4b8cab75dbb96d03e1db0e0d76288fdae0084be360f27f1cc89c936711946fe4

Analysis

max time kernel
2548183s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 16:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4b8cab75dbb96d03e1db0e0d76288fdae0084be360f27f1cc89c936711946fe4.apk
Size

8.8MB
MD5

9b1c12e584163ad450993ef291c8304c
SHA1

a380cca6a6ce3f2bd02f118a19256ce09191b376
SHA256

4b8cab75dbb96d03e1db0e0d76288fdae0084be360f27f1cc89c936711946fe4
SHA512

88b18f761df6912d28af380113fca4d2c64471a8a7f519f47a167275ec8baec4171acf98b8d92e795dc94a7fd7582a2e177262c0b5ac363e00358942ecf655af
SSDEEP

196608:FyQj0kGjXZgg3+JH585ULq8VK90m8i2MD0LSrgDZwcd+W:Fvm+v85qq80n2KCy+wcdR

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.here.business:main

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.here.business:main

com.here.business:main
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.here.business/app_config/config

Filesize
73B

MD5
ff6dfb0a828a73d421c98cdaad328c3b

SHA1
f7b864eaebeaf601c893967cc18339096ba4d9e3

SHA256
1ae9b350b36baad49919aef4bb042133c73a535c2009f3427fea902323de4614

SHA512
aad16c2cbd55febcf1e710dba9b87b9eb9f71d1ad015917f3a01e2c5614ef0c06a45b290f931f791e426e61ee192e50ca2501f748abf55e579bd74d22def5a52

Download Submit
/data/user/0/com.here.business/databases/demaiFour.db-journal

Filesize
512B

MD5
e2f34a7ca69f67d2dc70c94b9086b804

SHA1
a7035681bf2fb0055074996edf7f929fcc840009

SHA256
9147c7d3308cea62273432fbb3a9bfde9ee51cfcb3c791e432c1a4f7ff92229d

SHA512
b3e11d821bc1b1e76fd140418c7122d8c4daf483ad0ab3ddc057bc050d80f4a09b42eb5b554273fe00f3dbbd61daf6d33a6597ffa640bf4455fb6d51b6ea325b

Download Submit
/data/user/0/com.here.business/databases/demaiFour.db-journal

Filesize
8KB

MD5
8a11218c13ac1adaf0c4f0288931cab8

SHA1
fe20591ce1dcc7382e55623361772e93fc8a86d7

SHA256
5dc5fc4f886683eb513e11ad7be88971e7a0af8add77ef94870b05b934d0e8d5

SHA512
c8c6425833540c195c5b855b123ef4165ba262accf4de5ea1baa9fc03203f2a41d42bd51118bca0c367183497765d0b12d9ac7f39f78243508c7150596b8dd11

Download Submit
/data/user/0/com.here.business/databases/demaiFour.db-journal

Filesize
8KB

MD5
002614215ec5645756cc3a97ea1d0251

SHA1
33542367a88fe7cf14de038a978bed13c343327d

SHA256
ab369e6ba71baa2743e3a366923cb707f571e2b1de7c423e6da12a4005e13b50

SHA512
81f24ddc8b3dae8fdada32956d0bb938c1b49d7118be0633ece8359971346f6f48b96c7d7d2e5d255a16f0ce15675e9ea3ee27778e9c37f5345aac14da9991fd

Download Submit
/data/user/0/com.here.business/databases/demaiOne.db

Filesize
12KB

MD5
d23d9798b6e21fdbc8dded760a6f2f05

SHA1
8829ac8140f4fa407fcf1c757760166ab8b89c2f

SHA256
d6afb8d5510464ee78fb0e47545322b07b280f1c724d1e9ebd96dc6c1487c476

SHA512
61bf36547a34a8f40edf3428a79dc29c8f7949a6c4c4d2b23cbc6763265b5924dcbeb1c3d77319dee7868cf90fd9a315763e754cba0d6a1f7f0d3ba45d39efb7

Download Submit
/data/user/0/com.here.business/databases/demaiOne.db-journal

Filesize
512B

MD5
837a49cfda4f0e5b9e640f85d8cd9da8

SHA1
f84b36518cfa037a19c4a9c38c2ed979858c9dc8

SHA256
81b62e28d3ebf6a8ae1ea9b649eb9227da054e9a62beef14ff7946f10f0714a4

SHA512
effe0de07c09c2dba1f84d52c8eb892804d98feabe0d374adbf788852c81824bcc2b7877f12fc2ca994de88eeb4a273c12bfbb074b55cbb8134a5059f71e9029

Download Submit
/data/user/0/com.here.business/databases/demaiOne.db-journal

Filesize
8KB

MD5
96f3782c4638b1934108d5cba47fae44

SHA1
4b16d684281a320a9145475d358442a515261720

SHA256
02ed253a3c29e75159c245ee763701bd4fd0f66119961a389326560489e69a9b

SHA512
d525ea3d2c93b5d8ca1e5fc0a54bdfec014101fcc01a8521657033571df6ad2bb5993d46662c92346acaebfaf5a594faf0ee6d49b59040cd061725d0580fefc7

Download Submit
/data/user/0/com.here.business/databases/demaiOne.db-journal

Filesize
4KB

MD5
9bc3a1d78650a0174aeeb12612036e41

SHA1
58083bd15578cdc2ad3304d0c76d312f1d0de5ba

SHA256
35f5f0f5e128f5f73ab0a0b9205cb7d3591893710a58202d132933b7b8581ca0

SHA512
b0518d97373b20ae67c152c6ea28b4bf4a2103c3edb099aa61062131eed71010a06afd22570a2b433883c629e6c445776497143d3ade4a9919a44ea019c006d4

Download Submit
/data/user/0/com.here.business/databases/demaiThree.db

Filesize
80KB

MD5
565eb054cbb13ca67b43bbb2b7ca2e7a

SHA1
5d9b07d675eb7e2b9c01c310de92aa309c2aeec4

SHA256
53ebcaca1d4dfc25cfc7d459de3fbf4479078dfa01911469657970785f329202

SHA512
6c06c978513084fff2b17725da3429c3f519c00fc8ea489131980a9a15feecd6477e4ff794a7c9d0b396bb83dab328b6ef0b961b367d5e8fc95329797a3b0383

Download Submit
/data/user/0/com.here.business/databases/demaiThree.db-journal

Filesize
512B

MD5
84cac65f7aae40956dcfbe81fd7ac5c8

SHA1
4d5357deb9ca2f8bf968b694c2dde267ada8c2f3

SHA256
d4f4901670e7b9556e9ccdb29756a223ae091ebc25480b3ecb43eb91cb5bc0a1

SHA512
a404e386c999571b4e72316bc9a8d760c97f1622c41dc9981d38264f03c90d296c97606b072ab2e8d82d7be572403dd7aa4b0c94d4098e9ecfc2ad151cd910ef

Download Submit
/data/user/0/com.here.business/databases/demaiThree.db-journal

Filesize
8KB

MD5
6c9f442f55e9ccdee59b57c7bb6c9ed9

SHA1
6e80b00b6a08392e5d58682b93a0d4b5c263733b

SHA256
e394be3f7fe28440a265b643e8f9f41ccb71290b9651c83ecdf42b5427e3953c

SHA512
1fa4f713e38e9fd583dceffc3b78f15e74ba936fa4e7dac9935ba22d41b77877ef328c269ce0ee70e4279a597f64aa0d35f018adfc0a42c6ebc774a4cbfc982b

Download Submit
/data/user/0/com.here.business/databases/demaiThree.db-journal

Filesize
8KB

MD5
b0039c331f99df1713f505095a31eb03

SHA1
c0e44a3fc2ae19b2c6067e79ce77603642e7f85f

SHA256
5aefa88a560cdde2e917225bfa41b2fb868858ac55137c0e9456f791dd7e23ec

SHA512
34e495410bd926be7a083fdfba12c532f387d60725739c6709122bccfb6920599818e8d2d88876adf9c7b578fe2e9406a564970518afb145a9c25e93f695e022

Download Submit
/data/user/0/com.here.business/databases/demaiTwo.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.here.business/databases/demaiTwo.db-journal

Filesize
8KB

MD5
27780994ede0a631b07e20e54015fcd9

SHA1
298f9d5c01d8c487014a57b0a67567d4a3787ddd

SHA256
e0fdb4dd14de5c5573c26676e2f60db5429016fb1313fb406afc6c8c6a487595

SHA512
6a5dd793804d2ae3998fd4e30fb10d8e8b6de647d493e9b76021ec8ca1343968abbd464df06acdfb8501f9cec28f96c821b400f88c98c433be7ca6b5ffe7878b

Download Submit
/data/user/0/com.here.business/databases/demaiTwo.db-journal

Filesize
8KB

MD5
4247fb9857c8ac123726736d55b872de

SHA1
f29789f73d029002206b7d198cd96e012c3d920a

SHA256
3b3d0924ec22e99f00e8f3426c762ea7e0b4740b31d82b7a33fc009114e90c97

SHA512
a15fae2adca4db0831f64faa595f10f4ecfeaf9900ef9b721ceab0cc23eabd9a8b9fa093dcf97c56ac89d91866fcedd6e3d65450f511e51beae18cdc63788dd3

Download Submit
/data/user/0/com.here.business/databases/demaiTwo.db-journal

Filesize
512B

MD5
f55d77949d4bab47124afaaf6cf7503e

SHA1
b14c719e17d9deb32c2fb6a8808525ad97e5d333

SHA256
7b0b2913064f58b994a2cf7d868b6e9bad94053f9f2e75983d3a5275589c5d32

SHA512
389c728a3c77155e5cafecf939e5d9a594fe6f3b1424483d4207525a68a39a1bb4dd9e3d36be8fbda6deca2136dfe2037517b73910d726decd9953b9ec53cf93

Download Submit
/storage/emulated/0/Android/data/com.here.business/cache/locationCache/journal.tmp (deleted)

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/Android/data/com.here.business/files/carrierdata/1703355197

Filesize
379B

MD5
bd4638f40e80b5d1b3dabe3667ac6989

SHA1
ba04360571a7411ca5d30afcbced90a724d332fe

SHA256
ec839c546340e8bd340f77c4f567ad6fd01d85ab2682af69d41e826c832887f0

SHA512
379f9d8319d12c6117f6d9121b7ee7c5d81af51580ff9dc3cdaa501ef9b27693f737a8de52d3a3c4a1599502f85fc2533b974409cee61ac40a5fa32d140fe103

Download Submit
/storage/emulated/0/demai/DiskLruCache/journal.tmp

Filesize
33B

MD5
db57cec3040a80df462f78319e3350aa

SHA1
1dadb59525ff1c0832c5b041113864834d0c8c5c

SHA256
b1afaa915365b28c59afd4d21d1473f1b7f6918ed4981348e48999414282ce03

SHA512
fa6e39d79dd999662ac5704fd2aa7fc6bed731b0179e8b0c33264b7f9d07e90ba5125df7fb6f2e5ad413452bc4e44d57c0d91231dd5e554d15cdabef189ea0ed

Download Submit
/storage/emulated/0/demai/DiskLruCache/use_long_time_key.0.tmp

Filesize
48B

MD5
68c7a0882ad43480828f851f650a56d8

SHA1
f6b257f24126960df79c0fee3586956936de0aa3

SHA256
3016031a8f616d4d8252d7636804fb46a5ed9d745498f231a29d84a80fc66722

SHA512
c6b8907b65d5c1dac9132f662e642aba495c969df383bdedb42132d2917ec962c580845a85c8b0ebaf2d3655f9da1d456b5c2a778d9db7f084d70e9230aaa023

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads