Analysis

  • max time kernel
    2532394s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23-12-2023 13:19

General

  • Target

    1e675599324ddf215a9b5da77a89c3502d7608af6b834a6f9516e3e801c6920b.apk

  • Size

    7.5MB

  • MD5

    2bdda17b2b584b91ae8bf51f5adfb0c4

  • SHA1

    8c3b7c848cf354be59ae11ef184e998ce523fb0c

  • SHA256

    1e675599324ddf215a9b5da77a89c3502d7608af6b834a6f9516e3e801c6920b

  • SHA512

    192d1e46e1aad5a5eefd0eddc5fef204100ae582e73809b60b7f358123b4a87d831113ffa210f2d89ab48b82e9b5270fa9406ef58efa327ed0b56e079481749b

  • SSDEEP

    196608:IJ9/P65zFU3pAeLnjW52tFxfwX+7ivdhiU1rrsOMgXj3:IJ9X2FU3pAeLSQfVwmOdhtrsXA

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • ir.teliyam.pitza
    1⤵
    • Requests cell location
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4267

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.teliyam.pitza/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/bef9dc04-780f-4bac-bc1d-6eb2292e485d.jobs

    Filesize

    278B

    MD5

    b0b1a8927adc6a6e2d735cbd7c4daf0d

    SHA1

    3bd9bbddbb8d6b3f7327c24006bc5aeb9341247e

    SHA256

    c8483470db0e74d129d55d54be34a038c8205784ee205f6c4b137da8fa0a58c3

    SHA512

    a913eed8d53109bfe5334755a7db6d29a38a9c22e701d8eb84d8d02e92fef26dd2e3ff6bddc366a4acde8ff2553d1516e0694e375b14688ced24f28fbc3df6f6

  • /data/data/ir.teliyam.pitza/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/c19defb0-4efb-4843-9394-ba31bf0c5844.jobs

    Filesize

    176B

    MD5

    f56f328eea1d5c96a1b96dbbf59488df

    SHA1

    440c784cacff61932e2f61580b7cfdc3a4943c95

    SHA256

    90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918

    SHA512

    36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb

  • /data/data/ir.teliyam.pitza/cache/1582435991586.jar

    Filesize

    9KB

    MD5

    e8e0527a01aefdb89afd2c508f131da1

    SHA1

    f1103e6b260c657ceb3d95f1b023af3fda8b133a

    SHA256

    f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

    SHA512

    fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

  • /data/data/ir.teliyam.pitza/cache/~test.test

    Filesize

    4B

    MD5

    098f6bcd4621d373cade4e832627b4f6

    SHA1

    a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

    SHA256

    9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

    SHA512

    ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

  • /data/data/ir.teliyam.pitza/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    4b0412da16e133e636584d5ecaa170f5

    SHA1

    ce155b0a7bea9f5485138ce6759573d2f6a356bd

    SHA256

    8b94c9d059ccfe3c5845bf0ebe4f0920c9f8a930d9b3722583c7b841498af843

    SHA512

    d1ef8e395a2156986d26e26f34ca8a073eb9ffcf0333d2301838b76f854e514f2df13f7fac48c7730fa5ceccb183812783bb0c096027554e41a94ede84e5a681

  • /data/data/ir.teliyam.pitza/databases/__pushe_base_lib_db-wal

    Filesize

    36KB

    MD5

    be120fb63df492107318cf54e0dc053d

    SHA1

    86d3bffcf763dca6ebf360116fe0918c652e4472

    SHA256

    0394dd928cd2c460c4a29122927f1b7675580967ed582682e2d24949bca6f7bd

    SHA512

    7dfaf8415c1eb285a17fafa6e479b06ba9ec26d48c5f421db6c7342cec99cf72e73457be9fafca33b17f1d31305cae778e58e4b8ba3c5558cbc6886c57556628

  • /data/data/ir.teliyam.pitza/databases/cheshdb

    Filesize

    20KB

    MD5

    b99ac6f5f701cce3acc860294f3e88db

    SHA1

    5030079814399f524656a455ae29fe99668fe1ae

    SHA256

    ece9176a39f473c618c6c1896edb0b4c6b8c55ba8acc2f5b51f906141d2e392e

    SHA512

    e72bf05c9a95887ea76a63dc6a09ed4cbcfc4d3b00bd5c22c035a0d55ba195e7e33a066965f955eba1f872ed3ba0c78efa6bcbb327be8adf21e5d6db9d04a143

  • /data/data/ir.teliyam.pitza/databases/cheshdb

    Filesize

    20KB

    MD5

    97e0b8fe064f4e94020ea2b1b3ab74f9

    SHA1

    81a4b2a87301182e2d4d4fb0583d0a9a68258f84

    SHA256

    7844666db7e9fa78cfe1e96e6175efc90a9bc6f8772c49412aebcd61a01bc221

    SHA512

    9c986de81a6e6d9569db36922f7f19310d69ad4c994ac723f8a6ca6bbabdccc7725f4ceb0d1aa17745c808c440c170fe3f619dcbc04b55b60037d441b4190962

  • /data/data/ir.teliyam.pitza/databases/cheshdb-wal

    Filesize

    8KB

    MD5

    ac7bdddc8003ec678a91ca053590691d

    SHA1

    b154ef8eb8f9e7d13bbd6ba488e11b1abf632d26

    SHA256

    3d2547a6f4d2feb7ebc5e74a42f41cf4efecedb5c8df822083d202bc3818b848

    SHA512

    9fea54eca8b32d0233cd4bbd5003780083d60bec77417f268451df76c579b6d7453fd5bbca8187c45030c648403f8a223f9ca424d012ab5cba7c5700079baa51

  • /data/data/ir.teliyam.pitza/databases/cheshdb-wal

    Filesize

    16KB

    MD5

    780fd2f168733056712f69ab6861ab3b

    SHA1

    989e8f6d9383914c07fbcb9df41e253f97ba1fe2

    SHA256

    5f69baaf97727d4f1fc93b77b9b905664db5782746b166fc7b7179ee1aebb81d

    SHA512

    6ede3656dfa6898ff7efb3629c57f13caa938ae68c5fb251d8588192441c827435634c9c88fee5ef41a11c9daa7579dee48268ceb12a519d3b463dbbe3062b2a

  • /data/data/ir.teliyam.pitza/databases/db_default_job_manager

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/ir.teliyam.pitza/databases/db_default_job_manager-journal

    Filesize

    512B

    MD5

    cca174bae75f0319db174b10d8ed0fe0

    SHA1

    73b3ec50f0d8c208b57764bc3a2dc7a8129002f4

    SHA256

    d3f9e29e5f4eda60dea426f6960ab946a96356b7dc58386208ddd66e8dc49a47

    SHA512

    29452449f63b8136807182a13d8045ed3624a4a6eed03d87b700fb9c9927009a1deb4f2ab19b106629e14f12b76aceff96aae3427fdf0078bdc1f6a6aba0b179

  • /data/data/ir.teliyam.pitza/databases/db_default_job_manager-wal

    Filesize

    16KB

    MD5

    24df6f00eca4c6471a1d4c403b12434d

    SHA1

    a2859ce364045d8014ede3f96280c232aed7c974

    SHA256

    a8cdd53e5bd17af68e628f0d4f422f2798142701eef97a588ac08070d5f118ab

    SHA512

    ca8beb57f6928f08a5fca7c88593c003cf26a048b9b01216f9db8741b6fea4fa0e637839233535609c74e461cdf895244ec6580ce14bb64680e454f6995de5d4

  • /data/data/ir.teliyam.pitza/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    35d0c089535ab9c84ca6494b1126d20d

    SHA1

    497ba95508c6d34a7897d6e9737ab59fe28aa3cd

    SHA256

    ef824d653e09a502fb0857ca06f781fa405947fd17ff06f6f9e59988e4e0c0f8

    SHA512

    b7626375f553c4a1633fb329a349b460c4ba230e765740c0d2c2ae314d2991d1a5f9a929bba75a209ccf89196d4db3850ac19bb196c7de9bda9a08a62295fdfb

  • /data/data/ir.teliyam.pitza/databases/evernote_jobs.db-wal

    Filesize

    36KB

    MD5

    3b5cd86b1a29b47df58d4f59990b65d1

    SHA1

    8e2dd9464fda0cebd22282f10c9830ac1ae4bda9

    SHA256

    890e2cf1c71c134cbe2f2bfd485567f8e370b9a10e8248f0fc78f02228e2a82a

    SHA512

    83133b6dbe5a8f67a5830a01e1172f06d382f625fce16dbac3882fb2f27e340f42dbb839e56c90eb4a5f01428a1c33795b0622c37a1e35bf5c9b63cccfb0da16

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7237409e0640cfab7bdbd429bf821a3b

    SHA1

    4c3da934842f8d4835dfe2a9c275a300e5123309

    SHA256

    5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

    SHA512

    c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    91bf7e3a00adf70615f824d3de4b2fbe

    SHA1

    b9d4306f1bff0e42a1b3b4fc06f10d8058966a18

    SHA256

    bfcbaa2e66b113d48baa474bf289185839df92cf5a26bcecece196feea010584

    SHA512

    bad49487e182c2772e2fa644a1f820ae133d8a9e69759bf06815d48fa94f7c116be5070b59083bb6412b4bd8e6f60c48c32791aadfaea8f4bd63d20ef81a5189

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    b6a801cd387f9437c0d6b09cb408f5f3

    SHA1

    7d8c613ce3309cebdb7d7f5de503cec70d1f024d

    SHA256

    56393148ef9b2da4c5833d99868422a7e5eef3e516c0b4bd8c2a031bd7308ec4

    SHA512

    423782fbb52cc0f611b117fbe7e1f1b15c7dfbf2095e00a766672b4b90237d33bddf5fcba62a06c912c9ca39af94d39feda0deb04d77c0603d266f66d2f1ac14

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    7c4c4e8a9ff0ca44444d09c290d9b991

    SHA1

    2d3f6b856fff463915cebbc942b4aed6ab8f14bb

    SHA256

    119955849e2e5c782199326128973cc20e8d19a8d61b184ade6887c324e4ccfc

    SHA512

    aebf23f8ffda7b77e8309694f55a94e561f55b8500ce0db3967fe3e8c1ae0176f85976d6b21314d19f1a5459866d1620b9a1cbf2acd993eb0324179a924a4bed

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    94a8e965947d11d244e9dc74c95012f1

    SHA1

    f1cd300101504af120a70dbb9bc634ee27b0a033

    SHA256

    692d8b2b82d9ccbc80e78cf967de2782b29419be080088bb3ef050a6a795b191

    SHA512

    ae286b715b0f0763ff20e9a7610ba95a3fa752312cd174a54b2f38781029e8d7b2a40f053863e1bee393fcbd72425f0b37c3dc578728574771342a20a43c1650

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    ae40eed41112b3a4aeebcd6aade5f5f2

    SHA1

    7eb0be0aeacc160ed4e8ab173d9b42b204be6de7

    SHA256

    ef05bab1a95992ea26046167012f1d67767d18e08f60e416f659027fa0b41855

    SHA512

    9cc6d59cb015beef6527c185ae271a12e487fa055761c525d8ee946d555fe56a631662efb73270f44d65dd02ed95012849a8572297f5c5f7ca040dd362427d2d

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    070dc7f484bb8850bcce43183223b15b

    SHA1

    1018b890f79545c33976b4e065ea2644e114201e

    SHA256

    b34baf569609005a74e30675e5923294594ecc3f2454fa0e05219008ca70e357

    SHA512

    d9bb5595a0055616da7fcc76bcab8da8eba09f16add2ae57bd726e458b1446f1935ba00426611e80926992ced8af9033baddcf9d5c978ae847a92c1f35737410

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-shm

    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-wal

    Filesize

    36KB

    MD5

    6a53d782605b60a02c6330a4afa3e485

    SHA1

    98e648f8ad9248abc0eeebce5cedc175ba38872c

    SHA256

    7100d7af3735a5b7c0f087c7c17b4a07684af61ebe2cb5b82fb8be139552bf06

    SHA512

    20831afb81f61467b0739c879c21234dd7af8217ad91be7ea35c5633260a5101b05a991365ec3f7d8271d6a41099446edfd05b515c3ba0b2c06833a7ab7abba1

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    c5d305dfceb445b6e124d734f875ad88

    SHA1

    d41d1559b3b622841a69d26102e8267ecf7de222

    SHA256

    dac46f620dd132d85344e9547cb2bbdc8daa08c5e2ec38f0182aa33e117d102e

    SHA512

    ed83c0a1fa5618878d5de5daf130a8f0b965a3caafa7f9e60c5ff59fc3dc64c27566126705958f65f8be9b9717c102bee19f8753f32d0bcf1c2b6437358d4f3b

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    1d2a62b5250347c3b2a3c83627651e40

    SHA1

    b00313adb5e517930caa132fd8d1286615dc863d

    SHA256

    0bb6738085acc45bdab640d6ffe2a88473bdde0be9b3790fb1d2fcb2649b6169

    SHA512

    5c8088d8089cb15362a0edaa2eb87f79b14c35249f0323cc0b3c8496736d724cb438580a5557e3cb8d3f6467b9b17d7c6254f31ab1d2ee632611214841c13bf1

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    c59c9ab01cb96b87893a4e32f0ab79bb

    SHA1

    7b46f55649dd6fbcd174d6be4ef6a6391025dd81

    SHA256

    00b8330a0db9845846fb96d5ac1bfc94cc5fd90e4d271d945b26b07b7229af23

    SHA512

    ec56b793c90da1f683d10ebedf78902658060ed804c5c8be146ec876b95d46d68880590074e2ef7c8200add3f4107f4668c78fbb1920ac5d547beda02dafb0c5

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    b7593853a7a3eed588dec86729b75275

    SHA1

    801fa4a37e0ecb25742ae66a58cee9e76024b425

    SHA256

    4ace3b09f57879be1b4b32dfab366704a19c7c7c921b9393c43a25afa8889e46

    SHA512

    0037a1b7ffabcc1e6f97902830546ac291b952bf03843eee8f433773738fbca3cdb8603122820df6873634af06760f3b9b30fa0ff4864f5eb4f2093932d34789

  • /data/data/ir.teliyam.pitza/databases/google_app_measurement_local.db-wal

    Filesize

    4KB

    MD5

    ec055e9d0f01018f0cd4fea5b445f5a7

    SHA1

    d54a3c0399feeaae63a0da8149e6b6939d8857df

    SHA256

    e998d8e201ca5bdd4cfe3aaeee47a2bade1f961335e4c5f25a571e16dd2caccc

    SHA512

    3290a54a92da9cdd09ea68585ee136fcff53ec3c7eb4ef515d90c58786562ea51ea46bece9131b465fb6082b2d989dafeaada4fd4b7ce02e7452578669c33f39

  • /data/data/ir.teliyam.pitza/files/info.db

    Filesize

    11.0MB

    MD5

    d56fb84ee3f26a08155c405e43aa71aa

    SHA1

    7572255fd40394c48059e1c16084c65738061f6b

    SHA256

    5fb16665932c76666300538f9f8d8551e4b879e5ec377043824e6ab5090252a1

    SHA512

    5664f3aa540f367a366207b613a92f8844d9f55941ed536eeaea565f74c1c26eb269dc2ce46f2c61732ca615545fe015109454fdf90e7800dbce601480c434e9

  • /data/data/ir.teliyam.pitza/files/info.db

    Filesize

    1024B

    MD5

    0bf98355abf60d6e355a60b16cb4465b

    SHA1

    d7f9208b8572b98897595146c4c88a87d47e6df3

    SHA256

    52c6f0147e220a9c3dfcbe66370d0af26d1075e4d48ce6ab10cdd0b673e3a580

    SHA512

    c747cd36d4ad6614fa459aed707f21c564330666c12f31e4732bee21a56e083e7cab512817a828bf048a7f62bfe7beaccfa5ba0fcc39759503b814552a5c55a6

  • /data/data/ir.teliyam.pitza/files/info.db-journal

    Filesize

    1KB

    MD5

    0799e2f26b5fb24ac0c70603c1047fed

    SHA1

    5bd9d8988a2c014fa3fd49a9b0ef51b9d52bf990

    SHA256

    11dca8e7497999c6255e766e4ab041ab0d58dbf1dac9b655bc449c1683310d71

    SHA512

    b1f78c446a29b345fcf90933a58237d5440a2e71d635ffd77ce94e77e5cbfc7599a365144f8fbad448034d508ee4852d0c0a8f70418959c98957e9e8dd0bfabe