4b20ec021b37d0e2874e306d188dea4bb914406dc8d054680c975904a3d40f47

Analysis

max time kernel
2555663s
max time network
158s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23-12-2023 16:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4b20ec021b37d0e2874e306d188dea4bb914406dc8d054680c975904a3d40f47.apk
Size

9.1MB
MD5

1b4a3bb8efd5b25a718aeb3e5e1c5813
SHA1

f2e1cc6142cf1e9cc6a45ec16d9f40f282ad7db7
SHA256

4b20ec021b37d0e2874e306d188dea4bb914406dc8d054680c975904a3d40f47
SHA512

b6d03f4addcedc44923f89517252778de363bdd09b3d88a4564781b9b2ade0767cdcba775a995b83be5f9002b14ed665379c638a48a18da9baf5807ec7412cbe
SSDEEP

196608:lxEguUTAG8cLy14vaRCcj8FN1LV1YsRiYuVAtN8pc7Z:l6L3lIgCDjZ1dRiYuStN8pc7Z

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 2 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	cm.aptoidetv.pt
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	cm.aptoidetv.pt:filedownloader

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cm.aptoidetv.pt
Framework API call	javax.crypto.Cipher.doFinal	cm.aptoidetv.pt:filedownloader

cm.aptoidetv.pt
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4273

cm.aptoidetv.pt:filedownloader
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4339

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/cm.aptoidetv.pt/cache/http-cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/cm.aptoidetv.pt/databases/filedownloader.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/cm.aptoidetv.pt/databases/filedownloader.db-journal

Filesize
512B

MD5
a93a2dd4d8b028e9c301af9c6e15e635

SHA1
959d5e5e4be288e36d1c594e859f511f399a00d6

SHA256
00ced6e57827cefe673dc1d3e6b701d6145d469521c6c516f318f5e2d6700ae8

SHA512
550ce99a45cd91d9dde955486e1f2292f79e9b5034d698b930b54511c76bdf392e1328b0063b47d7ade80f5383d9a2fdf937c71e424ba0ce40215116ac03574a

Download Submit
/data/data/cm.aptoidetv.pt/databases/filedownloader.db-shm

Filesize
28KB

MD5
05b52a71de50b84d2acba3cf2adca83e

SHA1
db19bfd4883f967d9571f47b37d2f09e96917ca7

SHA256
a961f4e1c3338c207e5d5e13985f7ea6a75451a0f4648516d842286efb191227

SHA512
1ff0cb1dc891200e14d07af06018009904e0f6e73e6868ce10ee0a9cb1dd5e5f11a2c25c00b12b375dab4f08f9007b7966af16933e39fa062aefaffe9f5f14f9

Download Submit
/data/data/cm.aptoidetv.pt/databases/filedownloader.db-wal

Filesize
36KB

MD5
2005fa7996d4f1b44088a7d2e809c502

SHA1
6add385c5d05e1825c63338775909c6cb9e86777

SHA256
43e05af37ee46c6905e157bca0098299debcb019f92408c4218703ab80a15b27

SHA512
18fab961d6a3ce59c2ac8f429e7788f8a39a0add34ce5354b1fdcc5fdafd196ae799dda691ed890df179b44ca2775d5729bb556517204ac0ba2dc413f57cede4

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6587403B038F-0001-10B1-2E4CC1DE0613SessionApp.cls_temp

Filesize
98B

MD5
3ed87187d0d04b665306d9109f432d84

SHA1
5520a89f324e26811c8e9c6f3ffc776423c605fb

SHA256
338d28baee5145238465e2b1c951c80108baf266177a218f2e2362a31bf8067d

SHA512
02ecd2d406d5b6f4b19903de8c4bf4e0facf9605245745806fb586a25c09c20bc52e67ce9b6befd4f488270a7b705d9e51d4cf465461261c0e35bfa423ea9e2d

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6587403B038F-0001-10B1-2E4CC1DE0613SessionDevice.cls_temp

Filesize
131B

MD5
5cb889bc471ad58ecf2bb84a6cca755c

SHA1
7d7f21918396601fa4359f9c9bf727bc1bf17207

SHA256
816e86db5c880c6edf0c8fa7166fe3703b6d9d4947f0a531aa1f1e56fea4607e

SHA512
2337c2c573b4ca682869595642c487c09b0890de62eb251e5518bde6160c4376fe4927b29d400761850901d56c541f1f93d656c7bde11fca57a61669e20b085d

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6587403B038F-0001-10B1-2E4CC1DE0613SessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6587403D033A-0001-10F3-2E4CC1DE0613BeginSession.cls_temp

Filesize
79B

MD5
2f1fb912f8b3f1d9d4bf256ba0974c18

SHA1
6d4d2945d7827fc77288bd2e920a9ff4d8d0735e

SHA256
a2f00f7227c4bc681d825ea02501546a5520468c88ecaebc5760a4daf1c9e4b8

SHA512
3f485242796b5a1ca52d0ca93d279640897ebfcb32008dedd9a33d43cdcc9815c30cd96ce4cff1a2c5ce7aa329517876ce8ffbae4d143780f5288b75d7c5c0b1

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6587403D033A-0001-10F3-2E4CC1DE0613keys.meta

Filesize
38B

MD5
8087bdd0d3cc8210ef04b974b0ce65a4

SHA1
eb64b18a5284a8932b2e1ee8252c9aa2fec67b4e

SHA256
9defc29aa8cd1a6a8d7cf19a81c8d04135f1e4555083c4c896e1c354a052b899

SHA512
7052fed303feda32c5a1679702139f30afaa441d2bd5ad0195e952a23ab4a69a401f798b28c9e7cabadeb288351cdd4aef1d3908a4c3050fb6292e0f9a309c8b

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
522B

MD5
3fedfe7ed8fd628e9ed4c8a4d54c29c2

SHA1
b2a9db0aedd8ec89f84b2db6084fc238a99a96d9

SHA256
f5469850c188fd60490600cdab28fab5e6af997e529d62e6569d3989d958c84b

SHA512
1c9af55ba7fce7a493a80f5b71e16bef38f68e91c13a1dd09c76fec04b36f267fdcafec624d3e5a5231052b7bfa68ead7cb0d7b92cdedb2642827946cca6822f

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
830a8cca645491f87c7203e68475571b

SHA1
02670678b30a159d9663133c70ff1707048ce67f

SHA256
ee211225db9a99ae367d55b31074faab96fc80ff169a8e3d23f077b8977e094e

SHA512
4162c68b52dc1bafd056ce945b609298c4ab936f7add20cc62bc732f87c836253d84a8f6b52156a2207a28942c1973982d6c5cbc96313b43fe5e06e98687e600

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_c8dba214-9855-40f6-92a9-9a13645d3e4a_1703362622705.tap

Filesize
402B

MD5
81abb79e11b7ac15daeab9469b2b1d80

SHA1
f2a7a75b54f896ed994cbce9f702b1e2cf28ee10

SHA256
2ac4e38205bd543715e6417e8fe92a96cd0a197ae24e6f0d3501551c4d8faf38

SHA512
10b51751768a7362f78d09630771832e9be35dafb8dd78f5e276640cd1544ac432903e31965a95d73d22dd7c7d9c21a57b3489401df8697e58a102f5f543c213

Download Submit
/data/data/cm.aptoidetv.pt/files/.YFlurrySenderIndex.info.AnalyticsData_S5CXZ26VVW4PP9C52WQS_229

Filesize
88B

MD5
b009fc5943cacb4b18344ec3b38facb6

SHA1
8577f1c7971664641ea5cb2c06080750ca912e7e

SHA256
e5f54f3883adef33cfa48f41c236d1af975a95e28a8245c463b92834c36ee9f5

SHA512
f9d978fcf2f4a0f34144bdb0b78919dff8035292e925fe020431bfd7dc960252568a2fd6828169c0dbe651bce18f4051d4c01e9288cac4fee47d6560344b8298

Download Submit
/data/data/cm.aptoidetv.pt/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
05d15d5c9e741e85210e7579cb47db4a

SHA1
c78bb7c45ff612f0ed6399f993ce0ea2fa7c8cc5

SHA256
d7671679784471964c5ac45f846322a640593e3ffdcce8ddde5132b0633e0b7c

SHA512
ad15a3308edaaadea4e48c00c9d998511fb8215fb6c2b1ac333d71647091435505dbf7a25895c83314d153684ccd48bb550d743d17de37fc785e4b6677fbf8fb

Download Submit
/data/data/cm.aptoidetv.pt/files/.yflurrydatasenderblock.65700a2e-5f82-4cbb-95fe-49dd0d9a736b

Filesize
305B

MD5
5f2de2c07416cd8ce881afa3b2d084ce

SHA1
cb4ac1335dc2c686721a5a07b079e17b9cdb4e07

SHA256
3545038f713d18302e7d1321109742d00dc5301f91851ae420974130e2b8b035

SHA512
8d6835ec1b8c0c0f2029935130814c567cf628146e403b401191fead31701c9cf31a7de416def408d1b2b37b7fe85e5cd20a8e197e61902ce960b0986e3828a3

Download Submit
/data/data/cm.aptoidetv.pt/files/default.realm

Filesize
24B

MD5
a6574431b943e0bf47642c666f3fbbe7

SHA1
79191cabd86accd903f27c523c95ef19933c64d1

SHA256
60692d3a39b5fa2c7ea60c7be7014c2069f7c0a3fedafa269addd8143ec15f6d

SHA512
c438e1cda3bce0de04a34e3f53f17f7cdd235e80c656c31e43a21b37e77dfd90de14c17a5c6719b84a14899ff41107a75790b35306c7ecb1674d6f60de9bbbef

Download Submit
/data/data/cm.aptoidetv.pt/files/default.realm.lock

Filesize
1KB

MD5
a65194ed3bebbf0025723d9cf0501dd2

SHA1
c49046ea64fef2048ec09427e9208617c7224cc7

SHA256
fd9d4474451dab9b7fd75ec1a8b263ae8a125b4a200e069d83e60f8e21fb9470

SHA512
53de43a422adbc2190ab9f720633112ddaba07f2abe190b7e2f02706a24c6d78680e6903dedee3c6a80b05192d894975f35ee620f01ae27f652b6cfca1892553

Download Submit