Analysis

  • max time kernel
    2526498s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    20-12-2023 08:00

General

  • Target

    924d6d57bcd7290f66a38a0821f3746e30d50024695e585e96827c6adbcc2b67.apk

  • Size

    1.3MB

  • MD5

    e992245b75c311b970fada61200fc78d

  • SHA1

    37a9383c824cc2c6a543136b04964b34586e22bc

  • SHA256

    924d6d57bcd7290f66a38a0821f3746e30d50024695e585e96827c6adbcc2b67

  • SHA512

    7cf29e54d126a436358ce5a1626a1f7e6a51bd92fad08122f6099fb01289e5c3b41cf38a08d66a20d0c7dde0b529a26f820e3f05a6cf7ccc58cc119b99d79a01

  • SSDEEP

    24576:1s2BhIzzQUGK9VayNYOdKwkAFnajuXw1y3/nyzeqaOe5qcJKj9l8SOC4e:q2LgQA9VayiEKwkWaEO9wOAK55XR

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • com.psiphon3
    1⤵
    • Acquires the wake lock
    PID:4247

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.psiphon3/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    b7bb86f842d1bf9393506d2af8c47e64

    SHA1

    dfe4a36e1904fe0288cf3b756bd1a280236b05f8

    SHA256

    93cc3a517cb70a4eeee6293ec2c29277219d01c2e48edc64c7bebd732c75ca47

    SHA512

    d16ee1787fc945b301a74858c1a63a21b37da7609c97e35dd77e8766eeeda6ab7dac13202f1c189fe9da4b3927c2d1985ab6e8fc13feb8786f260db8ea96031b

  • /data/data/com.psiphon3/databases/google_app_measurement_local.db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.psiphon3/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    097d6c0ace51a2ecbe4d5082a96e3eed

    SHA1

    c8147f99849def160d9f993f77a425745bb1a2c9

    SHA256

    77ace2d14b37ea51c5132c3bff8f8d8f8f11c90b30db9e1fc87c1e9573f90a7f

    SHA512

    29b85d6350b7e33a103501c77728f1ba1e7dd267a36ac800807a1492a31c47b1b6c6d4c3544499a5459c159bdac80eb285db44ba1ff4083bdd2f4bd34bc2b199

  • /data/data/com.psiphon3/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    92538f73159db4e259b691b26e20ca06

    SHA1

    64829c0ebb8ac89f2257e6dd2c22a84c1294db64

    SHA256

    dd5da5ffd06cd330daf187c51445ab2a33af6f627eec4be58f14ae9806e981b6

    SHA512

    83a1d0844954a982bc08766493c3483073122d1bacd0e823ecad723a9656fbce66aad429eba9fc58f24da0758d37b4f0e1a8aa648a0c268d7e90c1a0e0b9af7f

  • /data/data/com.psiphon3/databases/google_app_measurement_local.db-wal

    Filesize

    20KB

    MD5

    9356ade0a322f3173b7f339b7124ab59

    SHA1

    8f84e3ff3e86132c7c08b8bde59a18432e3d2675

    SHA256

    de0eef4e460b9b60139c86ef6c070cbd1051cf10b70aa18a2d5dfcf449e2744c

    SHA512

    818b1a1f2ccf804182f82ea1da170498f16b96281f8c8eb85eed9246d45f308123c197fa77cb869cd8c214abe60b2cc0cd00bd1825cbd9fa2e580bf91ddcf4fd

  • /data/data/com.psiphon3/files/set.txt

    Filesize

    3B

    MD5

    cdaeeeba9b4a4c5ebf042c0215a7bb0e

    SHA1

    65c10dc3549fe07424148a8a4790a3341ecbc253

    SHA256

    6ee0eb490ff832101cf82a3d387c35f29e4230be786978f7acf9e811febf6723

    SHA512

    a702ceb437e84f953fb015c343a9ac457d3bf915b73ec4256aa9f6b348454e9c9d3393f377c2fee3067f5907561b24214beb46e8f9b6750cd24239f7b4216608

  • /data/data/com.psiphon3/no_backup/com.google.InstanceId.properties

    Filesize

    2KB

    MD5

    4dec0656eff5de4b4b84cd91c42302a2

    SHA1

    62d9437745da7fab436d5670be118d3c3c1391d4

    SHA256

    11b3c3944dcfc7746b67d45dbc297751f046cbe6394e80278c6f37e280b7a8a1

    SHA512

    e10ced3eec58dfedc713c60fce66d9b32f93b5452943694038a479ead56ed33c897fc4c3f81fea901d19d5b365de164925f0eec6e3399b013f2ddfc0a5bf0904