2ae524b92f456aa6b921bd0ded3d42a5128ec330f1e38c0484d4c3d3ea7cb992

Analysis

max time kernel
2681373s
max time network
161s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23/12/2023, 14:10

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2ae524b92f456aa6b921bd0ded3d42a5128ec330f1e38c0484d4c3d3ea7cb992.apk
Size

12.4MB
MD5

ea2ca1fb172a508791b310e5a908849b
SHA1

197f29ef4c3cc2648f72d3d0fb62c849003b03ed
SHA256

2ae524b92f456aa6b921bd0ded3d42a5128ec330f1e38c0484d4c3d3ea7cb992
SHA512

ad8e01bad0f22cccbdc38888c660a5f85dfad6727f4a0b9f6c4dd27cc344bdefa2ce4915970005321b9efe660b9efe98628f25ec26c80d391eb4bc2324b4be04
SSDEEP

196608:qfwSBMNY2dZxPuWGWt7QWjA0MGL6sWAj2zIM8DhxlyFMZxZ143to/hzitsWNaY3O:CBGYYXuE7NAG6s9M8dxTX0O0N34Px

Score

8^/10

evasion

Malware Config

Signatures

Requests cell location 2 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.mobiletool.appstore
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.mobiletool.appstore:channel

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.mobiletool.appstore/[email protected]	4921	com.mobiletool.appstore
/data/user/0/com.mobiletool.appstore/[email protected]	5429	com.mobiletool.appstore:channel

Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs

evasion

description	ioc	Process
Framework API call	android.hardware.SensorManager.registerListener	com.mobiletool.appstore

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mobiletool.appstore
Framework API call	javax.crypto.Cipher.doFinal	com.mobiletool.appstore:channel

com.mobiletool.appstore
1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4921

com.mobiletool.appstore:channel
1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:5429

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mobiletool.appstore/.00000000000/39285EFA.dex

Filesize
69KB

MD5
75a8168e7080b90fc2956592c268371f

SHA1
3702da56d31f381525473364f031dc884e37076d

SHA256
0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701

SHA512
33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

Download Submit
/data/data/com.mobiletool.appstore/.00000000000/39285EFA.dex

Filesize
69KB

MD5
02f69eb4fe05ebc6c9f736d83e5f7e26

SHA1
777d75e14a73f5721fc4ae34f49a9a4b82311373

SHA256
13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

SHA512
7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

Download Submit
/data/data/com.mobiletool.appstore/app_crashrecord/1004

Filesize
235B

MD5
c24dced291f40ff534f8065347a6b3df

SHA1
c3eb7cbe293acc369ba94b9b4fb2ed46b8bab03b

SHA256
7a3db4aa4b14712844426f8cd4e39fe0ee5dff66d7e9d4205495930598ce599a

SHA512
4bfe439388adaa3cbb36432c17cf1e79b061981d2747419834c5e93caa0dd90c5fc6574f213a035dd4876d30c01b8674dd9aeb50325baedd0fbf8d76266b4977

Download Submit
/data/data/com.mobiletool.appstore/app_crashrecord/1004

Filesize
69KB

MD5
6c4ea8ed79643688a9b282dd72898a39

SHA1
ba2e7dbb62fae5ca7231061077ae092729f6d0ad

SHA256
138852ebadf116feb4880fd97983d0e2aac142705c056a2ca9ea7c881dd7a565

SHA512
1e68645f17bb8ee1c3ed9bed77f1619b6b69ac90185ef8638b5cd83a453dbc04a192af05ecaa4ee61f3d8039b233bc338e074fc28f65717b63278d990d3fe01b

Download Submit
/data/data/com.mobiletool.appstore/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/data/com.mobiletool.appstore/app_crashrecord/1004

Filesize
512B

MD5
120c15a028e1411677ec8b8361ebe54a

SHA1
ac5c537e1fe35bee54f028e441e64367568144ee

SHA256
7555d4cc253c0968801f38a159bfa43160b3143467a809daa13f942105ee2da3

SHA512
cd1a605ce709590b8a83a604f7f07426a0d602ebc9a9eb76f3ecdabce008c1e6bbfab3dff75dbb0f518cb15ee1d844ee2941479daff621dba4a7cb535579e5d2

Download Submit
/data/data/com.mobiletool.appstore/app_crashrecord/1004

Filesize
512B

MD5
4ff9feea07afa1dc503b081c2412bc67

SHA1
545d7b874500416cc7e7e705bbdb0881efc4780d

SHA256
62dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c

SHA512
ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce

Download Submit
/data/data/com.mobiletool.appstore/databases/MessageStore.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

Filesize
12KB

MD5
e59a37c08baa032a196afb8e46c244e1

SHA1
68a4c3fe9fd23d7866078e3084f9ce9a16a50af3

SHA256
e373ec47b9b9f68ae365f9b5dec83418ccb5c0d6838106375f8f12f452cf34eb

SHA512
37de459ca2e17c43ae57823a2bd330b1099b7e131636522bf8fe80788f67df1466aa98e3400d7edf3106c86159e5e466a010097d3cfb0e8fbcf78acb2ce6bfe2

Download Submit
/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

Filesize
512B

MD5
c067bcdfff6ee8840d1a57834d9d84e6

SHA1
1d2fe376edc14add4faf319fe3244407861b416c

SHA256
5b2d35185985c37b787b7c31dafae5b855b3beb3423d623e34d5adb0a4598fd0

SHA512
3b24db60a59a01c9f922cf724d27939291d79160106d3135d53cbba590025a3c85ae4b2d0f1bb555ba468facad96f60055e7efd45a7b9ba935cb5bc780595e2d

Download Submit
/data/data/com.mobiletool.appstore/databases/MessageStore.db-journal

Filesize
8KB

MD5
7ce7243f01094ed1510d5793d4113ac3

SHA1
58a13cafc8b829ce65d65a7248b65dadf4c40c74

SHA256
2278d2101503dd2d9d8d28fe2ffc411260b5dc7c2cb790ab7c95a8203d31fe5e

SHA512
b59ccab93bea91ff18d4ec1825368ad42dbce838db9a4104b49cb1452fd451754e2fcfa3683276232c79131a56b9eedda375dc12abb022aa6e252008f9212ee4

Download Submit
/data/data/com.mobiletool.appstore/databases/accs.db-journal

Filesize
512B

MD5
26274f3bc2ccbacbc6dc9c60ebf22b1d

SHA1
2f190bdfc5b090c88d2e4bd40e59adc934fc23c4

SHA256
b1405f21cf80ba4a71a199c2ae190dde9b68d771752e82121c6f752f35d9a537

SHA512
98aff8bdfd1718c1e23cf82e7da6ff4dcd1fff536ce4a6ffdfbd5641298b7a40268e2a83ee60ff788942b5ea84dba603755c80854855acd8a71300412fd51662

Download Submit
/data/data/com.mobiletool.appstore/databases/accs.db-journal

Filesize
8KB

MD5
da13f7b19237109cfbae4805a2408976

SHA1
287ea47eb8d069f045a4f61f4bb24985844dc763

SHA256
826062512abbfd91a4f45186c90023cc6b7c97e2a0c547c26a1bf6174b6c2278

SHA512
d18087c8b74cc94b52831593b4f1b45908c1d280f8e2169bc1fe81c512f23b602e03a31dcb1c54fde1929057596ffa9c2c8a35e716fe2c2991ef1fd84c5215d1

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_

Filesize
69KB

MD5
102bf09589e78abb368e79a7c9f4c8b2

SHA1
df05637a966d0e2898d0c8d767174d19994b35a8

SHA256
35187f9c025d7b9ae10b8951802059aaeda8feaa58ea66a045bb77c3ddf6db49

SHA512
ceeb7f84cebb4feb83dfefe5a105e869f184f16572890a8a0f7dbb22ed7351f3762c0b86d47baf0ac30cbadae06c3e72d65766a92064d7fa1d1593b5cb010c95

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_

Filesize
52KB

MD5
0cc4ef56f1a62f9a65ef7f2c121f6da2

SHA1
830fea9b323e5821dd88bc968b2200f66ebfa593

SHA256
f9b2964fc10d570423243e9b3599b52e68efc4687b5de7110fa395c274554981

SHA512
3ca4db83a0893ca0b69795dee6ac1e6170783dd7b363a9e762a63c632f8f5de18d2b12d507bf79b4f406ef0b23fb161dd8697889bbacce9c94506df52f50ec4c

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
512B

MD5
78813445a87ca73be8dfab46b81be36b

SHA1
0d8315c4ed1be06ea5d1b79c049d622c452269df

SHA256
7fdbd936ba8e4c013382162dfe0df08bbb6a12d7f9a23396d34cd1da115be839

SHA512
0787add27c96b5f8b0e8942cb45ecc530c82d10af37c61ff8e3fd2313ce251fd5be569a726033a848c8c4f846b84f928093d8b3eb9b0d43bfa047be5849aa100

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
0e8a3c3149e77a167bf75383dbf7f9b5

SHA1
134590b62fc5385436cea9366fb36550b0bea3cd

SHA256
79ea8bca4ee98810419626ca1531b58f7fbf00db5d1e8500a425279871c188ad

SHA512
aa2370e812db82c9c6503fc5393e2c5444947890a9925088fb74461f73f856de7028a14e51856e7eb8416345ed038712b1ef1b71a65250f9dd061d2df1d411db

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
4053dfffc7a7cc417ddc94eaea54ad0c

SHA1
2f612c862c3956629eb4fdf0678b0d95bedd83ec

SHA256
0247a880d96989a965a7163ef31317ee098761982b160132b1417b63ff3100a4

SHA512
017344a6f7ef8dbedcf3d83f2fa7bda4881e4431cf06234269695b5fd172dcc1f3c2b0b237b88be14217091a9f76de6eecadec178203dda16b673425d52bd305

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
a582bb26e504b475c259c211d561b73e

SHA1
02ae987dbc6ba4b8079b56499b996ca36c997adb

SHA256
c0e9cdd9ebffc6505f21715ad0c8b1b0cb2a7b6ba35e10ff6171ffbd13382013

SHA512
b350618860b5fb5340338b93072620595f3e7bf97590a124d0cbd1c1d01932a2f875a4ac7d2bb459eecdc63ec53e025f877e6497e86ae14732494ceab60ff91e

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
12KB

MD5
a8dd06fc18548e00524ce7f30504b6fe

SHA1
920c31108d163ba18a726a6ac4ab193f01611789

SHA256
55f0d8bd6f0d1d356a00991f766bcfb82c0d1314f0d15dd176f3023c2f9cf0d3

SHA512
708ce0c221001985984589b83b432151a9a6e3889269aac4157e0e44f2aebc8f43cecf773892f5e6ff86a58f786fbd440bc54166718905540ecb3cb844571301

Download Submit
/data/data/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
28KB

MD5
f1ae37c4d551b0a9161d0748db3648cc

SHA1
8258a388c07d88781b65c35e99891913f6906c58

SHA256
056e29c19d6ee96735239b8898a0b57e77296153616be615ff8ad78d44fa8d1a

SHA512
81e5647f5eba695ea14384ec1aab71718204ddb70b042675f2d8a5ca71766f0659818e2516e62cda16a219cbef3b4fd47e327673b937480bad4869d01f37bfd3

Download Submit
/data/data/com.mobiletool.appstore/databases/downloads_classic.db

Filesize
12KB

MD5
163b0e3f017becbc89b9d7f330b78f09

SHA1
1ef9cd8ac8655190468d0ccece0a4738634ab0f9

SHA256
cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36

SHA512
6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

Download Submit
/data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

Filesize
512B

MD5
346d93002e4b4c425716afce2219ecad

SHA1
ae21d1ed419f2a22718f1a881674bce5c50acc6c

SHA256
ae03c0c6dee7f329e6bd10ab076e57236ecc521b497cc7705c7df7164925cdae

SHA512
ab339f69b109ad0346eb2fdb28340a7a7ce7b6d5245e6b25b8370e17d3905a1d6662dc0101760059bdaf3fd02696563a72cd1f53e58a2b187e1b170f6e546d32

Download Submit
/data/data/com.mobiletool.appstore/databases/downloads_classic.db-journal

Filesize
8KB

MD5
8d4b68b8c84521c1570f02d011594bf8

SHA1
628496a547c656dda75a906694074cdc1e1bd664

SHA256
942551170fe9412d3ff3883deaad0c1c7f06779c628f6a01186f5e98bde57fde

SHA512
f2d7f18d642f4015905e4a050065aaa0603d81a80010fe403c7d42364919e6fb70b15ea0d3dad743e85eb1ab67f07dd1835f6ff38afb0bf107f686383aaf37f8

Download Submit
/data/data/com.mobiletool.appstore/databases/message_accs_db

Filesize
36KB

MD5
50f3d63f4b9241e212be8ec20bf3e374

SHA1
10353f506f0aa9dfab398275482eb42da167232a

SHA256
be9049dfc1751c212273b6e4d07202e47cc7de289dd84d388a27675609056653

SHA512
dfc6dc641041edc77b5b77bda43ebbfd0eb6c0f4d55d05a7a914f77c58f2f465e8d29aa7e2c9773ec93a257154a6c779a6b165b8765a214aa154976887d8ff7c

Download Submit
/data/data/com.mobiletool.appstore/databases/message_accs_db-journal

Filesize
8KB

MD5
9ff708d3db2c1a645ac42121d47fb782

SHA1
e912995476b79c8d26e3d03bf4651a69d63a0536

SHA256
a8fa9a078e0660556a54bbff2f7ec562e9466af335d5873c8d6e6d072d76bcc6

SHA512
6db104a21670bfa43d577a9bfe55305213e89e780c20b7efbc799bc4659d0ba298bb00eebea491247aa73523b9da95bfcc0058a43879d7300721bb20124b7920

Download Submit
/data/data/com.mobiletool.appstore/databases/message_accs_db-journal

Filesize
8KB

MD5
9c0aa22a3aac91974745365060d8133d

SHA1
cdc3a5a66f6ebf2b59f1ab7c2560ca1448e3f5d9

SHA256
d31b0e5abec1339249b652abf1d2444403a7d230c692997bdac1dd2dbb245123

SHA512
785bd393075c3fd25aa92f7c827b3c41b0560d7ce92482833d094bec0334067925b88e58b3a64c2d02c68a024cdbb5836c3a475af5263f4b2425df007d370ef4

Download Submit
/data/data/com.mobiletool.appstore/databases/message_accs_db-journal

Filesize
52KB

MD5
5c9b47b7f381b43f14de91911c50c085

SHA1
e4da54a1668f5974e6a7eaee390cde7d36f3d6f7

SHA256
c4ded7dc726ddf1c17f61ebe28b2e0b0ffd26b3927649340972291465bc268e6

SHA512
a46fbdab5028d09f85545f85a312358ad92b6a3690dc3347fbe202b7e4395ca3f0410c18f446399739a8276a03ad3440b52d05bc615a4d967e837099334acbb7

Download Submit
/data/data/com.mobiletool.appstore/files/agoo.pid

Filesize
8KB

MD5
a25e0b0c24d9f9b1da2d5acf444939f9

SHA1
9b9e3f1c08892f3e816e9b13e50f4e70051a93f8

SHA256
50ed2ccdd9245b7c61922d86e59bddb080670fce5351caf70ab8e6cf6b8601c5

SHA512
6b55a00fdccf507d103053f0c1dfe5d466baeefda4aba1aeaab71cfd5566d65556c27c6ff90baf260c0b8f89b50454e7c707682821269a5cb2d77e0e9db6858c

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
111B

MD5
3df9074c99f5eb291f682f8374aea28b

SHA1
28878ce2786ab7d64f55c85f61d42e2eb819bd16

SHA256
9a09a719bc0da68e0292fdd34e3a96ab9ca6ab60978a11a1f955d4dc3bfbf0e0

SHA512
f46d6b2301be855752c12cbf0fe3d99b1dbaeccad1fbf68f80525b6265a92f024391b2c55546921859ed96606374e93659ce136b8bef7ce05491888aaddf0387

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
8KB

MD5
0734a5090d65532c2985851a5ab53df9

SHA1
3e287fb83b09d0d54bf7137aaac317b28069ec73

SHA256
62d527271fc9626309614f7f41db062fd5411042e604c1f4fe2635b9e31787c4

SHA512
15c20b8bcae9e6159a883651c901630aebf1b1834e1823f1c9485a3489f4ded77fc6e11464c85787445e43a04d085d15d834ffa265814e5378ae313acba0e3bc

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
111B

MD5
08f8847e5540efdbb31662a58bb45c25

SHA1
76bc1fc5aa98f822ada6d0beb279bb5519d8f4c9

SHA256
59d9dc1ea7f55bd0443c1d3eedc141d1224c35979271a47a7d4453452da788f7

SHA512
4d82685d35c622f71f898cb56fa76cb6ee8c3214e4b6de303ed86e6bd3d2658d6ff5d6dadabd50c8e94857d56bde95d447e6f950c9f4d27e98e6a0780e38bedd

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
8KB

MD5
58c1ece8568ae66385623acdd1d00107

SHA1
7e99bae22dc9205d223c7359b71dab9c8e16d78a

SHA256
78b37f2c98c5a4a5f526a6cfddc706a42bd27e2b75772a01b230874bb50d78b9

SHA512
2d320b318de5e98aa4eeb3bfa26fa82d3516612e4e43642e340009858eacae0369b90d6be07b5797dda2ea2bad99b72e4f0727e1159ee874bf7fd324dd35b877

Download Submit