/~test.test

    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    40162eab57c91d1087b2445146ff02e8

    SHA1

    0fe680f0caccf2f615de915ed495cb4f05830ca3

    SHA256

    cc1a7dcaf1738fbfc7f36b121010156214104cb39fa856945847c97acbf3ade9

    SHA512

    66e4e8f79b9624a14465b3abcd32eea175c749c1efb488c02301f78993dcc383886d37188aaa9032fb4e3982f0babb3a508bfb1f83a9670b01252b50e58e061f

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    13b5f183e633dd60c4109217cad746e1

    SHA1

    949addb241a5bd81cd6f48df772e1823d344cef8

    SHA256

    8f3aff9ed22802584336e7bd3a464fb0ff7bef6f12c3af923884ceea85afe527

    SHA512

    79c9d0effb34cce306e7aa22c9d1cb597a4cd86ea853888889a717bba79419b92408c6406e1f8f0b5eb2a7a1903621a6b6ad240319da7047da321ef28bd16658

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    21c6a750146979becdafb98bf580768c

    SHA1

    8d2e28a689ff0cedc293f57527bf1d85f0c9d61c

    SHA256

    ee840a5a3a6be4a849d4fa04605aaef718f1181b9b5aeec0e82739d52ab60637

    SHA512

    d36dd15132e49a95cbad8a2e5ce58d958f34da6639ae4df143f7bc59468f40582fee207c8c00c59b8f788b0b745b9b8ff59f3a8e83838451232a5306fc3c041a

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    188c0542bc062e48b614e5ca8c1081af

    SHA1

    0eb9b89a5c92957cd1fe748cc063b32853339774

    SHA256

    c1ccc325c2699ed7f556cf171566317f706a911c4d02b1644a2a7908b93da58b

    SHA512

    62a67f2c56bc3b40d49c80094f160d355a8f67130e1924109426e0481008bc2cd11a9e2675a901abd03cad1e7fe0028031e20d826437edcf35b6f86e2499c2b4

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    f7b04317802ce46cd6861c74bd6aa62f

    SHA1

    8abc45f70c61abf442886a202dd07a6d7cd0f7f5

    SHA256

    8c67bb4b0adc0b664a90c4f21704ae6b8d0f84d71a1e53e84ecf08f32672adbe

    SHA512

    16e984019413290c1501317c9472c474b84d1998b9bd571ac15ce3440251db421e688d93da789dec66857f7a25c531901cf6ec98e28d697349ffb07fa2deac97

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    c16d5b1cc63ad212c98532627d90ea42

    SHA1

    b95a1f831279aed41bac297e353d63843e1f74dc

    SHA256

    a87e40a42a16867c7d35a82e2337a786336813535016ccb6b432ec6d2fee1a70

    SHA512

    b68409daf34a0552edc6bd67f848bdfbed7d89b1714a5717bdbdee07aa47e50e4e552d78730a27b2aa129c1c79ef47291c86308f5d295480125b1aac8523ebc1

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    72a20fc0943b3f90843b6d6f7a112fbb

    SHA1

    9303527971cfc2abc0f75029ccc1d737f8f5cccc

    SHA256

    64088da7cd67055dbf583b8beb5f853dd07d7141a3aa95a744f5942367c61c2d

    SHA512

    a9ff1fcbc6d9abdf28cebf219df299207e7ae2d3224432561ef551e6187fe8f8557b4e1b7f3c3f821302af97da8c8aac948eceaa68c1e0c022742191dc2f0f48

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    22d02613a234b1ed6a2156cda622a424

    SHA1

    03b039cb13f73a918948646d850801f1cef28260

    SHA256

    63a85c76a7a4b4e3cf6c87c1b34c552ec90eac1a5a621c87b148a68ded7cbcb3

    SHA512

    e21e50f2ed0546752ad584e4bd09cb89d2170651b3c9d6b04fc6a7cb829196cf64820809cbee0562eda1864d35c4a1d3b92831d5748665d2cba443eea4d26152

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    ebe02f3265927727f5665efcbaa4d41a

    SHA1

    2c3328829dfe16ca9b37a06c47d4f18ac34548b8

    SHA256

    402581a84da715e9a4c28260543d741b4b46a37d60b94a1c4e5abd037df3e9cb

    SHA512

    c0da7ea5d7bb3cdc6e37336d851c2e093012e382de1dd0136326d120ba24e90e64b23397b0abfd7c186856bba292dcabb9434ba22a9129d7b71b3b2609adb660

  • /data/data/ir.stop.devsalmedime/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    18b0983f244cb66c091a08f8482b4746

    SHA1

    46328f970367369c1eba5d6839ab6bae03cf680a

    SHA256

    7b1a4d613b72f59ca9831f0983030b520f6faa3a05e96415e23dfd17f19fa730

    SHA512

    61291f7f0bafea917cd40237a6347bc2a47bac4419889b42b54803f4af6eed87beab9fd5855e9051cb04ff8bcb8274f3de8f3706e2b66a62b039d6b8d2fc47ce

  • /data/data/ir.stop.devsalmedime/files/PersistedInstallation4709790877777503384tmp

    Filesize

    90B

    MD5

    f5de6b2eed9e1f6eab5d5566bd11300d

    SHA1

    3de192a1f9e0fcee6183e7b8c6d31346c5a9ca6c

    SHA256

    f05f42e60b71d08d035f02a48fccc90b228643ef329b9b53d0dc70da79bd373d

    SHA512

    860d1bb68bc9ad6f9ea045226b874b82d5faa163eaf9f1a4f83067e7f9d2666c3bd81a78aba814873acc513b81d050fe0e496e6132b24cf952eb7a1d89cfd364

  • /data/data/ir.stop.devsalmedime/files/PersistedInstallation6751444062557309813tmp

    Filesize

    568B

    MD5

    9add86141d5fc1600e2b6f8c5369148b

    SHA1

    fb654e321cfbe68309bb6bbcc4e327165e2b2ed6

    SHA256

    1b4fd4b1c5c4080349df0eb342ae5698055d78676c595c29966bbfae76960c4e

    SHA512

    6ab18bcd8a9162a767cb2e8560d95aed346c8182807fe1720ef94ea3e73959156eacb52a2ce7cb77aab3ee30ee9e47e999d5ed8551d71da614872f478d84bb44