a0f220f64b4574f6e3ba6c88ed756088ccdbef14ca71684e1e80947c50eccee2

Analysis

max time kernel
2268018s
max time network
143s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20/12/2023, 10:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

46.0MB
MD5

1f43223e8048bad733c884ec2eafba61
SHA1

785236de5cc286f2721a87a0909d6b1332355b6c
SHA256

a0f220f64b4574f6e3ba6c88ed756088ccdbef14ca71684e1e80947c50eccee2
SHA512

87da789fb22d962d88c5cf57272f7366277fc20a8b42558d8ba4daf1dd0261dd2c9546844cba7c127970febdb469d110accc011f7a3685217d40883dd34ba19b
SSDEEP

786432:TQDQ0Dd6Ol0l9D3BRWZAkLhgAlFnTDQtH+Fgf7rczWptsM7z+RSQyPcyYn+6BMLS:ROl0l9VaTLauFH41NfsM3exPn//X

Score

7^/10

evasion

Malware Config

Signatures

Checks Android system properties for emulator presence. 5 IoCs

description	ioc	Process
Accessed system property	key: ro.product.name	com.shopee.fms
Accessed system property	key: ro.product.device	com.shopee.fms
Accessed system property	key: ro.serialno	com.shopee.fms
Accessed system property	key: ro.product.model	com.shopee.fms
Accessed system property	key: ro.hardware	com.shopee.fms

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.shopee.fms

Reads information about phone network operator.
Checks the presence of a debugger
evasion

com.shopee.fms
1⤵
- Checks Android system properties for emulator presence.
- Acquires the wake lock
PID:4267

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.shopee.fms/databases/_db_monitor_cache_.db-journal

Filesize
512B

MD5
b76e8e87fa02691e0bb04bb106fb52e4

SHA1
ff8cbc93747a506daf75c94b5306a411fa6d9fe4

SHA256
5b9392cd8f101b2fb36d9825e9c6249499b2d1ac3ec47b5fe773780c9c8c1d8f

SHA512
54384d50fdb68d99f0551a6379ea2c50f1c34314af8f431cdd03a7015bc10ee852102e62572ab6e662e9d08e39465d973bfb95d5de72ea763d2787f35c4fd415

Download Submit
/data/data/com.shopee.fms/databases/_db_monitor_cache_.db-wal

Filesize
32KB

MD5
281044160a4a2ffc56a11bd700c9c8f1

SHA1
c1cb439c09d44c07553f48a734c736bee0177e67

SHA256
e3810e5611934560646f464c1f9d8f3984eb7ce954403f33273e088dad85fcbb

SHA512
b357a63820ef5ba65a35fd1bcf450b7e916dd42ee791ec911dc7c55cd5543de92fc8b137b1685690a915147d8ac15ba4da752b1bf476b60672d400794fa973cf

Download Submit
/data/data/com.shopee.fms/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.shopee.fms/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
44f1fe1e8564813b594bad936cddc67d

SHA1
5b274d5b7f0f64577e793295c7f627255d4f67c1

SHA256
3e74a3a963d30411305a2d6172d1bfbad3c9a459096433f155894a86311898cb

SHA512
9cd8607b0e91e53ca052bf35d9bd094cb1edc2e1b0bd14e9da70600f13b08f18016c6d8043cdb45a74cc3a22b5fbcd823a9ec097884c2033ed83e5e35f8f579c

Download Submit
/data/data/com.shopee.fms/databases/com.google.android.datatransport.events-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.shopee.fms/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
ef380f4cfe8292a5e4b1da670203e6c0

SHA1
d3cda82a609c49f75fb7eb8724a9b753dd7bea35

SHA256
62076a975ccc6a0a89d4dc0ef094171656ce493840101a46d703d1d2c446029c

SHA512
b7649cd5ee8f08662dac47929ba537d5db276a2a0bf9ee6c7d896c798a2fa59bd23b82c8d3879e76ea864a1986eb15a10e16792d5b26a2ee29ccc5065d505373

Download Submit
/data/data/com.shopee.fms/databases/event.db-journal

Filesize
512B

MD5
85f975dba4d78c99659a5254105233f3

SHA1
f55231490078f74aa14e707d6ae9a3f5bb2f0447

SHA256
1df9330cb86a0cb57297f7cdd144b662c9f64d85a6499e6c2dfadab09bf55868

SHA512
9f18fe07d2cc1ba249a861e781e89304bcb6bc834099fb21cd1b8a5a84bcb7595efecd43b61c6b288e1c96a365e6391d20242c067104fd89a88f8a86c91e8855

Download Submit
/data/data/com.shopee.fms/databases/event.db-wal

Filesize
28KB

MD5
ae29b2afb0c89ec43e7422ee938bacb4

SHA1
cc0631cc1f5c21a4a646786d9230e4a90ac05956

SHA256
150e65d1057c708c8e8fca998f92191f77464cf1ca08d9578997f87e0b5ea7c4

SHA512
5ea39d2858cf75e48db2889df4f31bb346c52f245c5d09529c630db39aeb3b0a0ff31fb8601e7eee69a5fb04cbe6dcd683be2ea86c578964a3e9a6406575b7f0

Download Submit
/data/data/com.shopee.fms/databases/okgo.db-journal

Filesize
512B

MD5
cecb99ad1e5ec0c10e2cf1f6b89658d4

SHA1
26aa71d18ac2e5178c51b8c97f72854ce25eb297

SHA256
ccba7ba471511fb23daef6beb581aa99c68dc12447c2eef94df337f0771ce7b4

SHA512
e0556cdf2fc0dd2086b6aaaaf24c7a261df55d3f7c1f3f5738f489433ddeb6ae0bed2f6f9d5b2bcfdf357e58b04937fb52f79267d8e1d212ed317fcc07c441c6

Download Submit
/data/data/com.shopee.fms/databases/okgo.db-wal

Filesize
12KB

MD5
0deb1021b2643aa937235037e59248ac

SHA1
20fb33674c7d5d0f457382c2ef019cdde80f5d40

SHA256
b557551818b04a34ed2e54d63d1cfb805b286cb1dbc6e31837f4dfb6f2b505d5

SHA512
44b4ce51822c7fd1646b3dcb2e0599b021ac8270e274b11afdc6f697749798c401f5c8523becba5107303dd47656809f488487f0a2fa57ce69e941f0daf068e3

Download Submit
/data/data/com.shopee.fms/files/.com.google.firebase.crashlytics.files.v2:com.shopee.fms/com.crashlytics.settings.json

Filesize
709B

MD5
180c78cc32e9c7db3bcf401fe6faa56f

SHA1
c8ffdd089f65a4a2b95db53719cde2b982fbc31e

SHA256
aa2a555b9257165cd7e4384f9779decc48be71813203c91de6ef712f371dc697

SHA512
2efd755637d3e63f8b1c1ffdb0b54654dde76548d5b4e3fb62ff7ca98bfd47f330de97210981d6cfc23a6ea60aeef646bf6517e30b71da9381550ded6f956e06

Download Submit
/data/data/com.shopee.fms/files/.com.google.firebase.crashlytics.files.v2:com.shopee.fms/open-sessions/6582DCF601FD000110AB316CA3CEA871/native/device.json

Filesize
193B

MD5
0cfcc741a363860d646e0ceb2ee9ad94

SHA1
7d69dcd14d2cda57f6aadda608b621e703de6ef3

SHA256
0d5ffb155e109fb0f2eae734e8fe33752e55dfccd980220fdf5ad06b193a5df6

SHA512
57872f9009e35b85dacce1d838bf64d95263db10fd01623116dfd32a4c44c38950fd2876dfda1932e72531949f63321d33aa1977a08842f82bed56949721b3c2

Download Submit
/data/data/com.shopee.fms/files/.com.google.firebase.crashlytics.files.v2:com.shopee.fms/open-sessions/6582DCF601FD000110AB316CA3CEA871/native/os.json

Filesize
54B

MD5
3c70777b2debc5fb491e755d481f20d2

SHA1
d369ae66c9d5979713ee82120f8a34768680f0bd

SHA256
3c2ce3c463df9cd0cd478a9721c5095b57a1b65d7cb5d5774487e735ebc7e858

SHA512
7018199255c589fce33cced74f11e41e6ba39d4a7992380bdeab24f7772ed3064d6f866e387ce147cea9ac1b79ff86f29992d0d56e50992434daf2051cf454d6

Download Submit
/data/data/com.shopee.fms/files/.com.google.firebase.crashlytics.files.v2:com.shopee.fms/open-sessions/6582DCF601FD000110AB316CA3CEA871/report

Filesize
739B

MD5
8f1d180c5965a2356e8459ce92225cf6

SHA1
16025d90f9e378ecb38a02b3f0b0091628f2f109

SHA256
d0c1075fac0dc8d56a2a9418081a96e581ce15f31cb04e7d861b1945af7fd973

SHA512
bbabb38f3b492e6cb0672033f9ba1e62d13331bfa610d995ef11b9ecc22b7064ecc69280dce1a6ab709a2d7f20f6e07106749116699011a9c79cb29324b5f4b2

Download Submit
/data/data/com.shopee.fms/files/PersistedInstallation5451186785438386835tmp

Filesize
567B

MD5
ecc44e1ac32fc34f993c4be52f35318b

SHA1
6e325f5f292c1a77b61498fe96143f01e90ad9b8

SHA256
2f4a112d4b80fb90416e59606669a1259a4d6e92da245ce036f1bd05c8f22737

SHA512
58d714fd851b284b1bcc754782b83ed2ed8ccac16b09eeac50d131955375f0c63b96bb47ef306ae2bbebc3486be7b7cf2aa690d7c13e3ea455d7f4cf5edf4041

Download Submit
/data/data/com.shopee.fms/files/PersistedInstallation891510596233199936tmp

Filesize
90B

MD5
048017e36048fd2aafdffdac29ec7b3d

SHA1
6badd988cd599fb88e9c553e1723b50a3380cd77

SHA256
8699d7d1aaf40d486395ff33f830718e21897761457831682a903d08105f5588

SHA512
ea0656da6874da13473a455852bd9b671a8ab81eb70a5a714c026d6358f6016cd337f143b0ba0597011f340e7179dca272f3e8bd64c62de50081e6507ddf7068

Download Submit
/data/data/com.shopee.fms/files/frc_1:923805779317:android:a43d2de513a3decddbbf3c_firebase_defaults.json

Filesize
152B

MD5
144e6d8f316a7289dcb086060da475e3

SHA1
2117984078958934f9e0f1bf9444e0d42dbf6275

SHA256
93f2c7178c82c4e71e6947fd926a064eb7434e87be87eeebd536af99da834c2a

SHA512
d56a087b8035d428bae7f552ba75981a7eaeb097a2a62fe623dd914b475bf99610ef9684b4fcab7af04092337a2ada8834e9a5238fbe38b3388ccf5659ed5520

Download Submit
/data/data/com.shopee.fms/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
bc366b3c0627750db5bd52a10a4abf66

SHA1
94895a7c098917f5716e843da1535e6f3a6e8c78

SHA256
121825923e7556bceb5e5710209681214a7710cc2a9d5624fb0456d9fd8a7484

SHA512
f42e8a2ef8a095585ce479e39314fd8a5a8af4814d6860a594029d3d04df399bd5bf5c9669e4f8ac8bd846d9fd9b869074552624d98ef638a2261d6516c12fc6

Download Submit
/data/data/com.shopee.fms/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
873071f223437bd70caa6e0468cb1df2

SHA1
c86d14f221ea63dbedd055619250b84687929275

SHA256
91f8d78503aaa29ebfac49d39151263109fdb63c21d04b611dbce01ee1fb3508

SHA512
9534787be62e215a921e0e6ad7e8fa58b7b8230b15e1cdf3e10b384f50175c4aa8b5b2ffd6063ebebf6dd7b4200ae4b34a832fed3252b4d811f55087bee4c8c3

Download Submit
/data/data/com.shopee.fms/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
ac5a7dc363df3a88a7581ff23e3c4443

SHA1
cd42231c2050c248169952c7e2ef925badda4a0b

SHA256
9803b760e0373550005247193a381345e2012507bd658a1beffc64e5c01db545

SHA512
8ee709c771dadb9b99322e78131f47003fc3e58ff2c85dc533458ea0da627f54e6eaf21c59bd1e465209dcb50c1a56cb32b82610e3426f2828a7919a4f87caa8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads