Analysis
-
max time kernel
2524866s -
max time network
133s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
23-12-2023 11:20
Behavioral task
behavioral1
Sample
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
-
Size
9.6MB
-
MD5
599962ade280d1a893282195937c9618
-
SHA1
375af9052cd6af06d0cc76c4a21f895ded4e2db5
-
SHA256
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362
-
SHA512
1df97ee24779f156d235eb11dbb01bcd7ac816c96f8459672b66c7323d019380e81f27bfbffc1f850ff521e6556586f5137e039a6faadc5db0bd2bafb865313b
-
SSDEEP
196608:xkQmTyPTsFe1iffMellHT80iqQczCYzZvcsbh4J5US0wCvp:5ay7gjMellHT80p1c3bUfvp
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.alghameh.noshidani Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.alghameh.noshidani -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.alghameh.noshidani -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.alghameh.noshidani
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.alghameh.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/30e93c99-338a-40b8-b795-bf5618e036c4.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
/data/data/ir.alghameh.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/36036c6e-7cdc-45f4-9da9-6cbf1e07ceeb.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.alghameh.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/4a9b6c43-fdd7-46c0-80fa-bb1be4b26906.jobs
Filesize278B
MD5f28413d492c8ea30cab5e8c259a8078a
SHA13292585853d1ff6dd983c48b3ccd6638c4fd13fc
SHA2563d0713d5ec0a9168bace3a9873ae6c7b8e83c9b473ca162f7c3b121a17af5479
SHA51296dc6ec3072ac23d08d074c76873e9f5e785d2ba1465c9b826ed46de2f6143d2acd1925beca3937b9b1e509ccab1d07780b2d6bd2734d681d8e02df1a1f994c6
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
512B
MD5e533e898eed18441bfde53d98ec51867
SHA1f02e8fa6fde9fe655412635b4eb65fa041d3c8a8
SHA2566db210c5660b9c1fee8a3c5cac9007d5708e7128f56113c89d7f561e353149ed
SHA512bd776406452021db9d4e6cb599cce2ce671ff2149a36688fb50b21a7603ebd87b29cfdd87602f8085f967bcbca7a0b8094fd3e77f671b9b736705d0f9c72ab1d
-
Filesize
36KB
MD5083f0ecb1ba2da29ca169c224a011db9
SHA1ea120861dbd69e30ce7cfe7cf26554c2f382e0fe
SHA2560070490a254eb977f854a8c5f4f1a48bfec57366a7a0b964166e7d5aeea709de
SHA512abbf873c6b9562343e4b2c07c4727eb507479828f7a3301de0dd75aab904b0e36160f6b8ad5595d4c38506a109b1bb19bce0302288b9fc683df287d60f09f564
-
Filesize
20KB
MD52e5f986ecc25318e4bb7d4f24100206d
SHA163041272fb05f2e00b7d7f09e6690ae0fa1ff222
SHA256dd9723a334481c4e91ed4ba8046d34acc9d090a4acc4d855ea9c21e8334b3973
SHA51292f62ac7cc282e785a8306466ba598bd787430ebca20ede449bfd9ab90b3efe4ee0b0de66e4d600b35a3a7b3c16aa927ff6c1f742f6809f4104fa9b04b9d0e57
-
Filesize
20KB
MD51c547a8443e34ab4b32a7eeda39e5f0e
SHA1102ebdc76332bf257e5a01fee047ae3a3ac4ed09
SHA25622300472904b764ad7f111400e150ee115cb582489a7d461ecfc097c3d9f3598
SHA51243582b0f6161402d80752ee134a5db1cb6bc2c55dccacf42cedc207e9af250a118d3b5457d9c60d9aa702cda6431bc0a513e0b02fb09009add167237e5653453
-
Filesize
24KB
MD51f347cea6a53594be878e35079bdabc4
SHA1ae24631f83d3c875dd678040baafb5e64fc6ba6e
SHA25646cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5
SHA5126f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9
-
Filesize
512B
MD553da7a487210e4c461a36847f27949e4
SHA1111b78915faf6418f807f956a64cb3f54fe2006f
SHA2566d87227c5fbe3c57e8ba8a954e78da60bc50115ae7b9d59543f15799a5502682
SHA51256003e21a9bfeae2570493e5ad183b8815b76b5f8bfcdb348893009fd8dc7c6a282e55b4c656a2efa161dd8900a3d6f2b50db129342e692ce4676572b020857b
-
Filesize
8KB
MD5ef90f89b091b9d816b1bfb0dd9c4817c
SHA11d2124ae9749f6a32e66fd7fc0ebd4652dd3b70b
SHA2564cd53ec0e2611507c5c7bf264ef108e28432e9a47653e71b50ea242658611a19
SHA51287086b64011b2c83f0d2937c58f6d96012504c8fa02a136611fa8d2b220c9b9b813fb282b6b979fea2b97f14a5f2181aed6f464a8b5e2d6d4d81ddc327a035dc
-
Filesize
8KB
MD5f3a8dc070f810c0fc39bdff0fc0e6209
SHA1f75712849b54398d19b3a358117bc0d17ead2abb
SHA25673547e0c3d87064759a336271da09b01bf05bb1025c70c90dbb4acd8c3c3c9b0
SHA51206fa07a5d34aaa5fe713655331a047a869171904bf2ada170a3c708acf5257644b96390e9b34cf5603875c3019e21bbcce240365fad6a8cdd5a69c0290e36451
-
Filesize
40KB
MD582122bba9c914d995cbb25aa12319fc2
SHA17510b4e1e2028f7d9478cd6d9495b13d5969e72f
SHA256cd2baf6d907481b1cd29e6c608e8ee66dd783a4d2b896a2ad7247d0eeaf3f221
SHA51291bcc14449820436b6a10594dc04d88e9533028aa3f1c9a02d133d6ea0edc2971064d6ca0db5b40c1b23311e9c3fb68505a81a68864db3d8b5de45d0dae427b7
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD557d8bded4ed26e69b0e3b24186f94513
SHA147fc2bbf17cbdaf6ae510e3499b6e68487ceb4c8
SHA2561c0ee14fe94a84ac2b8844652ccfabbd8d8c02b4d0e0e4401ae8649136ef3237
SHA512a32c8ac6f03657a379bf139ba151ce33db2ef9fe2b191bb6ed39b47228536b35c5c95900311dac7090a0fcafcafca07772db25ae9703bce0b2c4b6d34fdfc334
-
Filesize
104KB
MD59d5bfb23f9a94d4596ceee87528f15f2
SHA1a2a2d1417abe3122c4c318aab2b73687f7053675
SHA256fc1d5c7626c76a931bcce54caffa281dfa692daadebfd87e1c0f782e7566758d
SHA512e3e3aa0a52d9e4b54e2036332f51593e5eaf9c688b145409262e019b79c2f78beb3bc54bdd7799fcaceb5dbde149261097a1acf8d0bb631b19abc69c6a80f859
-
Filesize
512B
MD5b276cfc01fc1d89f698a7ab3c15d61fa
SHA186de1d7afbd3661e1394f66275e3f48fe86e544b
SHA256093422abc2e8f3cc74b411734c6d0ceb1bd1c0bd541965689f16491071c2579a
SHA51228d6c74649c80f313949a2174e8a0a6569325ca442c915c07886642143c960074570c8a4e01528396a62568951c1a70df49525371f3f7448009931c7f7a1d168
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
32KB
MD5c6ccbaeaa2019642e6725206a7b222e6
SHA1bbcde36db9c6ec124e8e24d0e76780278ec54dbe
SHA256fbb0b6a0ee2d66bd4ee40174a61efcc35d5f422ee5eff1425b298198272e6ed2
SHA512f2bfd04c199a52edcb8bab57d27b002f746586f64f1d7a20acfd1cb04d6a05d54f4680f48cc71c796f0448678de5bbdb88b745cd72923919a8adf97a2a394d03
-
Filesize
158KB
MD5426179142a16f9ccf11b14af2c4b9814
SHA15ef5bcd7454f56017adc4d62e480de8540970301
SHA2564b4d274ee8b5c46e4fb929fa1b1d272c388cd36256a69bb6beaaf6bfb698a0fc
SHA5120c874897956081b92557259a8f99eeda8bd9db475aa909731f2da7b21e42ce7c14768115600646cc0984ecbd7f845c3d8092526f685cdffc35b876f257483b52
-
Filesize
1024B
MD55bdb981b75700cecff7e6f86bc918d3a
SHA1c1e27ef5fd91bb364297411173f853c50f9304b3
SHA2560b9781155a34cf1746179c37bb03d125e51968fde116995c4c5a73f2376b8d4d
SHA512466efa75415779bbc29987667b73f989947fc1fd2b2106ef8bb63e7ffe970d4281506071e39b600cf891c8e8f00c7479c5b2b692ec58773d57a8db28c5224b1f
-
Filesize
1KB
MD52497a2c4578ec950279514de3c63882f
SHA109eb326b69969b05fd6ae249bebbbdb0097da8a5
SHA256768c8c208e6a89ed6bad61cba6aa2c83a45c24f69dc1d7aa9496a989eda2a226
SHA512356cc91e48bcde8a1747c86a9a08da83613b058d7ec4a9b933ded4fed7a5b30a6c37fc36ad94e53d92b64e95dc88722fa619123c85dd992a3045bb60454776dc
-
Filesize
2KB
MD534d48c5def6880c71d5e4077a0ade6cd
SHA15a5e0520bafa34fe575746efde2b929bcf9c5e12
SHA25600cdbf5c77276d07bc4d6afddebd640b15f3c205014b2c45a40ab6abd0a6dce7
SHA512ff2add111c69381ec5b04655614b8356e87ba8ccb294445767609dc6c59d5c2c05f2594658e6cf24e5559967a05d4e402e0cf03473c7cfba23f030ce002cdb44