Overview

overview

8

Static

static

6

7c45bcc605...68.apk

 

7c45bcc605...68.apk

android-10-x64

8

7c45bcc605...68.apk

android-11-x64

8

Analysis

  • max time kernel
    2824705s
  • max time network
    148s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    22/12/2023, 08:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7c45bcc605e82a03c55b0fedaa3ea268.apk

  • Size

    263KB

  • MD5

    7c45bcc605e82a03c55b0fedaa3ea268

  • SHA1

    84d823e9f0b15d0d275da93203519c4952a14b50

  • SHA256

    517a81d126639b1cb3afd224e4490dc976aaaff3cdf923f8dec7afe242ab1434

  • SHA512

    21c962f8bd2e21a880b3a9d8141539353ce050b5cf52e46637a637b79dd21249b8f1f1a1c04ecb719a1f8c459c0740eab18653243971bf0121a0965e96e73e09

  • SSDEEP

    6144:OhPNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fNr:O/i6tQIwsBFa/IvcR9Ur

Score
8/10
stealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.okasa.ifdwti.mheryztaptkndjmh
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5105
  • com.okasa.ifdwti.mheryztaptkndjmh:RemoteProcess
    1⤵
      PID:5142
    • com.okasa.ifdwti.mheryztaptkndjmh:guard
      1⤵
        PID:5561

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/com.okasa.ifdwti.mheryztaptkndjmh/app_tfile/fields.jar
        Filesize

        138KB

        MD5

        cceb8db3b057d24673d49eda229e9892

        SHA1

        b18f6353b2156410249079a3b7b86ef3a530e8ee

        SHA256

        e900cb4c3fe9d8f45196a7457e9645c65b0f3cde820f4161950252cff67a4d97

        SHA512

        4a42cde3165a706e823caa1362001ed8aa647caf22325a4f2554c64fc4ebcd79afe44fe5eab5474221806f26e7aca9d2901026de6e597ef62fe867f123e4bd57

        Download Submit

      • /data/data/com.okasa.ifdwti.mheryztaptkndjmh/app_tfile/oat/fields.jar.cur.prof
        Filesize

        369B

        MD5

        6de41202d76cfb91657a014430e7f33d

        SHA1

        1c066a98ee1dae3493881522b42a6978ef72ffee

        SHA256

        51491488aa5999f64c4d74c50676559497e9890b2a3978cdc8f07dc782e945ec

        SHA512

        765ef4f4ca7a832af8677b8cb38b705a5cf809b6d321f7d86bcb03471d5e55d8c9b8dc04dbad9f89b10febd5e87b29d29e1bd36fa91259ba00ea863ad1225236

        Download Submit

      • /data/data/com.okasa.ifdwti.mheryztaptkndjmh/databases/tbcom.okasa.ifdwti.mheryztaptkndjmh
        Filesize

        4KB

        MD5

        f085b706dbf508740a27a59be028bc9b

        SHA1

        832a68bca54bb2c22e13389b2c3d782d42b71bb5

        SHA256

        0aaf976e6667e8f70c3162172774b481636f307e4731d436e30c4dcea6ab80db

        SHA512

        514c47d0f0e871868f8d7fd08598c100dfb487f2fc556dc5485d87ed70c5d5d177943b724111bd4b1efbef68d05dfc89063c711417c3df7620d04ae7d41c4f50

        Download Submit

      • /data/data/com.okasa.ifdwti.mheryztaptkndjmh/databases/tbcom.okasa.ifdwti.mheryztaptkndjmh-journal
        Filesize

        512B

        MD5

        59e3ec1bcc30e24d74e838495925b6f2

        SHA1

        5506866713d6b839281cd18d972fb09bfcb36f0c

        SHA256

        8a851778e6224118009ca0d9e5cd7716df5e597d6f68686503ec333909450e9a

        SHA512

        db0f51339e31bf3eede75ff13c5da48168ffbde6da94850b8abeb917e3132c524c25df60f0c936816e898219a3381354d27fcc6a689c6d38aa607455d49e994d

        Download Submit

      • /data/user/0/com.okasa.ifdwti.mheryztaptkndjmh/app_tfile/fields.jar
        Filesize

        281KB

        MD5

        73b11c4c10150bbd4f29ad012dc11dde

        SHA1

        65c83ad32c29f9811c32eda75d7fcdc92ef42dda

        SHA256

        52132037e9b950a9cb48d6374ee2c6747a6bfe776e13a726395771f1b40ee9da

        SHA512

        3e53b1ee22a00e60896da86d2695195e0965c93d190c4d1c0dba2eb5c611d670ee7693a9f8756858255e2b170cb82a753719dd4d6a827af437309b7a1dcc6f01

        Download Submit