Analysis

  • max time kernel
    2526253s
  • max time network
    129s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20-12-2023 08:00

General

  • Target

    91f989ba53006d7710488227a800a5ee28e731cbaaa4ba71c5ab4f30c743cfe3.apk

  • Size

    3.3MB

  • MD5

    871d021d89e2c1f08d2ee8da43aef4f7

  • SHA1

    7941b06247ec6e4faefcf5dbb371c5dc61b5666e

  • SHA256

    91f989ba53006d7710488227a800a5ee28e731cbaaa4ba71c5ab4f30c743cfe3

  • SHA512

    29a8d38d0ecaddcf5cbabd562d7a63edf126453c3f686ac0cb1f881b48ee84e7500dc20e51c3c148d71cc703e4958d24120dcdd05d7f98b3de1d98521769cd3d

  • SSDEEP

    98304:QEVF6aL7fDW3v0AMYfccAe2pwFT0rIU3B8jtC8ikX:Q46x3vKcAXGTnUqjskX

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.shz.shzkisi
    1⤵
    • Acquires the wake lock
    PID:4272
    • ping -c 2 -W 10 -v google.com
      2⤵
        PID:4318

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/ir.shz.shzkisi/cache/~test.test

      Filesize

      4B

      MD5

      098f6bcd4621d373cade4e832627b4f6

      SHA1

      a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

      SHA256

      9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

      SHA512

      ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      b92215515e13ba85c90b89b6b06ccf33

      SHA1

      15eb7d2a9f76ad350507b782edfcded4fe3b5ae1

      SHA256

      514cefbdba34b364de9fdf9e7e61f5d76c09e481593d966f4d1fcb2c22a2d95f

      SHA512

      83715b4a151002c7f8f96542d6862ea2ce3e36a63a5ee7616ab91cb882f83827b32b3f954c100cecb472339bbe2e124d848eb73cb77e1aa5bf9723dc3cfa1a17

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      47d3ebfdec2e2b8ba03099ff08ebab35

      SHA1

      8b6a4bb26565293805e50d1f1c8298ee388e1b28

      SHA256

      e3afb603925d6cf05843b5d2fc1bcbb44b9f1fac0e0556c8135a31d4b792b89b

      SHA512

      e0283ab95e6dc85b66a37ea2c3a8796fba97d4dca6f7f872deeead83980ff1e18cf69ff1713e73d008b6da7e0656a5647abfcad431fcdbb2557fe021264748fc

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      934e884430ef65ac180ae1baaec4f3d4

      SHA1

      29f6b8f29ca6641735200c52d51f8f24f5cf8ec3

      SHA256

      704322500c7a13db61499b3111e4b79ef18f8e067db029fba18f9a1f4b911962

      SHA512

      c751abd912081c52ea454232ec76b7045d3bbb6e3de76d59243ff76b6e49657f3ec9e22eedc07ddd0faaf8abf7b6a6c2ce1f97f6b20d625a33004204346219ca

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      49cd656e318f3bc867d250c75d4dbd64

      SHA1

      07fa43c2c104a8c90b80052ee445339e39aa8821

      SHA256

      99ec7a270e33b927516b88b87794c262f4536d9c145408184b616ab1bd7f867b

      SHA512

      a622607c2115e2269f0ce2280c71a7f07d2bcaee17657290b57d26e682a1c044066e254779972cd70b9d1aedc1faefadc2631d342c763bb84364722c3b16b00f

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db

      Filesize

      16KB

      MD5

      7237409e0640cfab7bdbd429bf821a3b

      SHA1

      4c3da934842f8d4835dfe2a9c275a300e5123309

      SHA256

      5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

      SHA512

      c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

      Filesize

      512B

      MD5

      3cc4253aeba7188edf875464647ffca6

      SHA1

      bfb314052d83c890d60a3fd1842ee42365ef6803

      SHA256

      342945de78d5eaa5e437776bbe67fd9883c72ee33ed4dfedb31de3c776d973c6

      SHA512

      0b18401b586f892e4e67edecf18fdaf2d2b4f3c4e3e36020983dba33bb35fbecbd7bb127751d2b9551612d1f5e70e5081da8a0a5e6a825a62133e2882d2c5ba9

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm

      Filesize

      28KB

      MD5

      cf845a781c107ec1346e849c9dd1b7e8

      SHA1

      b44ccc7f7d519352422e59ee8b0bdbac881768a7

      SHA256

      18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

      SHA512

      4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      cd3722b0371059f9231f555ab6160a2b

      SHA1

      32f50d419b0707024b1b76567350bd7b52ae6e66

      SHA256

      39dac7ded603506a378d17e859e317e33afeaf8b87c338a4e34e32befc15f78a

      SHA512

      bf7de429614aadc3ec48ba4e7e60f34a40260e003aec9f406caa778b5491af9748ecef7d5621920639d54a37910528f82b2bebd4be28dfbca4c4a34f121b9b0c

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      e461d0182b117c3b7c99b329aaa4e957

      SHA1

      02358e68cbd5b2311188ac92c953824663a1fd3f

      SHA256

      78175c6db1eb6ec6297891a927c6dacfa850dafa62438e5aba73b26c159d1e27

      SHA512

      bf8187d73f51eb0cf5075d0cfa15425052af6f5654792756b5e064817ba4ffa7b36ab4aef2054c7ba33edecf665c68dede252c2bd955219d1efab696162aad64

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      6be4163d9903a99c0abd77ba41533593

      SHA1

      afb6d689d243d40365b43b3ec9bb3914fbcfb7b2

      SHA256

      ea977385a07e3d3bb3cca0133034db719897b425b0db4de118a64b1c86baf27f

      SHA512

      e78ac5e7c9fa53edc12d6ef5948abca887f2b4cab93306c1e9385bdeb9bd2beb7b1e57fb289fb54703fefdc5e25c61486dd2d8ec67f8825a53952bdf99a2295f

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

      Filesize

      36KB

      MD5

      97e69dc95024126d8e9db41dd2afdd35

      SHA1

      7aa1a389b5e09222abe4634c094375173a660159

      SHA256

      ea10f8498bfb6e5dc7cd2c2369de712db63def8b6cde4ebda058f62a20f8083c

      SHA512

      77d425146740da699185cdad625c68534dcfec46125940c7071545fcf099c56584262b4534e1b092efacbd28de6f2b980d4f64a89e1063e435ebca0f701ca644

    • /data/data/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal

      Filesize

      4KB

      MD5

      81d6ffb9473469608ce339d15e498d1a

      SHA1

      e49cf2132da89a12f8b4b9832007f75451ad87dd

      SHA256

      84db91131a57377d2b6b324da9efa542e527ac01895efc10613ed6b2e60a8298

      SHA512

      f6c74e87e7311d639e1b5d45b85342cf640bd11c45a67638d8096a3847489d831a96032ebc38aeda14bd9f9867fd9f0d5d3f070b2f0bcf69af2e1feba0eb625a

    • /data/data/ir.shz.shzkisi/files/PersistedInstallation1897332867107058135tmp

      Filesize

      90B

      MD5

      8dab578a1da0a47f33518fb9aac3bcdc

      SHA1

      888ef8767223c93d952e0346cc28a0edbaa76d42

      SHA256

      bc08d3c984bde9d4296385070c3bb942db71a8454ca7861fb84dc25cd270cffc

      SHA512

      a319d3fd926e604c365e45a2db4df1649062ec8d7d9de3b4e524a264fcd49f79968905e87805d15b5fd8826004ebd60e5e0d12d64e6ff2733d638146027717ac

    • /data/data/ir.shz.shzkisi/files/PersistedInstallation2673337136038570279tmp

      Filesize

      570B

      MD5

      0f2d232835d9f2b58b8d11b4737d8226

      SHA1

      eba0e1d3d7f7f2e75aac821c5590383c378be795

      SHA256

      13b64708efed5a069ece1070a5227d2a2441a65b9f6ee27a65792f5c25056061

      SHA512

      7c6121fee3ceecde569ad0f7a7f6e085858cc5c77b1116e1e61ab8b569d5c5cbed7a19c9757035876ee77a5e0bdd1aaa3bdebe77e1ea841fad2943537347e9c8