85b94f396c873a8b8eff08cf73cbb6545cbcfe76d55666ef00b890313d62946c

Analysis

max time kernel
2441922s
max time network
136s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 04:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

85b94f396c873a8b8eff08cf73cbb6545cbcfe76d55666ef00b890313d62946c.apk
Size

5.1MB
MD5

84b5e5f7d0000f7f890d16481f234a77
SHA1

d6bf8d9d1ff3bd35f43d69239366ebf5b4681791
SHA256

85b94f396c873a8b8eff08cf73cbb6545cbcfe76d55666ef00b890313d62946c
SHA512

ec330f9a7ed5c305d94e5adb520ac30133d6cd74266555fab8e27963d3b1dace9d418264ac50077df6cab793bacce1dbeab654c6a483f845e4db9929a868aef0
SSDEEP

98304:D2FIO9lKOh32ofh8faHAN7ykE0l7tVhVn4H+fuaiUU430e+/VMx9X91u:INthmQYN7Y0vVhVtm/4k/Mx9X9U

Score

5^/10

evasion

Malware Config

Signatures

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.mcmfmemnnpnlnjmomlme.leitingrobot

com.mcmfmemnnpnlnjmomlme.leitingrobot
1⤵
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4256
- su
  2⤵
  PID:4326
- /system/bin/sh
  2⤵
  PID:4460
- - ls -l /sbin/su
    3⤵
    PID:4479
- - ls -l /system/xbin/su
    3⤵
    PID:4497
- su
  2⤵
  PID:4517

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mcmfmemnnpnlnjmomlme.leitingrobot/files/.um/um_cache_1703248971722.env

Filesize
598B

MD5
d2eaac73ee82ab5e11e45cba454290ba

SHA1
386d64571e7eb22c4d06b9b20b959da448638f20

SHA256
4897728da922ed7855e61306bc6e4d87de03e476c8a080bbe93b4a2c52d4ee3a

SHA512
ed9a99553a352a42b63dfc555c4bfa0dd6ad01449d2c7bfe946846fb1793f1c28e4b266b9fb227730ac8f5152756c72cc657d4b79b4363e73786a2061bc2bac0

Download Submit
/data/data/com.mcmfmemnnpnlnjmomlme.leitingrobot/files/eventservice.jar

Filesize
217KB

MD5
71a74f358cd5e52123fc5a3651c8b12e

SHA1
47a72e58feedca07f5aaf064ac8a4621fc76f71c

SHA256
66c2736532c79af3f30e97dd72823963e9e476aaad386b7759eb18347bd8ec8f

SHA512
8be4f612c8287d7ce7dad0d20b7386841d00add060083b5de782ce96587551a4095eeb390e551f4aca107747cae162f31775e1bb796d1798b0d8268a276bd06e

Download Submit
/data/data/com.mcmfmemnnpnlnjmomlme.leitingrobot/files/script.cfg

Filesize
233B

MD5
c80da982f0686ecdf36d92bb4e5ed02e

SHA1
ca94627755cc5c0935e4d758dfb72c62b4e6a6fa

SHA256
6546d5072a499f181aeef8ad57e0973a8fc855850ddb41ac882fda6fec3e959e

SHA512
41f26a5a7da74d258ea90964612822b99870068372583b3a69f1c29faafde8870af9a845aad80ffbf92d558f20c25e58622f9696ed8d987b4bb5bda810c91474

Download Submit
/data/data/com.mcmfmemnnpnlnjmomlme.leitingrobot/files/start_eventsrv

Filesize
331B

MD5
eb6dbd32a4b0784d2df79aded9f76924

SHA1
781c17c5f2483dd93b08eb692d99987d09d33a52

SHA256
280b0765dd4903632aa30ab6ac4c69910a3aa2aa07660f8c5c8d7017ad223469

SHA512
91eb232d9d9baa8f7e563c797c104cd1bb8ae7becb6002fea7ad3f9b037ab1c22bdc93ade49563903be6af7daab5b53a84cf3419873ce560fb6b98b478669cfe

Download Submit
/data/data/com.mcmfmemnnpnlnjmomlme.leitingrobot/files/umeng_it.cache

Filesize
310B

MD5
9d88e87ed5466fb58c994317d1765ae9

SHA1
b62f9a1233eaa2bcb3ffa55f47f767b2f958b33d

SHA256
e4d1f55e2007560a6852fe8466829e41ac730cb0c0ca5be8597c41449c7696cf

SHA512
60917f7ea1ee5ad1d3b284f3cb8f980c2dec858a07bfbfb5ad64ef3a750cabea729eaa068affb5909c31e893a6d8cab070b638ac44adb27f7d7a6a00d7444dac

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads