Analysis

  • max time kernel
    2379023s
  • max time network
    147s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    20-12-2023 06:49

General

  • Target

    8cfec8fa2f09d0d7d3b8f9a07d45e2b709c1cd5785964f7c745b81fb8a472c8e.apk

  • Size

    3.3MB

  • MD5

    33b2e37b4ee06fa3b1e3fb0879c6f596

  • SHA1

    50254ed9e4e13a3fca6470c83dcd9b06171af8dd

  • SHA256

    8cfec8fa2f09d0d7d3b8f9a07d45e2b709c1cd5785964f7c745b81fb8a472c8e

  • SHA512

    d98196dac60a90680d75ee64bd2467c29284864e4f99aa9c2e5946955b7379be3ded0a49ca80062c47e8222b0305c36ce0a0290435e17cdd31371da3286f0511

  • SSDEEP

    98304:kEVF6aL7fDW3v0AMYfccAhR+QRodxH8l37GiK:k46x3vKcAhR+QRodxH4vK

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock
    PID:4983

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.shz.shzkisi/cache/~test.test

    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    a985c2e3c276c9b051e3bd6758152700

    SHA1

    6c846f2a7af777a14823d0d8b54c639f19c069cd

    SHA256

    ef985a801fdfac6cb45d1ccd5788ba4b32a02a29b7a404f2e89a9b80083eb346

    SHA512

    755f5e197ac21faaf4f497d309966b1717fae55fcf2220bbf7cd12f30da416d435c80ca86620579d0679598d1a14dff2ebb4c0c6df50fc9073029b4f742289bd

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    0863b394cac0c4ba53a410fd2fce3db7

    SHA1

    d89287895ac62bde7386b1e5d945ec5b8e595c19

    SHA256

    3e9901b7d4909dad64bce6e5cfbe1db9e7437b046c564b37bb6eb1cab4eea0c1

    SHA512

    03bc36c3ff8287da7bb9128669bc58d1760ebba6ac0308e58cd7e7c23ca77534ddb13265f0b66b4700862b05188c57e647d766f9cd3ab02fe3455cab6d629c10

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    91c2cb4d56458a1a0e486f7651f45dbe

    SHA1

    2db105d2057fff9386f2255c8eaa99f7b1fcb172

    SHA256

    18842ad806e7c1ab3630a8f1e7be21591a58dda4fa092be24e99af75806f48da

    SHA512

    60e4b464cc3ca7b135536d52f2f724dfee792bf8bc9ecf06b13b0eb7f3c90fe7da988d2878e5698c8665ee6e32bc18f1533836c247b97df63b0cced21917664d

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    1248d7354b3ba7420e3d85ef5ed3e97a

    SHA1

    3211f7239b8fd97e78ca3e87a6aea7a13a4d463e

    SHA256

    6c5a199ea194e8c105656ea47150de4a759a460266084e547e65d0c6adab258f

    SHA512

    c83e1f5295bf36b06674d590fe3d29998c83ff3ae5d085018db8a39eb6f3d44c024e09bed39b13a7de45bf5f63b32b12bb53f0ef101a8e74de992ad21d729c42

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    eb52a90bb70b76e946b62f50b6f7fb85

    SHA1

    42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

    SHA256

    48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

    SHA512

    b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    69f680a0d676c3744f452e71853cf94b

    SHA1

    49d4d9cbab203ec0fd5c796458dad85a6fb011fc

    SHA256

    431a756f562eb256c539c54854f12273738bbb19b768929a699cd4d2dc18d9f6

    SHA512

    9729a74d4e042ce489e3aa854ff3c94c2cf1ed387627e05c5ee16ddc9bf77b8263e41e69731c69be79edf8d0e14697dc807a8a62e3dc432d463775d684eaf08c

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    a979525242833543b3ded2dce92447a2

    SHA1

    816467990787c5e9536d5c583f5fcaac12be2352

    SHA256

    1aa3872a2e824879b42a0e185f101ddbf921f52672b3539b7a1bb61418bd25bb

    SHA512

    120f0a73c5a970cc5a8c7617706740f8f7a8f465d9783b067c3ada9c00c15dd93af5f703a02bdfc4ce0416169328d35a962c317f0e5c50752602039a799c64d2

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    8c128a628200721cdbf19fc835f4a8b1

    SHA1

    31282a98f2632c0255335490281ac691b7c8731f

    SHA256

    56e37a242ac75a51505f0bd7877ac8d9d3228665a6e53fec7199ebbb958286f5

    SHA512

    21580c216d5e144a3f6be188ca4016fa0f993c3b493dc5e0a39627d4a051ed32cdb6fa1f6f1a8a5ff060ca4e527c3694e3a689ee39d3d9d62fc62a6f0d313bb4

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    617f7f6618a0937d64025f7cbd24642b

    SHA1

    41cedfc5863ec7e77f185594926ac4deaa74753a

    SHA256

    65d5e40dfa74e586033568f2a0d2b3d7cf1af2558516744a62e2e2b3d1634c72

    SHA512

    3ed992df56cc416a26d473511d9a9aaeffcbeb76efe3fccc96ab29b227f12b9b166e87e4953cfda959a502cab9cd4335b15071fbb73109e3af42293adf6f92cb

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    ab735da41b3d38f301e5a1e3349687a0

    SHA1

    e32e3505ea2de346ca9da1ba3a9356678fa5b957

    SHA256

    a17abaa3d729e24e837fb11ec7530aabb0e3881e7ed3b7bf1872fa3f76f1d712

    SHA512

    ada94abb013fdc99b0c861a8ecb063f0e0e3678e072c4cc800136366952c8775561f86ba8025f0076114aa9e0a6b4b1b3f8091498170356512d3274970faf9af

  • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    526a5e212ab99b2f3a2ffed20ca04f6f

    SHA1

    de795e7d65087d3de40796b6e1a5a37448167cc7

    SHA256

    d4cbfcec871a6a170fae4c98384eeb851aea5760ffef38daf52115751d64848b

    SHA512

    f1a0d4e3bca1624a11c4185fb8f64d7bb5998b2a82ca0c6887a3545f2a68ccfae3b7cdad38b1bfe6063d0ea45dcbba596803a57134c33b368b7aa11f25acdc83

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation2959564125483545617tmp

    Filesize

    90B

    MD5

    24dabaf70272e68cb8cd36296074da20

    SHA1

    8f1a7f37547f6b3ef251358420080d1569093773

    SHA256

    da55906b9e50d80ae9088c787c99779154e010c921e1dac9fd1efb77a3f4e8c7

    SHA512

    836390654a6326162bf3bc2111362ac5ad3289f26e55a9b093abbe236a07403b5ae0160864ddfada4b386e6c4bcfac4e28acc2e57f5d12a23ec7c91672f54e4f

  • /data/data/ir.shz.shzkisi/files/PersistedInstallation4799512691493899722tmp

    Filesize

    569B

    MD5

    5f14b983e582203650cc124e1f68de4f

    SHA1

    b19103f38f7fb115dcbdb42d8f92d17212869601

    SHA256

    80c218f5c4756697eb202b06d4f21d44d30780766a781119b4149eeb374bfc12

    SHA512

    941a6ba0db6ff60b4211ccf0a3880d0cfeb261bdeff6d3ef0738c744fbbcd728321d34b0df18fe480b3e247cb0a0bf41e0fa94fc160063ae609b55d24a8eef56