Analysis

  • max time kernel
    2369197s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    20-12-2023 05:44

General

  • Target

    88ed55e408a69ac963bc80173be23e143c605657bf57c4227a35771a6c24767e.apk

  • Size

    1.7MB

  • MD5

    b3ee44a7f894adef3db53028bb7fe443

  • SHA1

    9d40350f1194efeada8ed52768d55b13baa2681e

  • SHA256

    88ed55e408a69ac963bc80173be23e143c605657bf57c4227a35771a6c24767e

  • SHA512

    fe0190bcb07ae3282c3f058da8fd94f25a4956c8ce6bd3c5f0cb199996eccf7155dd862c352f252afba8f3c7e47acc0c031d9b56cb2e0bbcd800b2689e09684c

  • SSDEEP

    49152:Q/tUzTzXVgw9SwfAhRYzwALQgoVlFfjrzM:TzNTSwfOqW3brg

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • edward.org
    1⤵
    • Acquires the wake lock
    PID:4974

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/edward.org/cache/~test.test

    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /data/data/edward.org/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    1744a19f5a9d981f0516ad7f366503aa

    SHA1

    0d5f9c5ddf9380f953cee70d5980b79dbaa181ba

    SHA256

    d7654a56667aeac4cd521bc28fa04a0bdb7b7a1d3806855cab40712a88828b80

    SHA512

    cc706c63eb9d76a57ab477a30eb1699bfc590584004c44f3c70e9fb05108e2025d1cb1d100cb25c1e9eb8b031c0a82452e6e5c52c39128f2ef478266549e1203

  • /data/data/edward.org/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    e9419b9476728eb474dd96d4e7467824

    SHA1

    8016a29b8e399a50eebd0985e0f0ed7332927bed

    SHA256

    02e9ab0fa6482b5a16ff6a250ced1a59abb20cf4260aa7e63b606d5500b62371

    SHA512

    2c0cf92a8b2bb0713464e5661c26e40c1d9eaabe2270e8963de6eb4e185b7d0bea841b030766aeabc1cb0b745b8d1fc586c2eb45f2e8eed5bcd2845291cf7531

  • /data/data/edward.org/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    2a659c238abf4b2283a48017f1252f68

    SHA1

    41afd660ddbf51763c32d5f904334f4998ca701e

    SHA256

    e61af826feac3d706a986c07bb17cb548439091377124e56685cf2467517a22b

    SHA512

    67a7bc2034241bb6913b5ed6c6e10574a56d2c6f2731e7a06a56893c53cd6b30f50c459c6a30f52ad73b7f0a7219888d8d495551c9c14a6d828f0f6582fedd63

  • /data/data/edward.org/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    0cc4e3fed18f2c7c7e366262964ed961

    SHA1

    375c0ce5e65e48635f7f08a74b65a8e7aaabf41d

    SHA256

    45810fd507f1b0b45b0afdf5e044e86de797dcc454723119ec75572efed4e90a

    SHA512

    fbcbbe6ea993c9fa832ac15423b70c12836f5e0b3301b49995f548fe5cb3287576d1c2fd852ac3fb2152cb00136c4e8347a530c6eb5889e70d3cef7df49998f6

  • /data/data/edward.org/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    adf6082723784327d7d1b34adf974e7d

    SHA1

    b1502f70eb881a1dfe41139cb719fefb877ee37c

    SHA256

    252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

    SHA512

    762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

  • /data/data/edward.org/databases/google_app_measurement_local.db

    Filesize

    12KB

    MD5

    6da302a2e5fc0263420684f38a00e3fd

    SHA1

    9e1c35e91c3b84600dd8ebc10e072ccb91b5895a

    SHA256

    a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2

    SHA512

    6e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b

  • /data/data/edward.org/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    1063426cbb65fd69bb2a9f4119d6a2a4

    SHA1

    ff7a7991ec06bf76b3efac6dffbe38ed358bd416

    SHA256

    c7a814808b8e7fa5442b89e7c9955556728fc6c85919db1f15c02a5a1c463c9d

    SHA512

    f04e4df76b9a2472d06c66be104701fab2f72ecbd0cc330b79afcef45341f636a801cfedbcf117e6fa13bde595e7017e2c527344af0403df8b9f5b1c36102c58

  • /data/data/edward.org/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    1299e0ba3e834035282fc8fdb8676407

    SHA1

    55d5a66f6ccebdfa28f3df72ab6f104eebe9c2c0

    SHA256

    d0fb153b1f7877945e787a42cc66d9ac0b08a6a77f3cddefc39f9ef03b59a155

    SHA512

    ef3833ad5eecaa2754b398e0ebb3392f188c72d573d5b0d45cd4feac9c55d6a9aa09cb4982781389eeac823b12f5baa99e227fe49efad7df98deca1b4f1748ae

  • /data/data/edward.org/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    b0a2a43ee7970d335fe8e85c1aa152ea

    SHA1

    471d3ef19d0504273e1386f098dd9f5802a3d365

    SHA256

    98693c0670ebd6f661a96ad2b56d89cd1594f14860162967e7511ad7605cf035

    SHA512

    7e4bad46f1aa9b3550e15e73b6464badf882d57376b3324e98eff17a205996785e40a92092781b772a8388fb09615b6599675bd216e73e63bf7d928244b866a9

  • /data/data/edward.org/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    6a10ccaf75ed673b621ef5ef65b47dc0

    SHA1

    1a459e7d7cd25c0e8952c922e3e352332ab76667

    SHA256

    254f21a1d47b0c880bbca8fc477a5ed9bb5639d7b058af61f0f06dcd199b61f2

    SHA512

    5356bd42f1d9f94ad18e6d3e6a6d47116c7b219674fb24748cbc38c9efe88a4140cc81302706edf3edb126542857f334caaf6a9af7a66f72b4ea0666fe51d242

  • /data/data/edward.org/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    5ef77338ffcef5c18d82d292b5e4000f

    SHA1

    5365aefa0b33f290b9d97a74ba2cc0bef3deaba7

    SHA256

    ceb14da3bcf408de12d8fced19bb7f8254acfc10f069081c54325f20b1730d1c

    SHA512

    e61eb6fe9bcb58482f024215c67f78b7b9d9577d772105bf8be66f1d4464fb1dc3e5e20e634f79f7d9fba1408f0d8d45ad1ee7f21a8006a03ecde44ba634cef7

  • /data/data/edward.org/files/PersistedInstallation6984111879245495426tmp

    Filesize

    90B

    MD5

    3b05b1754b15fa4220530253706d69e7

    SHA1

    e6812904587ae1483720d421f0c5323f97d967cd

    SHA256

    568b4f7c9e6dccd24bb1ef4ae3e548f9c58f5da143512a3ffdc2d4ceb6f21a7f

    SHA512

    a60384707cce2fbcd4f088b751cc4ed206d8cfdf4ca502f4d041135b27f7ebdc147801a6269599fe2628adffcda39b4d732782034f58af44eb98e2f2e22c3248