902ac0644afd8dc75930fa19f8487339a6b474d8636940385bf019638bee0183

Analysis

max time kernel
2511421s
max time network
158s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 07:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

902ac0644afd8dc75930fa19f8487339a6b474d8636940385bf019638bee0183.apk
Size

13.4MB
MD5

73abc4cdc68f16b98cd7cd5164672082
SHA1

b5d105cbcd31c7be7fb33e0ea754a6a8f758b322
SHA256

902ac0644afd8dc75930fa19f8487339a6b474d8636940385bf019638bee0183
SHA512

37ee76271ca2aed7a101468af3321f1ec7ea94505f7fc46f5656c32c345e755be0dfa70afddf3b964425a6513ed33db3905f7e4daf1e402d3e816d64babc2948
SSDEEP

393216:imaBC9u9O4X9uGtUNCK54bOZkLx0hb2r2fZRpoWc:mBVc4X9uGtUXzset2r2ffpvc

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.fp.backup
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.fp.backup:remote

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.fp.backup

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.fp.backup

com.fp.backup
1⤵
- Requests cell location
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4506

com.fp.backup:remote
1⤵
- Requests cell location
PID:4544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fp.backup/app_data/5009

Filesize
23KB

MD5
5529d8e2e8e5a90bd02a6d78e0136fdc

SHA1
903b0beb0c9734db3c9636d9447c7917b2612c35

SHA256
23e6ecbd057fd703bd9520df0588b50f42079300a742dae57040254c7cd64702

SHA512
bd97a657d1dd7b5102f5d48f16882308e188e65458e77f83459d99a3073d12777b36d4290d857bd3ef7527c808adf9c2fdc432676ffc820867a38c5be04dbf32

Download Submit
/data/data/com.fp.backup/app_data/app_start_up_method

Filesize
12B

MD5
67dc355047b31db64c78f3b97543e913

SHA1
be92cc5667ab12f4f812d0f82c8377a194efdb99

SHA256
1bde54030b6e2219c53932d5780fa5b4f69df62c0ec184513144d29c0493e297

SHA512
36a25f1f1198e8bbc180e9e1331870433d7b98dfa5dea5e7911417d39fa7b65d0ac8e1013728cc12ae0721ee255d95e0a6f895b20efc5c981154a6975f64e87d

Download Submit
/data/data/com.fp.backup/app_data/busybox

Filesize
1.8MB

MD5
2e43cc2e8f44b83f9029a6561ce5d8b9

SHA1
f0d866ebd1bda1b4c4e99ee268ce400a2b4443fd

SHA256
c2bbccf5831d623c1fe19f3e7e2283df3496a79a561fb70dead7f3bc8b9e679e

SHA512
8772fc435c363422711e0652bf9faf4d6485e461269f0a4e3e66e05019e81c11cf99307ab6fd62a39c7e55123f18bb74703b51c5f8fd5233a5f58051ecbe292e

Download Submit
/data/data/com.fp.backup/app_data/cs.log

Filesize
16KB

MD5
b16bbf4e69b4c15617a18eeb486cb8b8

SHA1
f3648dc8f5478126cbc355b7bbfd30190b0833eb

SHA256
cb14761f3b372ae3cc775425d96fa14fc2a54562002392696105a5fa6e4ae490

SHA512
1438746aa097cc62abf5c0adda73bb1ca65b828c71e14e8b7b5d4f639e559258f635473b646c3fc40b5572855a5a8c82f6d3018f9d1083b57d7d174ece080711

Download Submit
/data/data/com.fp.backup/app_data/cs.log

Filesize
2KB

MD5
4824dc3d4cc8f5f46aa5da746b2620c8

SHA1
137d8bb0a38e90b5b7650377b19b451ca366a256

SHA256
b522ae64d4357c4a87799a2337148fb99090780236898cde7ef5b63c12cbd5b7

SHA512
93c6197dd7553cb5dd9fc8ab70f6a51a4cf38bd1e830238b47e8039c761d4869714614f4ebd9bd9aec1fbf76adadfa4ed91c2eda0a5e06996042571bedec0016

Download Submit
/data/data/com.fp.backup/app_data/device_id

Filesize
22B

MD5
063a3db0c52ae378ae7173d1ab6bad71

SHA1
7c1425580aeb1dff4dcd35ae3145a2fd781ef6dd

SHA256
101dff13b2d09b3dcc76bab8208d1c4de8972c7b2415501025af3b69ad822a13

SHA512
6eab88571f8c7ed1dd76b3ff494a1369f8fb497788dec49b816518dec34f77d64484b4b00bdf447d358af3fed5155a01cea2d8ffd6f859a9c8503063de5e8ef7

Download Submit
/data/data/com.fp.backup/app_data/ffmpeg

Filesize
17.6MB

MD5
efab65c8885bd5594996d41fd5d13b1b

SHA1
871888959ba2f063e18f56272d0d98ae01938ceb

SHA256
1f268a790407d56ddc65afc0b10658a646156bf535519345510ff8347ad7ea5e

SHA512
ed7046029b9f945cc55d4c9149eb12000d27a31d11d6b80ac24ba33d6da6e40de854dd7cb5a3bf4743b3d9a73653917ab5d0220697ff16e89ca0483be8428e78

Download Submit
/data/data/com.fp.backup/app_data/phoenix_db.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.fp.backup/app_data/phoenix_db.db-journal

Filesize
512B

MD5
8f10f249add6efc263dc98c6faf5e12c

SHA1
621c9aadbb4b21061290d5c04e62a55450ec9f15

SHA256
90a0a32876cf0f9c7031e0c652538a31cefeb512ecfa5f7b8f261373bfdcebba

SHA512
ea79d35ec738f0181f96bf11cef3d9faa85a82345ca479aa851a24e2aa6266bb4f000a3e6b02ec6b8c4328ba21225a0ea5c177e45eeec81e795a7ab86a01d730

Download Submit
/data/data/com.fp.backup/app_data/push_connection_history.dat

Filesize
748B

MD5
a42566308a60004c8583467da5e3fc52

SHA1
8551bcb39dbbefc2441a04b6ab079d19be5f082d

SHA256
931efd2375c6ffb6ab191972a6f8f4f57367ae89524282e346d6b0ea69ad7daa

SHA512
615a13084b457516ca0e1015fbf86c14da37eeedfe11547ddfb3c1c7ea6765a78bc5ac431e5b8ac21c3dd6e40830e82b087c6f496d90ff605effd58d5ddac98e

Download Submit
/data/data/com.fp.backup/app_data/system_url.dat

Filesize
397B

MD5
7be0709473f4901651517048e3e8ea2c

SHA1
dcc4eebcec1d7c58c3006a3918df8fa80ae752f7

SHA256
b42d22ee303a05de64fc30063740653ec76bf290b109c5e085d6b2a7d8feb465

SHA512
0dddcf316375d176de70aecb006f50fed335556e6d174aa0dbb88440632ff4bd2091af16f4809cb8bea592166d56437cb57c161c21c0383724d41bba025cac7d

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2d55b3e59f7279866804a43093199d74

SHA1
04e104d6da9b2abeab11e27654f58942732e4542

SHA256
8f7cdb243d6a13aa8c3fd30e32dfbd30a2550f2d3c483f7641de975c460dbd51

SHA512
a49acb4770aeba71bbda971221e27e7beb67c6f96e448fd7ef84815d3c55e1bc8b02259aa72309f85e8e8f76ebf744ca439dbc841386142444462967a6f9ac64

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2ef5568dc9388af00b6617483327da7f

SHA1
f8c205f74881c1daef5478aa106f066547ec442a

SHA256
b90add8a8f90b655f6601cdb30f9db403a72473e6753e1e177d7a30ae297c7fa

SHA512
d304258e23beac50a7b4835fa304883071247cdaf282f7c870a1459802d8183a1d732fbdd2f2ce1a6cf03bdd41353f52c53637995034b38bdb67d37bb9ae29a7

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d2e67def4df5a22613f40deee0df37cc

SHA1
ae20c48873f842e92f90b198b67a76bdf210e5a4

SHA256
d6c67275473dce1bb9fae882bdcdb3915fd3f60acffc23b25805059d9362dadc

SHA512
7cb5cbfa594d457c32f7a7697e66c4c57284e8beda744f1f5313c586da278dcb421ff3fded054c992f557841a950c7851024b66b75f44585691f5200a8c8de87

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
23e9e2d9972c0a7ef9fc6d7afd8df8a7

SHA1
d6551b08c44a3a563e5925ea592af0604b52e628

SHA256
a2e91161a3e62928e8be2044f939dd290d9151dbeed3033b3ec774ed867a0abd

SHA512
de795494ed2ad99622b819deaddd414c7d3f54efbdaf24543f2e55e2011dcc0608989f1b1ca6717f3cf8b03859f14ddbbe96169503a1349e83704e801998e948

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
74d8928cda168112bbba8108302cbbaf

SHA1
9b1ee7e1c0b6ebb94073951a91651fa644ca21e5

SHA256
f2dad0882ade5c161e59172033be8165ada453fef1d174fb949e37eba8ae00d5

SHA512
82f291b9c4bfffa88466e23c2a72d88bbc4a943b68b02b3012394c218be7ea54d7b6f6d9e87806390ee8ca2b2743a9d602272278675a87ed708af8512279b946

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
35b87840412b40fe5ad023a9f083e00a

SHA1
2d7d5a91602670d5f1cd9d26e2bfdc3c99e0434e

SHA256
d9c88924d45e5724058db5fef4c1180a1510674ce869dbe268bf47d2ff8463c3

SHA512
d1ecb6dd9b19430d6f506c1eb9636a548544a078b6d8ecb64606a8ac8aab173066d4105812edc04fcc065a846d41fc791665450d13ea747f27242b880e94970d

Download Submit
/data/data/com.fp.backup/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
beab5c5030dd5b80adcf0ba6ce3561da

SHA1
c8d22975d9b459d346be6310868e2551ab9ed554

SHA256
5f9f0d1f8ad93ce2ef778c024555bfb6a290c0bd8265987616f4c3c82ddbb672

SHA512
cb982ec1432b169cc6734f9085ba2814ea81bfdb55d93eb2d1c8f23df655aaf1ef1be90ef18a1a7170d282e84abcf80e023fc6d1e99609401201e7a2d8349e7e

Download Submit
/data/data/com.fp.backup/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
abf167fad2b83440a1d30719edc19083

SHA1
36250c0f013ca29ab2e4effbac01f45ee74ad055

SHA256
1ee5338a6d201c0b37b64fdea07e4832d5e90f09968daf12cd2f3133d186cd7f

SHA512
71864479eba072fd5808ffaac27efb96b5a5497a7b13a83894754cb7ff481ae44536822aee95e1455134dbce821507daec0856f7b3b7b359ea9cb73a83e3cda9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads