Analysis
-
max time kernel
2524470s -
max time network
153s -
platform
android_x64 -
resource
android-x64-20231215-en -
resource tags
androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system -
submitted
23-12-2023 11:20
Behavioral task
behavioral1
Sample
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362.apk
-
Size
9.6MB
-
MD5
599962ade280d1a893282195937c9618
-
SHA1
375af9052cd6af06d0cc76c4a21f895ded4e2db5
-
SHA256
009d8701013880ceea7aa40f2d76f83bc9087d9ddf3b082f182189457c69d362
-
SHA512
1df97ee24779f156d235eb11dbb01bcd7ac816c96f8459672b66c7323d019380e81f27bfbffc1f850ff521e6556586f5137e039a6faadc5db0bd2bafb865313b
-
SSDEEP
196608:xkQmTyPTsFe1iffMellHT80iqQczCYzZvcsbh4J5US0wCvp:5ay7gjMellHT80p1c3bUfvp
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.alghameh.noshidani Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.alghameh.noshidani -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.alghameh.noshidani/cache/1582435991586.jar 5080 ir.alghameh.noshidani -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.alghameh.noshidani -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.alghameh.noshidani
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.alghameh.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e21e6716-53e0-4ffb-acf3-158de3d72a8d.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
/data/data/ir.alghameh.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e55e1c5e-b683-41b9-b5a5-cf5f3ac97de2.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
512B
MD552e2a73f838bc6781ae8fe53967c97fa
SHA1b07963c36c405444fb9d94a83d84aa5ee46f280b
SHA256a905a7add73e3b504542c43c71d7b6b2d6d0fd95ab37ae2446026be9c23f25d1
SHA5129b6bb92298455b29d6e3f49e516b86431a4a6ffbeca5b98d4c7efb7946802c96063aeaf35f353e469768695a17b356b5b1b223ce885116ed49281ded1fb84e5d
-
Filesize
8KB
MD548a063dc0ad7bf7bfb0b938f104ea680
SHA15ea960ceea2d43ee2d1fff811dc8bcb10e84d4c4
SHA256eb00bcdd39ba62b90baea5a6ba653b2815e984e0de2517e281d031babfcc9926
SHA512c3882035f2209063cfd07bb7a3bbb84735b6da4528abc7ba749de820f4213c936bb34d450ca54abaead5baa87e6d2e1f689b97dd958c2c90f1d1cb17e65bd267
-
Filesize
8KB
MD56e93c1720c09929eb13045e84d79dd03
SHA1290e633bc470c43d12a18053623dcd359a2fe769
SHA25640c87592c90588872982b9f99ed7eb47224a11b69a352311b3bc73453c4de6cd
SHA512c719957617b1a0e81e0c8eebaeafc629ca47cb250ad2790eb43fec7547be36d1291b2a036ae0609016e2a3d0ab3c283229d077afbaf777189007a7aee6871858
-
Filesize
8KB
MD589a5d916d64fd4826949808b8140bc74
SHA13e2c21cfc740091aaf87c98d53f13131eb3eee40
SHA2565c2f52560eb6e2e6358a3b85d48bed7b9f7f96202519ef7c1aeb36e59d3e17ab
SHA512372c01210f0a93cc469455ebb3a896fe54b0d44e2a80d32dee405487b3869062dfcc66fa02633a40949c8e4c20bad22ab27f43b0c84a4df5c4f2f1921346cf81
-
Filesize
8KB
MD58057afea199dcb830423213b1bcb02ed
SHA146b6b3951a0c15e689c0c4422100881ea70e2b6b
SHA2563e94a8fd7f30db74b0e874c8601fbd6143d11903cb4a046798e395bef67acd06
SHA512f5a803a2c35793c915102eecf4022ddbb65832db4facdf6f85ed1b186639540fb0404dc77d087a41b968457ea0e25aec2a4debeaaba72230c2f4a724948cc6dc
-
Filesize
12KB
MD5ea628e04765adaf4238a5dcdff4bbd51
SHA1a801947619ea8c368efe9c006a324dc6339ac60b
SHA256885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe
-
Filesize
8KB
MD5a107b72d3fc5a4a23d40215ff0166a7b
SHA1bcb591cc947f6460e96505b450cb361434370111
SHA256343db737c113d5bdfe233e4e6ab8f2f6809233656e6c44b82935e9874d61a003
SHA51233b425ca6697f50567983e78f870ee96e8ab75aea1e2c87aa13742b514b9ca9d70c25330cfcd5f5800f970e9dc54170baaa37c53239b903356a014779beda119
-
Filesize
512B
MD5d9a75ad1cb9c197124475e910d29ceda
SHA1fe6cefcf41bb01d6aff19fa574b587d5a481ca7b
SHA25682814fd85814ea6363398ce83fe7ef9f1a37ad0a9fd850750418b68461cabc85
SHA51247b13fc99f170a419f5c8d751635fb36d8eb30866b8a8175a9aa908dad4134641955216bfedc899f534f88125eb6795489730862c35bd86f0e23a494091755fa
-
Filesize
8KB
MD5a93ca15494b7f639ccb9368f266f1259
SHA13e0cb1143a58337e6ad25ff6b9c4e8791bb84a84
SHA25616e3e5f04f3567b029822f1d2c23d4f90aef3df126d62d62d52e1785f913f222
SHA512625b0153a0d5618e7b4ef55cbb827de1c9b8fa4c1d9d930f834b944a28738539c38e8e3fe2b16df07bd1abeea8f8899f26f53d1f32e70337a682d9b8585dec8d
-
Filesize
12KB
MD5163b0e3f017becbc89b9d7f330b78f09
SHA11ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA5126a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd
-
Filesize
12KB
MD5918cb29520c233f99ab3732ab58fb592
SHA1f38af70d02e850f067881d0815335bed3f69d417
SHA256aa56cce543c4fe5fc2472ffea6aeb9e3138ab8f711f0d33e4f088b131f02b5db
SHA5129d1fa165a29d875c7e64b5a8c9f48e5fb6cc20f6670845b8ea7038f74e473da29eb732e6e0b230b5b9d8035657ae58522c164240c4bca65539ea7b165c445836
-
Filesize
512B
MD5a29bc323311a3265304c6e2d7de457bf
SHA120d33ce2048dde5d1e848ca5582e56399e919ba0
SHA256704da64e4385f86fa69a714179d11787850c58301a06189f4d2cf8117ae76aeb
SHA512eece25c8125fec7123391d68977def6ab025999cc7a16c320a9a38539a78919cd007a6a95c9e0295cc8c08ac1b32ef28f4cc2784d869432b7df5f17b24c0aba0
-
Filesize
8KB
MD554adf094426646c5c20a7664c248da99
SHA14b9d9388da1d9ea67e453b1b06de93b92afa0b30
SHA256131e6513a86fd3000d04fb090da312358e49897b4279c998ef1b4ee7ed52a11d
SHA512d7e39ed99bdfb8bfdf0e8cdc1bd297699ba4a3d73f694cfb1fc723f94e83bd5a0dcd523233075975fa04f60253bfdf6e7d64332bc4a63799f1e71a877fad0c32
-
Filesize
8KB
MD538c5ddad43733027e1a59128bd92b983
SHA1e86452d68ea206e89cdf1dd0a25fa0f4da0898cd
SHA25629b963c2b86ac9c3071f7063ead0fd78e6bfc8ff53078eae1717e0445f1d14db
SHA512cd24bba2dc820813f5c30d279e3ddd2e022cfc66b4a3b3b51fc7e132e94e53bca3310311669c39c0ac51e91af7587f2c8201d8fd224be81ee57a77db87fdd329
-
Filesize
12KB
MD570216e5d7afb70f7facfec6c61f0503c
SHA1491db540792eb70a68794836fd473c746c27d87d
SHA256559e16051fac4114b4df6f9fe3401704802407e8ecc2082e2e77210ee1685eff
SHA5123035dd8baba9a00a114a14a95d463fed69e792cda08dca5aa5c36a87a5049f4016c349f0952968fba2d4a80db08f52077e0ee223994ab60ebefc715f36802b9a
-
Filesize
16KB
MD512627a2ec645c4a4bc50dba5903afd59
SHA1504005c938517e61bcf68b65a055c2faba635c2e
SHA256f177ffae9650eb4f407c2d9a510bb5a5abe1ece2fdfe24effc62478a1bfa5903
SHA5127ff69589296e02383a217373399e75d8a82fa17146e4273f4c0eb630f096dd9f394a3324d60858b02f7e5cf177c82c6d966f5cbedb68ae6a98df7cc851b79cfd
-
Filesize
512B
MD521f6f2596f12962a7c7c3cb5013b42f9
SHA19c168bd2b66f9aac1c07dc20703a331abe476427
SHA256f2f37e8ce6c0d9fb7f9e4d4130bb2f58d2238afb60cd47705633ce6e60a895a0
SHA512e88d806a966d0813f4b7ee266e8cbe93e09adcde95cad34ab5652851328e6083ae2c64fe70dac522aedbb5b95c2c3ce0d922f4f3f5ab645c2331eeedb53157c9
-
Filesize
8KB
MD554402e119cc6090165412e0a8197131d
SHA1bb8e97421cd62c768456fc6293113fbd3e332826
SHA25665bbb88757d57f9fdc7c1c693ce906694531957048ecff14407cc35c68b56fd5
SHA512563bfd7ee40dfb27ddfa40e61e19e25943be23bfb8fdcc1c49be08007560e68351d7e01c8bea61f033d3c9d39b762f10fbf952941b35269b090907a339d40a9b
-
Filesize
8KB
MD5b8f73c9ba49205410a96923cdf7f2ab1
SHA1b4229115a64776ca5fddb86129076c65fffc2fb6
SHA25643193d67f58d94d71c488938d1a46a754dc91ad9e173aa43223d3222285d1699
SHA512b61ab0cab35de84fedf835d7cb8a99a816a12252ff0d865f3a9e0bc13f4bf7d7e732ac2af145d25f690bbfbcab2da5d9d5124ccf9b63ddbac3046b201aa4635c
-
Filesize
512B
MD55bf45e137812996aceba9c559ba2fbea
SHA130b1afb8256b00e91d5271f11af666c7f866deba
SHA256ce355c204debd8bab424d5a4cfbe76906cc7234aa5f674a154614d419f4b5ca2
SHA5126c7ea97073a289b7fa9a8c2c709f0e36c303a76867576e623cf59f2c7251d5cfd7a29de45ff3aa5a29890758c58561fff99acd31b9b38a1daee619b12df22b96
-
Filesize
8KB
MD5824c121491d91f375ab056401920f1a3
SHA1e45ab0ab39cae8286716566bd90d8d494a9c7a0e
SHA2561ae278541739c9b9ddb5f60a0c03eec8314e1892619357a429a0bc52b1e48b24
SHA512bfdc5937d200ffe0687e8a5a48508e19fc26b8360205af563b641be5a12572a745c037d36cbdd01c3114c6dddb89d9dde77257142dbcaafc7236ba568a577e40
-
Filesize
8KB
MD5e528f8a1ffa7c61ccdcfdc4bd78bf265
SHA14c1bb7a922a6633bf9e86bb0fd19eb5c7fb89614
SHA25680f8cd2cdf87010ee4cbe6d68b7be5040e4d77fe9b34aef4c5cc94cec3fbcf01
SHA5127d53cabbbca280355db9541c2ef02acd65f10f7eda6297c1749b5303cc250c000d7cf76a634b51660802ee74b25d1d882162ad563725e0b31c60e9b5be5d7a1a
-
Filesize
2KB
MD5a0b3ac0eb05828acd21dd0cf2732718d
SHA162386839bfb952c35f7a0be4d038d3521e6f7223
SHA256f6cc1b2f4903724a088694d217e27098f90a22adfa2befeb6d5fc57f114e26c5
SHA512ddc333a561fa0435526a2793545a290e93acd4916e27485cbec3e600ca1dad4326d1cf4bfbef00a19fbede1ec1e8745956c5f600e80014098009312e3eb81984
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56