1d72bc62ee923c8c7dfe0832d1c01631ed41e02a731680ab7c912f2b98b656b8

Analysis

max time kernel
2900230s
max time network
145s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 13:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1d72bc62ee923c8c7dfe0832d1c01631ed41e02a731680ab7c912f2b98b656b8.apk
Size

7.2MB
MD5

cb0e4583f9cf26c9fd7d74e10d79f00f
SHA1

f7c656a395c75e44d0fc7573ea3df2866102c67c
SHA256

1d72bc62ee923c8c7dfe0832d1c01631ed41e02a731680ab7c912f2b98b656b8
SHA512

bf6d38cb611d98804ea339a40462239f3b2797532c0ca18090061044a4c135c2f460403dc24836e73f96f5918809fa86d4b070113726ac44ade8824e88243b43
SSDEEP

196608:F6MhvyOvMuSsK+qxqvAIfiqNJ0OW2Om0QP+RApL8p:FCg/SsmavfiqNZWk0QP3k

Score

8^/10

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	ir.kamal.gazabasibzamini
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	ir.kamal.gazabasibzamini

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	ir.kamal.gazabasibzamini

Reads information about phone network operator.

ir.kamal.gazabasibzamini
1⤵
- Requests cell location
- Acquires the wake lock
PID:4468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/ir.kamal.gazabasibzamini/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
0e24cdcb748e687b13e3cc6f4b64069c

SHA1
1b65b15a6bde46ff1583a3b2ddb47b9759808f11

SHA256
72fbbc145e40c2173f651212805062d75ccee1e34a72536ee6e4b807510fcf5b

SHA512
c4e0580315050b2687e41a465918882d7698031f0cacdeb35de8a6809be8c798cbd7d8e5e99bfce2ec53b0bcfd1bc31fa19ecfa0cc6a6913818f087cd56848de

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
8b264973868812dfc11add4b3ecb100e

SHA1
f0105bc379c4fa646ab8e663004880076389a042

SHA256
bbb3981036469ea213ce66d0ceec040b909a4dc66ee7e2e8cfdf5652b6665158

SHA512
1fc0fe0261f74f974b8a6bfa35d7e5f3482fbee133e4c03e0c15af70a1f7553b117ca76f04ae6f28a73b4155604997cb1ebde35fb6a2646a29b300c279541edd

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/__pushe_base_lib_db-journal

Filesize
8KB

MD5
852aa967f700d8f674815e04cf934ec7

SHA1
db78c558b8147ccf6c7cc902f8b296edecc4817a

SHA256
cb712fe9b2e32ac1524129bfa4086e2f4bb17655afc21e96ac8024004c18b566

SHA512
5d806bc57fdee55e9039293557e5c8a1a2c471e85b63df0f5c794bb0fa07eae7b00606b16a25a96b448cb5c80b99839a4cc5da97dc04c26b999353e3995b5189

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db

Filesize
16KB

MD5
620b16877990a0b8456dbbea116b5556

SHA1
fd83b715f570ec1ac84c983b5abcc6660e997895

SHA256
c4fc2d4874ea6e0be690a7b8e98da4ea6b9e2479b5b27dda7f7e2305921096da

SHA512
369c77f548a271a9987291e64c2c79a37474a725036d0635ff4cea3c988c83ab60746feb62bcf3472b5a0e289f99678c69579dff43b150e7c4df1a2c2dbe5d7a

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db

Filesize
16KB

MD5
6390e59a8061288912c3a42f34d56018

SHA1
7c9230772800fcb85dcc5e18dafbc34b074487dc

SHA256
8a746eff995a8de2aa1005874ebe6d84e48345b3dc70cc18cb50129ffb91e511

SHA512
f4dc6ac292d69d53d5d6aac129468f3546a2594cd2a050834b9f003be537a470484b2124032d9ac68d59b8c425bae263d23813c130b39b7fff91cbd6f0d3db7b

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db

Filesize
16KB

MD5
4e7329db1fd307d87259f3bbaaffa8ef

SHA1
c97e0979461ce009cba5fb637385eec65c63f959

SHA256
d6e95416da22f765a0268b67d578ff012c5a3b1ea6b2d7eeb7d4e7a9cae10676

SHA512
94a01accd64709c3bdbc0b3ea42017f63ff6f34029ff7a773e322d6398769a16babfed266d119a570268485b6a8159f2812815d3dee25832944e7ebaa1aeb131

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db

Filesize
16KB

MD5
0dde151c69d2d55286d3e834304a5320

SHA1
0fd9fa61b0b5e0d7fd4f30ce299eb50a1db4f5b7

SHA256
816fe45dccbc312dcb979e297c02c48c27d2d2b67dfa40e3b3669abd1a790203

SHA512
bc453132205ef37bae753c46ca872dd1bf4c0676e0238f4e8db6094f0714c8742d5d3ce60b0936982940b9adb7680921da5f5dd5dd5b42530d23489659fb6f5b

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db

Filesize
16KB

MD5
47080e3bfcf2db9b8620f2faf6c5857a

SHA1
6f63c1851255e0fa99567f047382074b086d38bc

SHA256
dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

SHA512
e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db

Filesize
16KB

MD5
9d65269c82529891d36768d644e9577d

SHA1
a4bd34a0eba9bb27800ccd6b1e5e35ac780f073f

SHA256
6e0f0471e53281583afc11886d7a070660d6971b0d393c315986e93c2ed9689d

SHA512
dd44e8403819d539f24e7e67c216468b7a142f3b4cf3f42249490cd30a3fe455958eb2a1ecc17511a376b4deb6666fd2b2f69a5426c8b9bc059d8d2ed1242054

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
1bc12aeba2d78e8b10ae0b2ebc985d9a

SHA1
17af37d0ecc3b122f891f6503dcb59bea3b41a11

SHA256
c42a500f00259ccba2140471290103548b283185b4273ba8d15f23fd857fb27c

SHA512
7d9e650632e2e1832aa2bd38538ef7bde9ebb25a57bac87ad18c78153dd28db0064d400e69304b50d128f88d39b3523e12637e3d9616fbf5ee12390c42b6f484

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
a459926eae24da1dedc1750ee2664567

SHA1
030c204926aea6e6dd51f0ae9b703a292cb27a0b

SHA256
32815abdb8412b2926b08c1cc59e0c3b34aa23034aeb62935ff3fbc453e2eac4

SHA512
f899e095f63b1e4cf415a2dc6c6bf59af0f20ada166db4beed58271e5d678dc1e2630dd2c22fc6be7065ef497d695d709c85991105efe4046146ae0814365eb6

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db-journal

Filesize
512B

MD5
f46a7816aeb741ebde576b22a52c1ae9

SHA1
8924618a3e13000596902bd4957e624e2f9e08d4

SHA256
2177600380900d49818ae68ee9dbd976ea02f247808bc894a53a44c142e101e0

SHA512
08a54345eecde39b2c9e95bdb942617596c5cca24612be698be83982613cf4e98bb4454dc631f89bea4e88650f098f5cef4befd957ba5c17ca60d3f6545c95a1

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
e21b0f666c7b2ff987b87583a5d08a95

SHA1
3951e5ed19bd7710a8a3b0fbf2f427a3e708c6af

SHA256
4d261e97950d0593308e5d36f17472813ec966cf677ca00595d18bf9833c6cf6

SHA512
2b21d98d41816cad8733a3c6e76a4eed6a37b65bcbef74eef9f25995745c12d361063946b43b3b3c3bbb15e550875af277340e235ba9c351f111a3fdf9a5a6bd

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
2ecf4ac4240f65fec7efff0f7b37370e

SHA1
d168553ca46479de09cd482c41a0dee95b7fc18b

SHA256
011142bd917a74acf1645aa623650fab5fa4eb8d095efe30fb99add78660219f

SHA512
0a90734277590c9243e734534389770b49c518aed24e4242a2d24b5291f876b8e6475eec7e0edd806b7d3c49cac8bf7474ef51f5924efd6dfb27bfbb2a952bb0

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/databases/evernote_jobs.db-journal

Filesize
8KB

MD5
daa9a222166e735b0fa1cd0e4b037e8d

SHA1
6e2acbcf611bcd235d413ced6e6e3c88282300f0

SHA256
f149978c44e7fcef9479126df028993096ba30084a05ce6fb94d49ee87930fea

SHA512
5c79716409a29fd97bc1bc2428c9073809d3ed465eab754da4105f8185c0d08ec997c716f93b8db294bb33bbd3bd65958167327b3e1f4475a2128cd185674c35

Download Submit
/data/user/0/ir.kamal.gazabasibzamini/files/unsent_requests

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads