4b20ec021b37d0e2874e306d188dea4bb914406dc8d054680c975904a3d40f47

Analysis

max time kernel
2547382s
max time network
174s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
23-12-2023 16:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4b20ec021b37d0e2874e306d188dea4bb914406dc8d054680c975904a3d40f47.apk
Size

9.1MB
MD5

1b4a3bb8efd5b25a718aeb3e5e1c5813
SHA1

f2e1cc6142cf1e9cc6a45ec16d9f40f282ad7db7
SHA256

4b20ec021b37d0e2874e306d188dea4bb914406dc8d054680c975904a3d40f47
SHA512

b6d03f4addcedc44923f89517252778de363bdd09b3d88a4564781b9b2ade0767cdcba775a995b83be5f9002b14ed665379c638a48a18da9baf5807ec7412cbe
SSDEEP

196608:lxEguUTAG8cLy14vaRCcj8FN1LV1YsRiYuVAtN8pc7Z:l6L3lIgCDjZ1dRiYuStN8pc7Z

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 2 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	cm.aptoidetv.pt
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	cm.aptoidetv.pt:filedownloader

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	cm.aptoidetv.pt
Framework API call	javax.crypto.Cipher.doFinal	cm.aptoidetv.pt:filedownloader

cm.aptoidetv.pt
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4287

cm.aptoidetv.pt:filedownloader
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4371

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/cm.aptoidetv.pt/databases/filedownloader.db

Filesize
24KB

MD5
16fb73d12ecd05d7d5f6a8747fcb1be4

SHA1
375631e24393af7699cf1c5f5c2614d2f0da46e0

SHA256
e448cd0e14352e1b2339e861beea0e753e7807c5c34003175101d0df627de68c

SHA512
725c8cfd27b98c9f91fb7729fedadaed6767d1416e8a78564859d099c07e67e86b6062a422e352e7d2aa083c2e739bfd5ef3ba82771903d8ba3f69f4e7962d01

Download Submit
/data/user/0/cm.aptoidetv.pt/databases/filedownloader.db-journal

Filesize
8KB

MD5
b8665bc51f811fc0cc18e43196f8d567

SHA1
232e8623400f21e20f2165ad3319e88403261ed1

SHA256
4f4f0896000d463d7ff83d9c33bf71355a991426ab0e5701e3a19b24e2d59afc

SHA512
8c8e8b7b18c785c7dda02850144abb6f4904e89546b33fb2d14eb76894a273650e4422e6ac1b8687047752ca089645ab4b8f243e199b2548b851ea666563cd30

Download Submit
/data/user/0/cm.aptoidetv.pt/databases/filedownloader.db-journal

Filesize
8KB

MD5
4c1dcd6461d1de95b0cb894c824aed7e

SHA1
7d3f292b7f8b6e036bbe053fc14c72c473311283

SHA256
7a24e64e462dc5795efc0798ec402dff046b515c7174dbf4b06185ccff17d7f1

SHA512
6eaf01f93270583b485724a86e30cf32700d9ffad093a60048a178ae3c2e2586f27cd7f2d7c93e53f893e86efe72ec10699162509d07f8c42e2dc7b3bd5483be

Download Submit
/data/user/0/cm.aptoidetv.pt/databases/filedownloader.db-journal

Filesize
1KB

MD5
79f57a35486310266b1cb91c10045dd9

SHA1
b06c265a99021308dfa350bb3fa6c67381754052

SHA256
3e96c2754f3b6588b8226d432c7e6cfe65941ba502d62dfe6397f88e2875894c

SHA512
0f29ef53473f515a4fdfb1744abf399dfeb1b0fd213bf386fcd8fe2ac48ffc65eda1280f8a20510389175c1a027f68eed1974fe05c0b26153886e2f8762f54ef

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65871FE1039A-0001-10BF-78FCFABA5944BeginSession.cls_temp

Filesize
79B

MD5
a48479140c7814bf0eef2e317a631afb

SHA1
6b2aac243751a55b8d70ef2fee5348f8715642e5

SHA256
65a8ce8d706afcaaf8800e34f22c892ae8d26072f688557170fd07364b92ae31

SHA512
a5fa4642d0a643473b10c245de933411b8a616d3dcab47e45d218d6c609d181dcfe6346bb8b73c49c7c5d07f58b2446ae395e22d9d11264874f9bed7210a816b

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65871FE1039A-0001-10BF-78FCFABA5944SessionApp.cls_temp

Filesize
98B

MD5
29e0342be41c73b97e9d4e52f76b1858

SHA1
4b92afaeeb38d8988e2e12757913531342e36eb3

SHA256
ea5cb5819b1c63aeaec5c5502a2d50cf90ecfeb904a0ee5ac38687ca1f26c529

SHA512
8b25f03a160e25a1c7943045f9c1d0a5230ae8c9be1d6a19f8db8eeff153d092adfb2786328d1dadede4963a481e9bb48b012e55f86f057029540a1615bfd7ce

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65871FE1039A-0001-10BF-78FCFABA5944SessionDevice.cls_temp

Filesize
131B

MD5
c0b4efc1fc7c5a8cf897c28dcf1361a4

SHA1
f6c5ccc6888ed9d660f3041e96eaf1c138bd9e13

SHA256
2ca8c545682ff8e55bbc26cbc852f592f8e3481b1827e88a38ae81e4d1875cc9

SHA512
1ebf0f19106e8336ae03da7b3a179c63e9430a0b0df3ddd48cec3d793efc00d5f6624a938a24579abf34e9d3eb9a311084e8c831ff45a0d766fd8b88b856bcb8

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65871FE1039A-0001-10BF-78FCFABA5944SessionOS.cls_temp

Filesize
15B

MD5
f8b3ebea29c91d82f009e5a9c6d11060

SHA1
99d88c4b39d9143084e777b93d9692a59a3d087d

SHA256
b7869422f5dcf3f24ae91560cec05ebb39852ed45baf3a31176f9b90de87aafe

SHA512
6f89bfe6bc1c0a68bca73ef92c53e1a308fd63f2228a25a6e34d117fc5cd253209eed56fe08f51d5643343a152acfdbfbb1c5dcea224e2750aed46074af369de

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65871FE40160-0001-1113-78FCFABA5944BeginSession.cls_temp

Filesize
79B

MD5
cf21c8b4df7599a2bc893ddd43e4a972

SHA1
acd760aeba309d6a13d14b3b4740d63ffd6049ce

SHA256
0286a4e35a0abf4abc0253cc0e5332a25fa75751fbccdef4837cbae505eeb691

SHA512
8e2fa64536fb196088cb7824b5752129d43c54581f02996f12b9bfa9c55699d7af89993fe4c80044d6bcf913f7d53ddc51fec60375b680b45ed4dcc0859c5df0

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65871FE40160-0001-1113-78FCFABA5944keys.meta

Filesize
38B

MD5
8087bdd0d3cc8210ef04b974b0ce65a4

SHA1
eb64b18a5284a8932b2e1ee8252c9aa2fec67b4e

SHA256
9defc29aa8cd1a6a8d7cf19a81c8d04135f1e4555083c4c896e1c354a052b899

SHA512
7052fed303feda32c5a1679702139f30afaa441d2bd5ad0195e952a23ab4a69a401f798b28c9e7cabadeb288351cdd4aef1d3908a4c3050fb6292e0f9a309c8b

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
524B

MD5
218025908af2e50b4a71651c80f6d800

SHA1
a3d977133800f1d90ecb3d4fe7c1cf0da1640220

SHA256
489c8c16b764b3d533aa2f39bb5650169d4c8f78d0fd61c07ba6aa08623d2db8

SHA512
6316638fd58268a2865f77ec282a74fcdfff28521fb5edc7c5c1596de26767a8c5a9b278797f8936e9c91c5bbb6cc755bef061e836f9448794c5214ea2e5d0b9

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
d7f1e1a068ae2217e07f0cf508c72615

SHA1
a5f9611cbc3b768934d322647ccbde6b1ad10436

SHA256
ea4ee2378c34d0e54b5e7f742e5fc12247722c56ab7b24214ac3264cc3bf0c71

SHA512
289fb1e337ef988d4a93432a6ad9f3c1d2532b3c604839c2f78fd53d847fce21e0c3b97897e2f6cdd96ec39324176a3362ac02430ef0516ffedf851fe3a9dda6

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_37fa46a6-7b5a-492d-a1d1-f810d0385d98_1703354341380.tap

Filesize
404B

MD5
f4a23570c48ff64d875ca75aaaaa6ade

SHA1
5cc2b6d2f4a1cdfff667077c3ca99225aff4a381

SHA256
c36c5d8d544eb6e2f6ecaef84b40d2af06d20c67e0a444bcf2f33aaf4ab4e6c6

SHA512
8669b4694e99379fc1e5f648475654ebf9fcbab2cb19f6af5699812b4c092337ecd7b06125e0837b3a7f9ea84e6a75a825c1048ea8a011309b3a132efe25c75c

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.YFlurrySenderIndex.info.AnalyticsData_S5CXZ26VVW4PP9C52WQS_229

Filesize
88B

MD5
b694eb014ba24c5eab5a33b14c210530

SHA1
3970e35ef3a57552edd83c2797ec372dbfbb20cc

SHA256
8aa6d07c3c4a6d54934e8d45646cf979fe9d41bce853f18a300088d5ab15dc4a

SHA512
965117d7bc3333f123172fd98e732a63ab5f86803516662e4afc8a26fc50cdb222e7399eb3fd2fe9a5406c6e41a5492f1fd36ab7d7d671d59e81580a51ada737

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.YFlurrySenderIndex.info.AnalyticsMain

Filesize
72B

MD5
05d15d5c9e741e85210e7579cb47db4a

SHA1
c78bb7c45ff612f0ed6399f993ce0ea2fa7c8cc5

SHA256
d7671679784471964c5ac45f846322a640593e3ffdcce8ddde5132b0633e0b7c

SHA512
ad15a3308edaaadea4e48c00c9d998511fb8215fb6c2b1ac333d71647091435505dbf7a25895c83314d153684ccd48bb550d743d17de37fc785e4b6677fbf8fb

Download Submit
/data/user/0/cm.aptoidetv.pt/files/.yflurrydatasenderblock.738ddf20-4f86-4290-b0d3-b51121db91ff

Filesize
301B

MD5
a2fcfbd8e56743f2d793626786b2e0d3

SHA1
8144fd4fdb0582ea17f0de1875ebb616e9bc3f2d

SHA256
5d3725a6394bf412c4acc8fba87f2198e45060b632ad57b7ca5edb7404d2aad1

SHA512
30cfea1775ce4e6ad3a748b59130f04b652c5772fab1852397cb215b57bf0c0163ee5e658326e6c522283c16bc2707983882515de85e9dd9325679b926d744e8

Download Submit
/data/user/0/cm.aptoidetv.pt/files/default.realm

Filesize
24B

MD5
a6574431b943e0bf47642c666f3fbbe7

SHA1
79191cabd86accd903f27c523c95ef19933c64d1

SHA256
60692d3a39b5fa2c7ea60c7be7014c2069f7c0a3fedafa269addd8143ec15f6d

SHA512
c438e1cda3bce0de04a34e3f53f17f7cdd235e80c656c31e43a21b37e77dfd90de14c17a5c6719b84a14899ff41107a75790b35306c7ecb1674d6f60de9bbbef

Download Submit
/data/user/0/cm.aptoidetv.pt/files/default.realm.lock

Filesize
1KB

MD5
ecd770cd2b14c7658695c3efd2765c02

SHA1
efcc9b5ecee065b4e92da097a9630c8234ad0711

SHA256
24526b19e09cb6b2c91ea4ed6b268eee380ae950de0c99ef50f691f101407668

SHA512
016e2f1e3f5d0c18d57cbf7539e1e870043d02e6f4fd599ee53d73025e9506738ef04b8a507d5133a3eddc3e1b72a2c080b8e349f29361e6f6d477156668b801

Download Submit