0ddb2b097faf40aab298a5b94f2c411295fc086889a96d9b1e4c9c7355c04e01

Analysis

max time kernel
2867024s
max time network
159s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23-12-2023 12:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0ddb2b097faf40aab298a5b94f2c411295fc086889a96d9b1e4c9c7355c04e01.apk
Size

9.6MB
MD5

daedf912a2d13fb5e353c23bef3302c0
SHA1

f0456833a1f4a77ba38efc2ba765021a38e0048b
SHA256

0ddb2b097faf40aab298a5b94f2c411295fc086889a96d9b1e4c9c7355c04e01
SHA512

b6e85283f1ef0fa9b47db285dc5cdf22e0923c22c427d13441cbfb9d314e15dd85ba1d36c6d9b3cf009a72836e27d95acd28886787bab07f5577979c0daecc23
SSDEEP

196608:cO4rYye2J4LHAhPQ6nQhtnx7ntW/VWfgmBaLqR8YZzydQ6Z+OEmOxjWM:c1YyT4LghdnQhBW/qgmBaLqXJ

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/product/framework/com.google.android.maps.jar	5083	rabbit.web2
/product/framework/com.google.android.maps.jar	5083	rabbit.web2
/data/user/0/rabbit.web2/files/audience_network.dex	5083	rabbit.web2
/data/user/0/rabbit.web2/files/audience_network.dex	5083	rabbit.web2

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	rabbit.web2

rabbit.web2
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:5083

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/rabbit.web2/databases/appnext_dbs472

Filesize
36KB

MD5
1be1ee9c35da133ec962120a969a1e1f

SHA1
042858ffcbc01ab7ce48044bf6d591fdb796baae

SHA256
f88045045344854343ced4978d46711707e51a6144e54883a9d5f17c6786ac73

SHA512
00b233dc7e971f9c0aa3f5936b28aedce959e2b5a76f3a33680eb2112b89b445d26b0d49e693b3b81cf6901146407e463901105167d34bb977a56fab6332560c

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472

Filesize
20KB

MD5
94745738d5745ab5c371659f0214fd98

SHA1
28e07715d005ae75f358fb35f3040d73fc133439

SHA256
6d351d65440775d413cb6d14bfbe8cbd6a0c393caf7729a72f7974aa45220405

SHA512
63ef977544db1a52b72b97783ee53be1e9787563845455c111de9a081e0a9eec0be9644f0a2b0f7ef5b6527cd642e7fb227e5e93171718a671e43dfcfacd02af

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472

Filesize
20KB

MD5
625e09aa299c8958fe1f1af549f292ff

SHA1
2e11165eb37584c4cd453da6aa6ee6fa0f2313fd

SHA256
1238fa2e81caade789b72e67a0acd1e0fad22e0222231f643698b42445f3d318

SHA512
943cb8654b40bf3d2ccc3cbdb478bfa64fa43d275eba523a0e0c9cf2a9379ab8b135f92c33784a1cb8220ab1832be4af8f7df4f40cd7220593b3bcc7e6ab413f

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472

Filesize
36KB

MD5
7f7a284b956664c51cb48e966050c101

SHA1
30b3e96f62d2c22efdc452632f7d87633937bafc

SHA256
f82d56b88776bbcbb0e1ca949ee8b4896a489fcb962b811243dd09bca56625a3

SHA512
9e95504062f7ded79e62d6f4f04c8c3302a2e0925f855f83e1997be239be760804f18fbcbe9baa49b619d832f788d70f6461f43d2ef24ad79d5f7db1db1b0e06

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472

Filesize
36KB

MD5
bbe974b08a30d11ea70227996843bc0a

SHA1
dbcb39716b19f484234c135aa28c177a681b7fde

SHA256
664e8f7cc8873af6384d1ef66dff3dfb6b30368775d8a6571140ab763bae45b0

SHA512
37cce13a0ae7b3b9762e179a6ce72e47b3acdbbcbba2b34ce90244c7037d27c55b9edc390ea79b2deb422edc34fcd6651b05100fd11be71486d3e5638199142c

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472

Filesize
36KB

MD5
51537abd57ac3df4d820f7137951dd4c

SHA1
9e918123e88a2e48fe8ffa2a4852697790a91025

SHA256
b4a49f4070f48aadfb535e762116747d38c94b9ef4f49249300181cb1d64bf70

SHA512
817e61fa496899745cd3380a881202a3756ff703f07c8cf2729d1da251e57291319601fc0f182ba3e8ea07aaf238e1b358d1ca93e0d8aac66554a5556d55a735

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472-journal

Filesize
512B

MD5
604661661141b21d61c5f7431468327c

SHA1
277436cb8cbf3b6eaa3dadf57155f07708b12e0f

SHA256
e8e5c027ea79162b6f245a408442b929aeee08a5baef509446bb788adba1f002

SHA512
c3a8305940ba75993145fed376d3c22582b2b9c1d44ff7fcef19fb6931607b2d44c05ad567b65d2e03a745bc25d71670a5eecc0a19d632cdbe379e042840ebac

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472-journal

Filesize
8KB

MD5
dfd64e45ade6a14ae96a725a37aa1095

SHA1
00e747fb9f05fb6f8c1055fce0f9562aa4a91586

SHA256
c3bdac3e7ef9dae7fd072ca21a269c47fdb12f24fb997cc20e9e7f5c9c6cf72f

SHA512
f99353526a462d264a06795e162c39a5a387a81f6d9fd8e8b5de5f93effe6ffb811ad08a30f450a444388d082801a00c9dd6bf75575cde6504cd31ea47b32596

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472-journal

Filesize
8KB

MD5
009f6aadb11e5cf13bbc20b688060c50

SHA1
87ab7b56cd057993c09293f3653b748fc40e7c6b

SHA256
cb1bead2ddd524f3606af8a1502c85575ae5a0e7d84264110eef7691ac44bce8

SHA512
518e7f78e1d40cfaea2b8049fe737cfb5494a78aefb0bf5109e57b4c364fee211d0b9e44446dd87cc6a33ad7c13ad2baf2855d78ca002798e223614f245e743f

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472-journal

Filesize
8KB

MD5
fff6e335edf09f6789692d16f5189737

SHA1
a08b72408f379b3fa306360271564396c52d6f27

SHA256
f347b68b8d5f5cd038f38b2023913a73b475c9ef277d596bd73a8b35538a755a

SHA512
4a3116a798226a524a2a8634ddf11d70d6f59c47ab6699746f3008b81b9f491aa986826a1d9aff9b6dfeba6c38acee85dc7a1b3be3f9f1dec3579d0b946d462b

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472-journal

Filesize
8KB

MD5
0d8d61fa890112963c84d1a2b1baa2ca

SHA1
b2bab0e9b914b16663476f7b730559d06cbd8966

SHA256
e7c66aaad8d50abb481ae95ddd30480d54e266b0ac6ef8e5144b8476b7558539

SHA512
b534a3e30ff0f2b06a4f77a40d4bf74d0dd9cae4b0f969700dc10c66f81f272b85cc5e0fab379e4fdc3d63b410b5ff5a9efea1e40fe8462222d4b36d4de2e62b

Download Submit
/data/data/rabbit.web2/databases/appnext_dbs472-journal

Filesize
12KB

MD5
bc984a16d6ec6f77a95d63451543b3e2

SHA1
3cff10c54b91d9b2bd7bf1d8133b6f3ba8225fd0

SHA256
cfe4113b7041e15229f1cb5775be3e6336ffde9c43660804e9ab2bd335e25d72

SHA512
6c91e2032364364bc561c898e610540952445bc865392130c16c4b76472d247b254f61726f28e5f9f20ffa008684962d54574a1f7689c9a01381de5074e57a0f

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3b426844711115a89d562c02265be054

SHA1
c509a433cd79ef6618963d753ba7beda60e051c4

SHA256
aa5fa19d2e9629323c9ecddf657b93f2a3015e19c7f8f2f2a3e41546e8e8e74d

SHA512
ea777e6fee97d0713df7fa61bcb30de03e6e9c224bc4b3550a51e015bdcde30913de884a54fa70f7d9fea91dcf5166451175c298bb6cd5bba4b06fdecacb397f

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3b40630b765652dc13cb8ccd4b100be8

SHA1
37487efbbf4d7e578ad797046c2396d47e4d3f06

SHA256
210a4a5c73764226eea0484c7a1f6a90d9d69924e735eeb5735e6319a3c9c16b

SHA512
9631448ceb9d48f7cc719e6951992d55d26220bd965adb8c43e07a70b1e2844cc2ffdb40f23e37bf178d2e5aedd0c51e0555d92e606d063f46fd8ab825013921

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db

Filesize
16KB

MD5
214a9332dd4a3754a072e4de930cdca4

SHA1
3b3945fd5436f9783d25ce93e04e9983545c8111

SHA256
4412fc4cd77c4f35472f000300e425aec5eb94748b4cf9d97e3cb1e8a758ff19

SHA512
cf6693f1efef5c9942ea38296f9928fd69fd97bf2d6f2e9d5bbd50cdd5c6e7fafbace58a8c37700f75f124ca77a2c2232aa335d985a7ac9f48c6a573561bd3b1

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d1141163501d1d4733f296b098a55109

SHA1
4f7e485ea9be38a46768570ff6181b3222d8c7d1

SHA256
74a4419a40cd8e237383e9ec9a3a8b9c2cd9abd32795747e5fccb20bc8a73950

SHA512
c9d09c596e8ee96ccf92d630bcfd351b0ea0789b36a1b499e5aab678fed6a9089c1dc75cbb7f8067646b03d6120fb66b398088108263ecce07093dedb0fe697a

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7da53eccf1146250683e7c0b15f748eb

SHA1
d8fd57ef75087c35bac4e002ea292f28166b696c

SHA256
47b0a95422afab179a0f85507aa7a9bc00c2e4eaeb3a4a76ae8fbbc7003d9384

SHA512
89654bd2799ff2987362d09bff68e610e8b47de59334fd02c58389a1715d64d243e9a74c321a69781388dc2c2f74c60e6b485490edbfca58164fa69979daa62b

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
09d31e1b0247cb81c76c03b21ebcd6d2

SHA1
d0f7876863e8178b9f35dc44de2fb6bc2cbb1a2a

SHA256
1815e4cdf14eaff137d5a78faab4cc529954ec49d1bd029f5c5c1af90a1ee347

SHA512
78a6dd16f94463a9790bfa5686847539c39ed91bd5ddbb4a75132d9edbdc7c43567a8f5bfea7c4e289a020972a5ecbf129d0bc9fccad7560442368463a375ffa

Download Submit
/data/data/rabbit.web2/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7ec265e13b810f326990c2e87d5a9e8d

SHA1
c445103880f4a527fe2aa79e93227bcec57fdf89

SHA256
3e8db46e11b1f1cb998955ea248945f42a61ce1013fe04cc6aef416006af7dfa

SHA512
5c4cb12fee7c08f5909794ed3237febded8f9d8dd095b834c08ba9e3d6cae7355127490c5ebf9b9bea56ad8e6de863284ba5cfc492a1001ae83c6e000dac3901

Download Submit
/data/data/rabbit.web2/files/data/appnext/videos/video-749399-15_1702639087.mp4.tmp

Filesize
61KB

MD5
d339c07d36173158c6db24beb3c74d43

SHA1
45c1d4173c26bc8848237fb4cf4b6d032b6515bf

SHA256
186ad62a870ad4b5388faae119375cc3da1e58f031ff37d372f6f0193cdfcdf4

SHA512
c7aad775542a05a9d91ab5dd4aaf5efc8dac72611d30fc31353da9e52e9522e861d41f23b52f766090a4bfca2ff759e5e4b281df7613d1f728649085030a9c6c

Download Submit
/data/user/0/rabbit.web2/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/product/framework/com.google.android.maps.jar

Filesize
315KB

MD5
4899aca36d1ed747a447dcac0d101a62

SHA1
32e43edc0bf3e036683ea8639472e6cd31ab9929

SHA256
67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

SHA512
50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads