291999407f5354a13afa7d7ce195185e9dee1444728a32b40553bc4af9e88738

Analysis

max time kernel
2680504s
max time network
163s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23-12-2023 14:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

291999407f5354a13afa7d7ce195185e9dee1444728a32b40553bc4af9e88738.apk
Size

18.5MB
MD5

029eabf0ec957678a33a28a39764e587
SHA1

d952bff62521a7a5e232d9fd39274fcfcb80ea67
SHA256

291999407f5354a13afa7d7ce195185e9dee1444728a32b40553bc4af9e88738
SHA512

79711d59ea595596dbd60acb7375b57ed866981da32f8d4f4f6b6eaac774ff9f96da6a3583285e020564853e00812fb8559bff9ca59bb4085df2566cba448c93
SSDEEP

393216:GrYFBGRUAJSYTVPyDFZNAyg+3RvlxHvCD+phqDMaOAKUSk0B:EYFsRdMYT6FZKygch/NpwmUK

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	ru.mail.mailapp

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	ru.mail.mailapp

Checks the presence of a debugger
evasion

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	ru.mail.mailapp

ru.mail.mailapp
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:5017

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db

Filesize
12KB

MD5
6da302a2e5fc0263420684f38a00e3fd

SHA1
9e1c35e91c3b84600dd8ebc10e072ccb91b5895a

SHA256
a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2

SHA512
6e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b

Download Submit
/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0043e17d2378b7755060f60eea1cd1a5

SHA1
7334bbe6d3da35aa58436c11c510aca04a54796b

SHA256
141bb6e95b1b8bcf5e5fc2742f567b022f3258b8bb281296b06ee4c1fd307581

SHA512
32cf3bc64a50f20ac4b0cccd7b4ba0d885ea64455df33aeee1abf72259084d4fe02eccd7d3eac4a1be4f5b398ec2b9027c6ad420efe265ce82bcb0a6828d9dae

Download Submit
/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db

Filesize
16KB

MD5
78757cdb1197caeb942f0997d7892ae1

SHA1
f45cbcdbe6a779bedad697d821d0bd48029465b3

SHA256
15e310a0637792095298887eb72d182154303eeb530e11751936f8ff67bb833d

SHA512
8091551fa98d7299515a917ac64085e9e1ec3d66df62d0399bd619870c1f6d01701632441e403dcdb01e6190d65e2c48919186e321a4a8a6a0bced3b4b4a9926

Download Submit
/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
54d91016a5068c0f636f0f80d6013f31

SHA1
09a4098928aab5a5054e094a9fd600f6d42b8d53

SHA256
73bfdae6a7bc14ae60dccde57274d2d807d7c0c6f8a0bb00cae8bf2bccb401ea

SHA512
65bcc58b2cf58d0b59335eb589499d0a02d769db5cbdd7d7b8be3e2dfde19802c2887249a694ca37ad7ffc93553a7018308a5a984e5b3917fe1640119cf557aa

Download Submit
/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0b732278df4326fcad4e420da968a1e2

SHA1
773705411ac733855d460f3b90d9a9ab218c4c32

SHA256
d30b5c82fd86bfb22c5a6cca6bd49d574565023d2ae43b0121f0a659927bc628

SHA512
514686a65c1f0e1820400609f2b8ef0658a6cbbfd3ac4896f03999b7519bb857b6fad33b0cc16bf2b04e885b50e01df6e8c450aaf986fcb57b16e1c65584c4c2

Download Submit
/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
4305e0fdc31060bc41dbcbdb31baa423

SHA1
7a37cac735301ae79e36cb59198cd453cabd348a

SHA256
ed846e1ada48029d5f568653ebbfbe4b75a80454bab008dd2e6a584e1664661b

SHA512
f1b89280746d41021fe4db56117b8c91f6130bf0d68ddf3e258e331ed9b5ae5714e6789191ba7a8f22caefd64b66df40dfd47439515727b58150fb08bcf3ad90

Download Submit
/data/data/ru.mail.mailapp/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
390985193939e2e5f548dfed8e7010ec

SHA1
e66355e69df83127d6b57bc759cd59e37718893d

SHA256
7f7a4656d04b7f615c35e67b5a9f7682718428a6d6dbad741a284921538bd841

SHA512
92f6f1c6eacfddad08a2bf233aee6de5fae988de480714444540aac98101cbedcc1eddcc9ad3692272c68845c6ed7e6fd8dda984101e947707c8f25b205b85b8

Download Submit
/data/data/ru.mail.mailapp/databases/images_cache.db-journal

Filesize
512B

MD5
df170834cb9ab66395f7c25e4ec61937

SHA1
2079c27d905837519ef715abda726821368bc8c8

SHA256
dac1e395a3feaae13c74dffe5681935ad2d6a2f2deeb75176c2bd60d4db7392c

SHA512
cd7deed79c27ac6155c70f040ff2853e898975eef285176c6f52a752580df0bc0b7244150659f1f1bc5708ac1548839d381398caacb8eeee042df8ce66ea2c12

Download Submit
/data/data/ru.mail.mailapp/databases/images_cache.db-journal

Filesize
8KB

MD5
79d1928f493b7f76f9582f4cd2329e25

SHA1
db809f0028859982838edc83736e7346197ed4bf

SHA256
105e85f34ba2eeb94141f80a61cb47f11c1b0c5855dfc3af1ced0cde158ab374

SHA512
ccfd47fb79cf452248378ba395b41f1875bb7bcb5180c9bb73ca48ee2fcd9272065ac1e249974ef9704d5b8b79208cd7b4a964f23b0c2735bb4c347f1584e908

Download Submit
/data/data/ru.mail.mailapp/databases/images_cache.db-journal

Filesize
8KB

MD5
5b931c5f23e3158251dc62cd51f9861f

SHA1
3ded9921c52dd5d83227c7844ef9ed526c5e7a53

SHA256
61736a618e15038e216805bb26a7e955ad9bbc866c10fa361eeca9709832f402

SHA512
f35e60010d33a3e7db412d966a941b0cb734c8c92deaf526e8c35c8f1170f92bb7dfdf040e329999a6e4f624f142f407b562c9541262cb4889870ad43e2ced40

Download Submit
/data/data/ru.mail.mailapp/databases/mailbox_db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/ru.mail.mailapp/databases/mailbox_db-journal

Filesize
512B

MD5
e402a07ff2561b92f32b8da69eaa8972

SHA1
d6983dfd686c0d01576180942c5ac73806d9f162

SHA256
b97dfbd3bae3f2b543c719914baf12cdc911d1a8fd227b144c313e050e6cd06e

SHA512
ffb090996bff3c904134c6187f31e77b0aaf45006b2c3162d1616c78c7ec79e33ca0a855d5abdc771cf8c8b4cd429828ae0648c7ccf485de2c2f8e33a1111bfc

Download Submit
/data/data/ru.mail.mailapp/databases/mailbox_db-journal

Filesize
8KB

MD5
e33e789549d3f095a4fd628c6c9607a0

SHA1
7a1a3b7e2c6692639919cf8321b70abcb829e92e

SHA256
a298a22bc4db29b1c552c82cd071d6fe8724deeeb2a10656dd578b95a0e53e05

SHA512
7d44619bd5f156d9cd49a1b7d8e922877ca1ca7392eed24053e06ae48b791d9cc7064473a26d44710a69a441b0a32ae1d2a0f30b314dd814f2bfbf020cb66347

Download Submit
/data/data/ru.mail.mailapp/databases/mailbox_db-journal

Filesize
8KB

MD5
9b6517212f6e2cd31375e4ced6f22a02

SHA1
3297dc0e7f46c284d0f433c7362e9a294326aaf0

SHA256
fadab33a01c070f281fa7b73686bb1c1dbecf144e210f59aedcfd64e808f86f0

SHA512
875732d2e105043ce1e92c1a1651930085d8a0fa484a1c1778c04d1c8b9e019c0eaebf5e3edc292ee8c61cdce00693f875ec4ea5fed145dedb250e7e34307aa9

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db

Filesize
28KB

MD5
e1cd95785ef765b8d538203d18910db3

SHA1
5ca64ce4f926a86e2f8f97630421fb986057bf88

SHA256
4d1ad8ed2245b010b6cef89323d385907a8c0ba6dedcf5f8b9aeb49b49c41bb4

SHA512
74eccb2e24e3a47d935d21f2ffcf229c5cbf89f38d71a2027a14c4cddfc4ce02e9658ca45e907debf8413b6b0e7209b5f657cdf1ddbfe04061d69342d013b8f1

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db-journal

Filesize
512B

MD5
dff0d3f5364c38017b6c692107b28cfb

SHA1
9438b5946669783b1eea31e06bcaca0bda22d392

SHA256
3ca6055590d964627caf1cd7e5cdb5bb8e77e697a67f5af4cd979c30ffdbfabd

SHA512
bb4771b5a55f74b8453d16ce8c67ebb0f136f93af989c3619b0ea2cb06486541b4ba8dfd3b2b62c7e4a512a0db573a6e8c6fdb9918fba0b702a6e9687245179f

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db-journal

Filesize
8KB

MD5
546adc7066e697a2a6e05e68b820ee07

SHA1
8e07d86da6ebcb9a31b4f1711fc6e96d4c994f06

SHA256
1a21156bd3af950463d8958f860d9162f63153c8945cdc11cc14402f0c5d2728

SHA512
7ca12d411f66e178d5bf70ca133c6e1d4af6bba92718a6bb05369057a19b2a5e4bf62087bcee3a256d641e54507ca8944b85dafd18694b1e780a39b17f531a22

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db-journal

Filesize
8KB

MD5
c4500b241a7841c06508691ebd065cca

SHA1
ebda9039f710dcfdb3524036da2a7d3f903feea1

SHA256
b0e4216c084d2ed94b04997d2defd656bfe3d18ba90ecf84d548538c44e4f849

SHA512
38d6a4474f9f0046317d1b4660420fa3935653b2001252aa32c6924042a58f10bcb45b2398d84f754212fca1cf54081c8d003040bbd63af212be21555da6eaeb

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db-journal

Filesize
12KB

MD5
6e4abd880fdfa95da6628b3d2e2b05f6

SHA1
e4c49a87d31750214fd2242e2189ed4cb7e46dc4

SHA256
d16a23af1c26c1b0f7b9776fbc1641b058f66a4559964b74f3f007d46405289c

SHA512
52787a6037da692002afeb3eb5cb613cfeebba8a32da900b4ce5408df9a17e91e2b648743e1c9d4c5711120abe519393e942acff54ce36bdce3d89498220a625

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db-journal

Filesize
8KB

MD5
f077a578d88d2611fc7373367f5efc73

SHA1
dce90174b7ef48a9d4f35d3b0a06b57258ab28c8

SHA256
21eba606551bdf09d51943f68686d737d1c31d43b7af9c1f10eb7ae96a2f6ae3

SHA512
8c85ee9b7787790242570a4422ff28519c7f35ffa40ad197cce04d6c3c5a174406cb119892bc7f50993f6818ff3906404dc0ac8689dbca3162afef0c75235d68

Download Submit
/data/data/ru.mail.mailapp/databases/mytracker_16195952731798164528.db-journal

Filesize
8KB

MD5
072bbd58825afe5789d304c539f2ca46

SHA1
afad801e67b893e15cc1fc8b2c6528b6a1d892f3

SHA256
f83c89e860ebfcf8cdcdb6d9d3c6b6c9f047bf8e204016efc4b92487d53f440e

SHA512
de5ed22dfd7f5ef378d67141d9e1f9669203b62dc0754fc8872e29255f037efbd153ac312bc1f8cf4a49284e5a6b05c2ccda2e0757a18eba78b3059d7625a1cd

Download Submit
/data/data/ru.mail.mailapp/files/.YFlurrySenderIndex.info.AnalyticsData_ESQKE4BK7VCP843U2N5J_216

Filesize
88B

MD5
c24f254e6e88f887dc5fcdc4a41f93b8

SHA1
db81b4e114e2403535932bb7ffa1a8e26dee51f9

SHA256
d8e0984c3d831e3bddb8d22aa8ae4e95f26c1399c1e995a1e623110bacfc7f23

SHA512
fc3fc83e52ee0d3484f7a328d386f2b92518b558d274f47aa256eb1dbad55e15f3b0ff6da7e527c51327dbd84ef32dadbd9fb3a2c9c8ed4f4f180ca01297de84

Download Submit
/data/data/ru.mail.mailapp/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
0efa9ab87e8a48fecee5ae48f58d130d

SHA1
9a1e0bdf68b3097fe4e9f93456ff80f74495c974

SHA256
51b20cb751986f8ce0ce405ae5041e643d4c116229c4ecc5a31e211e4576342f

SHA512
be323bc7b24441e5d2373e7cf562a8bc502ce47a0acd2d5277028c2afd33782bc62bc142bc40858c44b523ddf6f878064730f68c8646ca4acb5b89d8b053a90d

Download Submit
/data/data/ru.mail.mailapp/files/.yflurrydatasenderblock.05794079-7f1d-47a9-a287-9f0ce6e05c00

Filesize
422B

MD5
8786a43bb89f8daddfd6b1ad6820b9e9

SHA1
6266a1d5abb012853f62abf3f83a1057db710d6f

SHA256
86edb919504c977baf83fdd656cb9011491ca0a23d3248a9bf51ba18e729b92a

SHA512
7a93d68848860965f8a00d34859ff24078e9afbde6d6a84c5dc9745a5dbb1d6422798b7b9c314abf491265e6e00373a45e4b5ed9e27954dbe514b563c7cea308

Download Submit
/data/data/ru.mail.mailapp/files/AppEventsLogger.persistedevents

Filesize
3KB

MD5
d38a8656df5ed1ce49b4303e50688c84

SHA1
cdbdf4c5ea3d26c9ebb4620cd37dd08fa4a841bb

SHA256
a05c989d6775c9a0a735feb62706fd1c540589ae4a117f194bc873e8305bde2a

SHA512
da32c34f0845af13357ae6acfe1128bb7261c0053532554f0e11000e94d993bc1c21314eb1051c1ae30fa37c2589684d58e502d233710061e397e60113bcd4b5

Download Submit
/data/data/ru.mail.mailapp/files/logs/application_0.log.0

Filesize
15KB

MD5
d83cd0319bb788248ac2b8ad7569ac3c

SHA1
0b01914c2684794decf8f661659ff2cb7b96cdf6

SHA256
fc0b3573c0ff76329313e3e1935c718de33d6d54217b613118b91cbcc431ab55

SHA512
ee8cb881e4854d6319b3cf069c07958fba5ef2a3b654fb6ac77e8b19a52364dd61964d2d0f7d8c0e9788cd501cd7c48675f810f7c4a80ac17a05aab068ad69a7

Download Submit
/data/data/ru.mail.mailapp/files/net.hockeyapp.android/telemetry/0191bf07-0803-4b6c-82ae-89861a35f1a9

Filesize
1KB

MD5
318622234d4079a86fd3fdaf23e43d11

SHA1
af67c27af64f8cbacd454cdb13811c96aa06eca3

SHA256
93dbb787da35c564b79eea9a394d63838b5ea05ed155c27117bdcca894b6fac9

SHA512
68a13ccf5541158526223a88d832efebfd65d36aae3e1b3bd2436dbec6293ffc683a57a0189f9a00e9b87da5fa50c45898179718eb97a7e9b68f9fb7e1600c76

Download Submit
/data/data/ru.mail.mailapp/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
2e45a5056efba3a9fba52534c39bab3e

SHA1
9d72956b4d4ae4310f657e9d2c34fd9fdd87a1e3

SHA256
33621710177f57364d5474a0c0ea4486ca1c499b71c2563391c57a485cc9ebbe

SHA512
f55e1ab1aabaa2d1a76e74a5a7a393412eb568280c8a618751c24b9fb504e1d3e8b312d25f27011bfe52b0ec1bce36c53533642962d1a3de6fdf4b029336d16e

Download Submit
/storage/emulated/0/Android/data/ru.mail.mailapp/cache/external_res/-1040221343

Filesize
15KB

MD5
79829e9beb1e5cdb8de0acd9bf5a0617

SHA1
66aaa0b093f1ae9b5345318937c83fa7f0bc0e00

SHA256
e16a1503a4fae99496caf91aab0940c53f92e42939d1942d13de1d629456dd16

SHA512
2ed018087c3f64664e61a3f55cbdfdf8697d44a52a8df64226235642f3fa3146959ce3f138e2f175a35e83d53eca5f3d8fac139992aca43b0f65063b68b0538e

Download Submit
/storage/emulated/0/Android/data/ru.mail.mailapp/cache/shared/images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit