a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943

Analysis

max time kernel
2505372s
max time network
141s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
20-12-2023 10:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943.apk
Size

6.9MB
MD5

21f326eef6fda2c5d544c2b5e6d21f34
SHA1

c6d5a6a665ebaa80d1174ca3850f7af509bd027b
SHA256

a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943
SHA512

c298b6a8979eb8385f8e79f8349851fd0cec1570348537dfe46d98366781043df9a80b9e82ad9f0ddfa89d6b18e767534ab09cd3a6c48c5190a64a39c8ed4da8
SSDEEP

196608:IEIxhWPUkMgyy39KP6NKP2DlBhTtfEEgpBSQi63kV:ECtMC9wAKP2BBhTtcE8BiIkV

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

ir.hawijapp.myhafez

ioc pid process

/data/user/0/ir.hawijapp.myhafez/cache/1582435991586.jar 4623 ir.hawijapp.myhafez
Acquires the wake lock 1 IoCs

Processes:

ir.hawijapp.myhafez

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock ir.hawijapp.myhafez
Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
evasion

Processes:

ir.hawijapp.myhafez

description ioc process

Framework API call android.hardware.SensorManager.registerListener ir.hawijapp.myhafez
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

ir.hawijapp.myhafez

description ioc process

Framework API call javax.crypto.Cipher.doFinal ir.hawijapp.myhafez

ioc	pid	process
/data/user/0/ir.hawijapp.myhafez/cache/1582435991586.jar	4623	ir.hawijapp.myhafez

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.hawijapp.myhafez

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	ir.hawijapp.myhafez

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	ir.hawijapp.myhafez

ir.hawijapp.myhafez
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4623

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ir.hawijapp.myhafez/databases/zar.ttf

Filesize
27KB

MD5
85d3d05689d02be06399d1a16754889d

SHA1
3d234c4ad6590d8e57c80fee4fd16749477a3872

SHA256
08b8149b1e1117870e9d3cc5bedb5c168516f64ce21be7371bd7d306a33859af

SHA512
eb72b724d034ec36ade08ad43ada9f388a85ded3a88362eef865ce83e9f74dcbc5b9fefc3d84af29a0316d51a5da3171d6e5b80c57c6f4807172c0dcdd5497fb

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/03e5ce3409d2a61f2aff2e5484e48f42c6996876661364fb6560684772c1af02.0.tmp

Filesize
1KB

MD5
fdf1051fd28b86eff77ff23359cf62e2

SHA1
3d09c0ba333bb77795615050c9861e802266d445

SHA256
8cacce12c7fc2ade6626b9a7368b00b7fdb3bb28e817fd61041d9b6744888265

SHA512
a23d6d0b3ca6e1a03bedc252c307e24aa0f7750b88580c16b5fc8706bca9f8fdc3401dd6f6995ba23dbd9310c2d37c88713b57f234e818e36d798e23444ee781

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/43787700b44f001b988f63c215f74de75d683343f4f6c892addb7be5653e26e7.0.tmp

Filesize
1KB

MD5
2dd3c5eca2a17c75c6daf8421eef4339

SHA1
5809cbd0f40a4a228f8a3d7e477e094f8975de40

SHA256
0e7ef8271c97ded85c66c4bbc6925bcbae830d90bc23fe6bcc5ec98c0740b245

SHA512
d90f68995c235a66fc5b6ffb0ac5f7b08e4f7e41e590bf42db9c30f5fa9e11a0f1f3b577f94b2edf611df7b195bce346cb8ae5ee4a08edc697f3e070dd3ca095

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/83011a8d93a91d02ea79079503e1aac2f9ee9769ab1264646883955324ac6553.0.tmp

Filesize
1KB

MD5
3e09d227e47f849c78be88e636806ee2

SHA1
0298bcf8f0b6f4a7b27b4d290d9d79a5f5fd7a73

SHA256
0bee1ac971139090978c8d19a7fedd2a2415487f239abeda561adad0885deb2d

SHA512
002860b2b903ccf832cc05cfc9432c2e275f3eef0e3cf5b7cea6d67f48332e1764a820d55fa31f9903f01be4531536e38327ebc795354785ea362aa7a34dcc29

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/9b3b4801c43ec60bb2d3d33124615c067f2f64db313fd288ef7a8680db440168.0.tmp

Filesize
1KB

MD5
6b6c8ee62475c8996db88d1b89cd7a43

SHA1
2d8ab42e28f861e29df33bed33149d1d171ce547

SHA256
72d98f3c7bf5146609735a2d5d9e9a3e2fdd12b274acba063344645f708c4d07

SHA512
4fd2abd083527ec5f494f62764ce67bea77c5e72226f28f57fed34ed399299ca0532f0926b463735e6de2df906732ccb34776fde3214a62e4bc12a68bb810a9a

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/b62edcc3db13668c34fbd6ed3c5a89bd2085f3e5c4a38afba6a796c87652d983.0.tmp

Filesize
34KB

MD5
807b5e325a8f864475f00d814c793b75

SHA1
d068348737b2ab82d7ec3223a08230d1d3560bcd

SHA256
8ef5250567156af330a007475132e2c1aebad71ed815a80e69c09ecfb7bef862

SHA512
650b9bc9546851560f01c4526a5c0ba3954f9fd82cf86157c875f2602ee62bee9d41a13a9d96d930baceaaaf4ac4d810aa8a1b9bc231814516ff6677edbba5f3

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/d0b9529b6161f48627823e1a6d6de31e4155769d3fb637f1ed0bc3f95466c615.0.tmp

Filesize
1KB

MD5
47eca5244c543d47e94df34ff75ece43

SHA1
e4ac72763264c90e8a93a4b7043984a2cffeea48

SHA256
1bacf9e86a541a6d8d934e35446ef6772d0f7e6ebbb95fb7d2ced2b6f0a9d0ea

SHA512
a9fe2fbf0f526a83267fd6363092ce3d5fd52c55cb0da1afe527f53ef467df279c4f960127e5be6b9e199d825c51e3c5e8d8de22e9f6496d065145c29ceb604f

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/fdd3672b60544add9400b97b69669e66f6022352f59e634c203289a523694ae4.0.tmp

Filesize
1KB

MD5
f8de5ef32bcadfd4a77c3e6fb8a3e538

SHA1
8a5176595d5821c7451db66958fce036ce64e745

SHA256
d451480e513c3a46f3b4c7000b5ba193dbf46b3cc8d25273d2748c755f2ce15d

SHA512
5d6165652185d5a150cf09051f93b6ad6273c8bec37aacf3ae19ce522b64aac0bc15dac782f10c086ce3176300c3c120f124e32bde3cd2d4dcb112b08468745a

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/journal

Filesize
619B

MD5
681e723ed1fd3f1f763d38ea40a90d85

SHA1
5c7b080af10b833a7a08d2911e976f4ce951fd66

SHA256
68239b07e6b419894282b43642c1ac7a4300db4fe4a01be9165f3aa836a8f1c5

SHA512
5fbf06d4bad5788f3b16289224cdcd0b89be7f0e71a8641f3a04687800df8d35f94824422dcf5bf0915e2d619b845f23f6ac66fb9feea81c9f642bfc6527617b

Download Submit
/data/user/0/ir.hawijapp.myhafez/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book

Filesize
16KB

MD5
16b599fa32241d8d5b5248012c723db3

SHA1
e78c4df335ca338b47c6dd9600e669d65c56348e

SHA256
d5b95891e19e1bf2a5819a01991c565512afe6fc32439133e3cceb784b2b8481

SHA512
d1a05937721cde56aaed9272fab48f75f79563f773215cf0f3fb802532a21e95347c3198211b763fdf3a9a11284100649c1ef13de71281a0fd8b8f9b9841f8db

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book

Filesize
4.8MB

MD5
500f992754b1efb96570fa8c259102f2

SHA1
86f6382e005d1e6879766eb4b8b3c9b4348f7142

SHA256
07766e79a19fba457f68a840ca21933fc86ec530e6b4963cd0a384ca2a0c0eaf

SHA512
240a78a5611cfc9fc0ce57e3eda329747abe84f1a1e737456052beb5258b77f08b2a649a3ca75266faa9b4a50b8ad9512dfb6d2c3f31be9b83d050c2427d934f

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book-journal

Filesize
512B

MD5
da942d8b3fa62a84b9798d78c943ddef

SHA1
f3aa1547d8491acf33c2733f71331c5fd6ad2a8b

SHA256
95acdd43cb172774d343617c857e1960eaa730fa84d3dbf0d304b75cd8ccd003

SHA512
4f44f8cf8d42b4d38785a3ec0ab6add4d68fa6852884bf82fd3046343c454bf4058168e3bdfa0927043c22067673e5edfb4f0defbf552d0a637391f0bfa21a85

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book-journal

Filesize
32KB

MD5
0752732fb5d8dee37c277173f9dbd2ce

SHA1
54ff66c64bb450c329a68c62543d64de4aceb5bd

SHA256
adf29d2d96fdaeef2c34c058f5ded8f55aa326793a65e33fcfb7a860ad38b69b

SHA512
4506270fe7ecc04db564752b7074e0dd9f952ac6ddd9bd248bf23413c939b60d5b133d46a4abb1b2e4ab0765717acbf044840748b214e4852f639681e8eb7868

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book-journal

Filesize
8KB

MD5
7771d960cb881e24384f91c8db0b190e

SHA1
9ecf1b9ccf496978ff3ce65b9ae651b50326f8ef

SHA256
2611d0aeae79013e4158fd89dbcab17de067c71e9719b13a4cee4b0a721ce8e3

SHA512
375c7882597f8a214a741f280957c8f3e843f8f0f12b2d7160571e8819db5b3c03accae7c8a451a2d2e027ff583188557afb695324d673cbb573de48eba8b610

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book-journal

Filesize
64KB

MD5
c67f7643b9580703d7a8b49ef0f8a7cf

SHA1
2948a5873ea7ba524d0f3778f9160a6aefcbf8dc

SHA256
6e578e442ff101bf498ec7d3556b0010ed23e249ac6d9feccff5b2b008d44aed

SHA512
bf964fe343c180517dadaab46bdf56f9640ea9a4a536abacc86058c685cbc3291229397ed39d4c97ac55a799e710e575d12aba4cb6fd24d8356e3e10db4b049d

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book-journal

Filesize
32KB

MD5
84567510b3c5d68f8dfb5b46fde2d86e

SHA1
07884c78ab0671825f88fb24ee04ca1345ac7c32

SHA256
5138eb83dda5c1721856cc0251f175ef3791a0f07f8ad11890c920a8350a66ad

SHA512
9beec512f7158dd6347d5b94f511020d8e634700548fe4f728b8b3e8fc4a64cc37fabb5fe6c1450c826fecae21887f7ec83da05fce5a39c991e8688a40ad98fc

Download Submit
/data/user/0/ir.hawijapp.myhafez/databases/md_book-journal

Filesize
8KB

MD5
a6eeef2d3d9f817caadb1c133a2f475a

SHA1
a9900007a50d6b2ede462fc832e5ccdcd783ba4b

SHA256
bdd9ce8091316bb7a084d0de59e77d7d087c4a58537bd66dd5b219418eb34f9f

SHA512
bcc840071ed7ba5de7c898c51e857f53df7bb5ac1217dc0bcb258102d4c7ac0a2bd8b494e10e77a63c59bdd605190acb9e088768672ca36b14c1b7ddb18feb86

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads