Analysis
-
max time kernel
2561723s -
max time network
155s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
23-12-2023 16:37
Behavioral task
behavioral1
Sample
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
-
Size
9.0MB
-
MD5
237edcb259907eadba2bf3e3367faaec
-
SHA1
0500812154f98784d127f7fe4279e0f6a0afa1b2
-
SHA256
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6
-
SHA512
1c27c5c305c9a9691b037fe4182d7c903c2afcc904a9b12a9a872617c9316a862d1a759cb6ffda347ecbc4ff82b5f4e9f07d4280b32c5cfeae55d10ef2b81488
-
SSDEEP
196608:RSEwEmhf7vgcszqU3pAeGY1UBWzmlY1LasfMbT4O6dhiU1rrsOMgXj9:RX+ocSqU3pAeFEg8QfMsdhtrsXA
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.ziba.tazyinekeik Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.ziba.tazyinekeik -
Checks Android system properties for emulator presence. 1 IoCs
description ioc Process Accessed system property key: ro.product.model ir.ziba.tazyinekeik -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar 4260 ir.ziba.tazyinekeik -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.ziba.tazyinekeik -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.ziba.tazyinekeik
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5a78ad7d-4485-4e1e-8afc-650d49ecad12.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5bc55d90-fd91-4ef6-be19-6e42c84a85dc.jobs
Filesize278B
MD5ed97c95fd0ec4e280216ce3165d220bb
SHA15b97cfe5b7a2e1e0551743618e0d7f2341357840
SHA25616656c5649fb8a644c9d7ef5d2c5237d1464e323b63aaaab1f3fc3e007322f8f
SHA512037e6282656ec2864166e5d22769b879bcb8497524fc828eca4fc20f65064581b692cfbc748d750d08627f07dd7d1c4dce923aadded4e4b87c8da56ebfdce55e
-
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/c7c45598-32f5-4436-83c7-967386ca78db.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
512B
MD55595171c85dd4427ecb2ae2fa387414f
SHA19550ef36bc6ce8a7fb5e611640c1e0747ef53f6e
SHA256435409c30370cee4113bb6dd0f23cbb76e52348c019030060e4e6293d8b3c081
SHA512979d835f3925931293052b9822c178623e290c818590b7b317579ce999df1b442b4bb5ba844e6dcac3cf1546ba3bb398cf79280ddbabbd22e75b50732f3ee7b6
-
Filesize
36KB
MD5333b9702bb276d037729fd424c9ccc14
SHA1e5b75d378504ec1f409a4334ff1cfd6df1925078
SHA25697d4ae6e06b82332da0b3e9cd84eb2d7d9aa0cd3de439b3bab2acb1014979489
SHA5123f8205e57d146f100259f38eb9ce691348c0c4374ce056dfe1076abf322f38537820c81d0eab64f143c069e1d0c1d6a897ca790042d511532db1df3ff7b39293
-
Filesize
20KB
MD5c017eebb857433b00940e59685c1c19a
SHA15a309240351821c2bd9a2bcadb2c7814061feaaf
SHA2563f12d5bf8c9c8cc10998362f83dea0c44caadac80f71097977726e18a219e6d9
SHA5127d1d2670b90d8acf439a2625d8fc013d802eca7af8047ff31b0188f182d91e270433e77c70722be288841862547a5d97bb9a446262d077bab6a88212aec437cd
-
Filesize
20KB
MD5a5025b2ad59d3401c225635f5a61009b
SHA13a120e3cb7c9131e93af048c9beaef95a1b662d7
SHA256048fe6c627a3a963509a726148e9c42d7225e1256ce86878084de02b7f9fd610
SHA512d952dfd36df207c66b7590488711198f5c7e6112f69d5b47d1e3f071decd05150547b731db25dfbd3d5fad5dedfa1b9ac3dc758cc77ba12515166bac3db52243
-
Filesize
20KB
MD599c453a6ccc716bb9c62b604e09a9d51
SHA107894a4b5c57a6d104593e6d248752737d795ad4
SHA2564612028ee90bbbbb7181a51a44f98acc338c3e49b8777dad89eccbdec9234e64
SHA512e35d92d3bbfe3840723dfdf527dfa191f8e9d0d71faae4470e69a1d51308d9af246e28265fd18050f448b414d6ad90b17304e56540a0374102d08d4d80c3bde9
-
Filesize
512B
MD559dec22c3ce7fb9ab01a99a6458c1989
SHA1249f585e2ab6d0f0a9815e10d22d0fdb78730c0c
SHA25621f79cf621c4cd73f88090d32cd9fd90d28a1a9a5ceac27ec28c0383e618fda0
SHA512817b54feda3556090520c0452621f1f5d23880d3ae6672c98a0109da55ea2cefbd6f7653b4c6d7d8bed70112c95c72ec3132a1373caf0a8b3cf4fc681fd58992
-
Filesize
36KB
MD52482d843523c3e0002622ee5612f59a0
SHA100162074166d7d755b190a37bc577f00d46c1a39
SHA256d7b6d04824a5c73fe8ea3e4be9e8d347a04e144ca130708844082c3ef8dc8d21
SHA5126346fea238a070d627f415a574228db0598dedd46086d9b674541520a62cd2cefb586e81fe62c5f7e044bb089f706ec021ecbaa286f883061955af84711867e6
-
Filesize
8KB
MD567a7f46e45ac477a61b22cef19da13a2
SHA19a6151546fcbfc8b8d999c7d7ec98232db284c76
SHA256d84537c4f1727378322d26326ec986764eb921bb39c37d4bc251082f1cc8a807
SHA512353ff669c71e916b03a86f9d17d03de537318bb2fcbac9c1dd5652834f40531b1d8e73f0dfb1e81e800be7e127b0963316685f096f4fd81738508ed69184f282
-
Filesize
8KB
MD5ba530071f3799c80172af2224cb6bb17
SHA1360652cb999a219a908d40b5b4bc9892ba9f3b9f
SHA2562e8f190d972f70e7c4b13cb135ebeac8e5c36fad377cbe674dc9a6c707a1b5ef
SHA5125f9bf95fdf814e0816324db3b11b63bf5c7fb8f96c8129647bb02b20063212617427d281206c382f3c781578e5d3b3a01d33ae8a2c1916c0bddc626925716bf4
-
Filesize
8KB
MD55536913ed9605d70b12dc7f7c3edb48d
SHA1003c422621fe20d398cb9b12d7c52032f3be6f8b
SHA25673236e084647b7fc2dac534946658c9b8b3e7da65af14c6ea59cef47798cc478
SHA5124bd2b739a73fb3017ca1b0846b562a1ebcc853f0dffeb693d7e0a7fad6f8e263c75299789c55a898923ee05698a2eafb64b3a7e15b0b293d1c5c5c6da8e7e2a2
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5ee18b95584687983f48a103043f89af7
SHA10a60fd15dadd41e45798061e975e01d0dad69e24
SHA256e8c8df4f2da3f4ecaebeaa84757810cb322032a69154df49f441da5e4303f364
SHA5120a13f80d8614d4056c132119964320c3de55036e36f6e123b62b97b8ceef2959b816eb8016be671c88bba6f4dea50f67aa2b5c767aaf31183d5d8397b3cc8e21
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
76KB
MD577c48d1639e33292fc9e35babb0bae5a
SHA100fcabbf4715f7e8e46ce1bb6caf4d8ac842d021
SHA256ba0fd6deac816c5b43317fdd9cd0315e55d7a9ac9a6b4530ef17b4a68af4c1d1
SHA5120f1157047395c742d6e599399437efd5eb410acc23de55ed85d27a19d433c6b49ef3611e26929a612f881151bbe456f5756735f430f5acc132043a11b685d794
-
Filesize
512B
MD539782db4458965733ef525cf2e5c7efe
SHA1925f14f21b569594622f9f949c723e60394ca380
SHA2561e86886c830bafa193a83b1fb3231d16e90341f69c6f2031838a667ca200c5aa
SHA5123a22262fb4709364a1ea9d07f75e84ee68649edc37a0e8b340be7b7f5573f388727d90d2d520c226256ac8ea2e91c30800d1a1f6874b5e0fc08292faf20b1fa8
-
Filesize
28KB
MD5a3c3b67385ce09172617424025f3beab
SHA1f845a08e9ee1312642f21165e6a194ecc0781aca
SHA256acc22c83f2c153f785fd8b51dacef63764044a7dea00a1db833bd65e4947f3c6
SHA5120ed8565792567e701e111bdc7aac9b0ed731085e0935e656e0554a7d1b7fd36c68614aabe4a707846b2d151948502933649c94bca01bef8b765cd36db7d4d8b5
-
Filesize
16KB
MD57e423ad500f819d00a2e29f8c64d8452
SHA1763c312a5a293aaaaa70d5db60a0d572654a7b91
SHA256fa7d1fa1f2f01fe19fbce92f8e1aefb0f907d494e94221ec7d98e279c08fe03a
SHA512dbfd72a5312228f82afd918e1c876213dea33fba712723541c543b74598e5c3065a6f36baaf12be054f762c3dcf077a82076cf840b86903bb282f126b9572035
-
Filesize
16KB
MD52e9fd6bd2f240f766511989b9fa40081
SHA1dc4314c1bb5679aa0b73b75a3fbb09b9056420d9
SHA256985ca6247162dac16a1ff677576c119a5872199957a7cb550f317dffb6dd7bee
SHA512408bea326245aa7cb652cf1102fc3d54f444684a94ebae29c42f7be1fdc8b54e1a4e67c901357a58ab61feb154131858a6b77087b717e3e4a043052aad52a1c7
-
Filesize
16KB
MD52f88d8c4da4a4d45e76a2842c024683e
SHA1367b436d473fda9cafb314b1e22318ebe4fa5f83
SHA256053cea9ff03878de923d75174169657dd13f175306ffdb19228fc40380ae62a9
SHA51223feec082dc3f72366bb60e99e7387f94e19a62825dba1c3f4814b6ecd53ae46cd98bc35739c470bcf09355ffb898443a6a0f7d6d5638f36a3536efd333d8042
-
Filesize
16KB
MD5f5aa5d097808e00332382c5665dc832a
SHA1cf734f884be8a061079f796de22b8b5cbd982764
SHA256c4f4c0624aa4e0cdd03352d0bf07ac7cc550efa98238ec3e8d0dffebd5cb253b
SHA512f2374c0bc00e19040ef55cf358e697681dd838dc037e53b30bc35df89caf14eda712e95ab2f99f9ce8289ca45570471ec96872d530f68e0a34ba2acad3d1aa6b
-
Filesize
16KB
MD5720589f0f2f8201900329edafc42a113
SHA13dfa3a3e1bc6f006b0488abc3a0143af6abc1c27
SHA256543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59
SHA512bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea
-
Filesize
4KB
MD55d00eb1df1130da78778442f79646c68
SHA16679acf0973fa4ee95bba1f267c8e191ad53a40d
SHA2567c200ed5a2bfa5f1fb1da9f8040c59bc162c52aea20902c7d239184834c29e93
SHA512681655ad1418d66ca69470a52c8821dacf618ebe33022719cf9fddebd10146c78669efea5ba1529722f29c340407113dbdeab7cd6ba564bab90f2e380968d655
-
Filesize
4KB
MD5a352699aa81434f32881c756d3fe8b44
SHA1b05e40c4640e3b7932f6236d340f23d158375633
SHA2563cf0df6fcbb25cbeafd66db1835abc56b23aaf59b418bed57840ec91626168ee
SHA5120b673b23199e1c4f3ed5898b1cc58964d9468dff0c9d27f189605f4c17c06060071a7b943445caf0001e7c3d897d0f50ddcd1dddefbc8a9baa4ffa8ae84366b6
-
Filesize
4KB
MD55ad92207a6679fe36388c18919414382
SHA1e6f9c4111c64dbd0fdc0b4352eb7b7637ac4c6a3
SHA256bb3d1c9cdb6fc8d42079b0da395b84025332e8735acb247767a7fa8c1068f71d
SHA512d15db1cd548a4e17fa4e2c70987649386a9aa6cac764a8b59f233fd2a7e7b6113c207577c0989e00ec0365b9267f45ef71d41a5d6d438b2041643e0587e97391
-
Filesize
4KB
MD5e9ac8a730d77506e4f4b7c180a7fc293
SHA15b679e754d437532b65dde8eb2c084cf7d49a3b3
SHA256c15534ac219326c6e37aeb0593edaaf6d3c66bdf64a36400675a3eb77af63dec
SHA512a0d61292f6410b525c94c39576c2ca585108b1403ee91e8665678131792b9ef49ac784e72641b271bd55ed8b8abc1bcbcec44e5f07378f5055405729b2a6218e
-
Filesize
11.0MB
MD515ab3f45e1e77608cf4864e629731005
SHA116fbb984cb68aa76f711eeeb32e322ecdce1bd3f
SHA25669c091e8114ad50df9b677c6f539687783601e42a4c8f1e6609c1a7e257bd5ad
SHA51262ca6243e638003f9f5e4f4800dff047db25160ebed2c36bc8a2b3e0e53361cffaf2ac70fdec3dfd10d668b03b51852b7dbb672015a7ac1ce6c310d61ff58540
-
Filesize
1024B
MD5b7e7f73b312ef5559993d3be7354dad7
SHA144d37729feeba9cd8f1fef480426d8eb5c39e7f9
SHA256e7183fe9a94c426919cc31c1099e80e762e21305dd257edd942f4f9aeb7a9f02
SHA512bdf7b45145b76d011c953a7430b7dc42ae5361cb92595059b5058fce79849898e57f1fc7c5eda1f60130d0cce9b67941243d8577c30aa3d773f700787e2b0afa
-
Filesize
1KB
MD5a6ce1fc9f6cad258acaa20c85698cdd4
SHA14c9bdefd83049d6ed92ad25f83b01ed245a22920
SHA2567b198afa5e56e624677ea2387b620d5649f9ec093fb5e6bf06e152a158083d85
SHA51200b1616963b5ced96747a7c1a9d0e34212119214655d36cf4f11120e320e5940515a89a007a4b5937dc6783f5b0ca613ca2c6a9cf0713f481b1da37a95cda06a
-
Filesize
2KB
MD5b3ee133392df515b5b67da540f687e23
SHA1453690f35d1d15caff8b4b43e8534ac356153942
SHA256365e375073ce492d908ab48c66e0a3492221bf3c3f316ff160a223968d4ab61e
SHA512c7d422e1af4e09161c2cd0c91500f8bf87514a478d3125b124e3f9ff6cf51cfae86b5ff7c90ee39a7421bd1da03d0a8cfbd5f25a310972f124f83963856e7c82
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56