Analysis
-
max time kernel
2549604s -
max time network
164s -
platform
android_x64 -
resource
android-x64-20231215-en -
resource tags
androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system -
submitted
23-12-2023 16:37
Behavioral task
behavioral1
Sample
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6.apk
-
Size
9.0MB
-
MD5
237edcb259907eadba2bf3e3367faaec
-
SHA1
0500812154f98784d127f7fe4279e0f6a0afa1b2
-
SHA256
4cab76eca2421764732450a3d28c927865e63b1c1b0d099bbd6f6dc396c938a6
-
SHA512
1c27c5c305c9a9691b037fe4182d7c903c2afcc904a9b12a9a872617c9316a862d1a759cb6ffda347ecbc4ff82b5f4e9f07d4280b32c5cfeae55d10ef2b81488
-
SSDEEP
196608:RSEwEmhf7vgcszqU3pAeGY1UBWzmlY1LasfMbT4O6dhiU1rrsOMgXj9:RX+ocSqU3pAeFEg8QfMsdhtrsXA
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.ziba.tazyinekeik Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.ziba.tazyinekeik -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.ziba.tazyinekeik/cache/1582435991586.jar 4958 ir.ziba.tazyinekeik -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.ziba.tazyinekeik -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.ziba.tazyinekeik
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/1f1923d2-1152-491f-b7cb-e12c33090c6a.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.ziba.tazyinekeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/da7b72c0-a528-4824-aa03-1d1adcfe793a.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
24KB
MD5abe9fa56c177c65db8c072e6d81fc41c
SHA1abe9e9bb6f7294324f549af4435f58578ae69f2f
SHA25653f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a
SHA512bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a
-
Filesize
512B
MD59a5be5e2ce75f953c110ce459d505f2b
SHA197238a9b9e75f127fa0890de52524bbf313c9f41
SHA2562338da19d4e51006047851717d31093784895ff6ba22761541594dee9935186e
SHA51292c4111b3ca633f18e516be7273785221615ec688cb7d8573d107a1f0f151e3f414b7dcd1ce4a4da1212960e87b86066a6fc9e8373688fac7b72e7a1cafa31d4
-
Filesize
8KB
MD5b593883a38b8ddb46ea6bd17be6bdaa5
SHA13d5d934c7cbb89fbe41df9cd092a28f3bd603175
SHA256b286cd80e2a70ec0fb191232d671af4159be0d60ef793257ed138b69379dc8c1
SHA5125f980831d640a118a798f766aa63c667ec9145b7c0984ecf5e1c20cb9994882a000f96f1e82a4092a5242a508bcbdb2a660e5e0da461319b11ba8bc710b398d7
-
Filesize
8KB
MD58d53694c5c67a6bfde76656cd31178d5
SHA1dd0836ae34ec2f444d8fa3d2c423005193a1a67c
SHA2565c0065c8123b54ab6d284f795771e0fbafd0f5b59a513aeed776e5ec105066d3
SHA512e79ca99190e735e031d751dc4b996b14edb98b9924a7faf6c7863b9e05cdb88d9d71182a958e32c4ed4d87857cfb1707966f8d9815eb5b79244008a5be493fa8
-
Filesize
8KB
MD52b87024c384eeefb21c3f463f03459cd
SHA1b4a6ba1be03fadcb2db20813b8bfd991d517d89d
SHA2560805192787287e3417624430c1271a523057a635ac3ec9089ebd9fdefc87cc52
SHA512a0f0c134a9981557f67a7a667e3bfe0256272588613c420e9ab62f205f502f752fad96ccd4e1bbfa2627bd87626e5282142abbd87e7a3a433c08afe7e0126a7c
-
Filesize
8KB
MD59ce8721dd2f15c63e63f1333690b16a0
SHA10abb40d79c4caf4d467940b47168d0c42438ece2
SHA25691b91baad077ea7136500c8d1a6f0f14e77a631fe210f4310ddacbb7dd40fd5e
SHA512dadb0d298f83ea64253135e4f953e2de410f7c30489b91263881b20d9dafcfe3f4351bc4a441e778bf8a665a25540175ed3eebe3658cefbcddbedc86d166f5a9
-
Filesize
24KB
MD5259a1e4e7ebc4b0d0341ffcf0c3bc2ea
SHA19b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c
SHA2564f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1
SHA512dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313
-
Filesize
512B
MD598482ebe94fe4349934477b3325e7955
SHA17217a32b6172f47ebb2b6b4b447d3b96dfe7f9c6
SHA2562c53ef8fac0e99c77b350256affb8b7d80388fcbd26911057157cfade60834e0
SHA512c1e709ae09650579c914e9159ebb830ff0aa703859df363143e05cf93f6bf5ca523cd7c3d588887f7c7486bf38dbbb571e8dc03da4003cb4ec0ab6bb237cf51d
-
Filesize
8KB
MD506e89ff7ae145acc4ff6f9fd86a867b8
SHA1fd95be16caf2ab99599450c7787bdb26c007afbc
SHA25664276bdf255e0ff5a70af8ca2276b2caffe96d86d1cb76ca5e73acdb75a71e20
SHA512aa5e140239af5f8587e56fbf2c1727ad4b30dbfda7c6a69447011d92cf8126ae53ab29a1c039586187d3f6964c17bfded1102cd3881e8b562b2ccfae842282c7
-
Filesize
8KB
MD5ce6e3ac4aa887b2ea681c3e55e735849
SHA120c54bca337a63e24cda6ff8f9c1b6357a4c9751
SHA256f4fa6605f5d5b53f97592962097571eab1952aaf87e90863582036009ef63458
SHA512441946cd14481e9bc6c443cee6ba1ea10411e57d2333c1e28e90168074877524b08a2c2fcb78f02fbfebbbc644f66df8102938c2111f2182b9cee87626fecfe5
-
Filesize
8KB
MD5f9e4391e61df5d782f2a36edb3ab63b6
SHA1dc970343ca69c2a193c55898346d12fbbd926d63
SHA256faeeba264b47b2d0c1a7dbc5026ba1b1d11649a56da11e445b04df717f864336
SHA51293f1ec462bf049489fb8865d7d1ed06210f3f06e938e1724957f13a57cfacb614f02fde4a61c8460b6dec9d454491e97782347e7890b01e84eb3326edae4342f
-
Filesize
28KB
MD534b48ef784c6d9d3c7d10336840754e1
SHA182f7faaf217b515fd98ea481aaf5c2bb451d0573
SHA256344c731c20a2a54f371b714e96a983b6ca82df142a6c2d623c7f781cbbd14ba3
SHA5129157ca3d54204e87a9ec24bd55205fb10712914cd4997959e98f04ceece124080a0cd1dc8041adf809d0cfa40a1a6dbc7b546af133aa72d2b138e8797adb6a80
-
Filesize
20KB
MD576f00175d136ccb8adeeb334e557ce57
SHA114ad294e3141fc5686f7bd2c8c826d37868fa4ab
SHA2560c785b0de31473b369217b75fd0bf95442df045221aa92b25eceb4a651d099ca
SHA512449dcbe43f29de838baf870c6315151b481c581ada1f3011a3ec9934e3262377c89c3d0b90e79927cc35cef3e19c4b31badf96ac8bc5a7592e90fef37ce50ef2
-
Filesize
12KB
MD511b81f32db68047c72327b60a74d1a47
SHA1418484fcdcc85b5abafed6b86aefe19c6eae4623
SHA2566a438fa58937d8f85240e05349eae78653269344985101b7586454e440568979
SHA5121d6eb80a0311b212017010adf41af4ea56a57ff5706d7afe017d42851f5b08651b7aba349202a6b8388bd6dfeec22880800e52ee883b46c5069870ce8390e274
-
Filesize
512B
MD5a6141a50c0577acae1001da29469d0f4
SHA17c7c9695c21356e278498e882253ef3b7a7cf68e
SHA256b5a16c728be034fa1c24b52b2c78dbffa2b0c2f09c1a9dd26fcaedfae80028f1
SHA51201b2954c00b981f705e60e885aa46881ee1b2b05aefd3a2d58e4c516833d4f94072597c1f54cccbbd7427be297935497653f788efa68ca148177d592c872152a
-
Filesize
8KB
MD566b26cb1cdde4cd2a975d657ccdad08e
SHA174e32805b489f2e642c240c0e357c2259879f9cc
SHA256882df2d52bba50957b9525292bbd0d64841e42ca1fc659ceb087abedeeceb145
SHA5121aa9b2a659f96e6f4e75a9a8b3ac4997b991dadaab60fead6e2aa74d87ead1681d98aee234457665a7e03fbdfc8b12316519dbd981db550bd69a2da934aaf9c2
-
Filesize
8KB
MD5502c7722ca697f24abb8c00e5437ea12
SHA11979e8374de3fd43106055c9acca0be0d2153355
SHA256356327af13b9f3b62b394851bd3c1aeb25b032ca725d9404aab3e56993799a00
SHA512f0798407ec4b12d551e78d40a366006f1ced5bef2a18e6ac55e928d943fad7ed1cf9d3a41167e6d608155688d43543f08abb85f0e06b8e303eebccdfc37bb8c8
-
Filesize
12KB
MD5f40bbdfc4dea927f4c7429736603f2e9
SHA1bbb80750c47f570a474f122812f45e741da50b21
SHA2564b5aac2756fc86b89fc7f326d2b78c4920499a38b660e3f3f02456ea6f65c65f
SHA5126551af272803761dd60192ada8ac4e2db33d00fd4baae9f13a41731a20cc85e4d9701cc9ad840126aa180941b66f1a90f077da33408d540733eba6ebee2936a5
-
Filesize
8KB
MD5379c8b06731a7fa1e6188cc87a4f624a
SHA1c166899eb685ea1c6c22f1ddab11318b676eb471
SHA256281bdbf3d63501bf454d5db411ac12467ecfcda6383412fa3c4c2382e32ce44d
SHA5128812f4a3eacbeb99ca46332ba6ae96f7ab8111f5265ce91a9abf8a56371bf9d7470d5832a7bb2fca7fc06bfbc6943954ef23322b3d91418e6c9ccd9e1aebcd3d
-
Filesize
12KB
MD5ea628e04765adaf4238a5dcdff4bbd51
SHA1a801947619ea8c368efe9c006a324dc6339ac60b
SHA256885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe
-
Filesize
16KB
MD54e29636f779a4b904e580737d90ee68b
SHA1e6374a8748bcff7c0411faa61cb5560e46448762
SHA2564be74f890be75e6c9e7e6f8582469f995cee050378a4482b23442cf7f683b453
SHA512a14f79c230bb8c53de45e1d3d1aa4e26261e35df01c2907fa6a0919519fdcbb9b62c4ef035b6ce623d25fb8a823982a00ebdbff549886600562fb6d9fdb37117
-
Filesize
16KB
MD5f1a299f4769577b96c959eb5c0d382d6
SHA1d01ce5258b4fe598b65bb05a02228f38171103a4
SHA2567bfe58e0eeec7156e4a92cf5b92ebf22fbd216dc94566b2860d208fc604eba38
SHA512bb88771832e91964e748f9df59df5123612cea088a7fcc521efb4efc8c8166b96ff0f985f25c443affcf80a9ab0a746d99dafbc5815cf7e63672320efdf5bcf6
-
Filesize
16KB
MD5e638ebaaf86c48cb2a458f600167582d
SHA1a767bc5ca908c16603b02947a0933037b8340d0d
SHA2562ce2c6d3d284c36eb588893de1b6ba297c9f24eae3aff04d3a61dd320d42104a
SHA512d425a329b681fa54c9c65bce1e2345d1021f5139826436fd79fc5e6548653829776e3e5f4e92679055a0e377f36df017e6a1a1108a8c06b25be06b8a07c60139
-
Filesize
16KB
MD50e7261129632f194584f57d97caa7088
SHA1bff4b0fe3d6c83acc9dcc1eddd4a12fa5a79f26d
SHA256f95fde9d39c488a5c4ebbd1c045a5a5f66c95260fab265003a59fc5de3ee0d0a
SHA5122c1ec1bdd3f03d30c50ad9623f43fc4c84b942dc14c8da420466e6c8b045d88bcc0079b8003c54663d46031157810a8aefe7e82d99458a6d9d350a03784325f5
-
Filesize
16KB
MD516d25bafaad6d158417c16a475df3342
SHA119f5f3ca61d8e6187df7e380d2101d29617b6096
SHA256fdf55fb5d0d0c487f44f35136c21584ba466445659653dccbf647d68b789d051
SHA512f197c7ab1d5fbe0baa123a69dc07daa3b1f5e083993745fa190547601ef4109853f6476efc9ce00cb6d5ee60f1a204157be5081cd312b93caef3dc97574fbadd
-
Filesize
512B
MD53b1c9b45033afaec33e463f25e5b57a6
SHA129627235abe4539da159b93bdd2bf2db9d2e4e1f
SHA256f92392ddeb0830eb6b4ea0f4f3cb52b286104a4e309e028a7f87d9d9f91114cc
SHA512c80d9344108f25dd14dccb0a3acb17d6751893c40374e3c0d3d7cab8f9aa8a5174bfa82d58a572ca5eb685865a3ad9603a033ddb404cd701111c33939851384b
-
Filesize
8KB
MD5f8e417f4968bc76b2f07d0a8acd5de33
SHA120ffe5040de831fa609c0a1bd752766e799d0206
SHA256e7ffec367c802bc3c483a370c75976fe6bbebbec6d07ee30d45cad45ef285fcd
SHA5122aee00687b65b9472d741c87febaaf9260a9894135a8f1dd675b7c4b16aa32cd42915e1771d59c85030e03b440c4b08539a9d200c9a3a77079f3fdd8ddacff8a
-
Filesize
4KB
MD5c5381e3f039985715f60cfc3f61cb504
SHA11db6d433c69939f4f6b1e103f2c92c98daa87c15
SHA256fde750c57223918efe688a214e0bcb27f5fe44f06323ec26f0c445e845939083
SHA512e972c032332b6909fc6f627fdc41f93b6ff1e820083e5d470cc066d7391bf06979df54e8c0a8ff0d27e74e36dc07fd3de03cb4bbefd8a61ed555df74cdeb6271
-
Filesize
8KB
MD500971f30880618267dffc3c748169fac
SHA1d24d0e21ed8a7d9205424b4febfa3ba0cc0610db
SHA25658847d4d2bea18acca63b2327265016a7d13c05edc9b80f676915f5268060f97
SHA51238e022bb409225e694dc0e3c20411bedfbc9eb13911e55d42ac32040f9a3246f4dd978efd49a3311af15388e8f1ebd127094740ee4dd1bc6a90c277085255bbd
-
Filesize
11.0MB
MD515ab3f45e1e77608cf4864e629731005
SHA116fbb984cb68aa76f711eeeb32e322ecdce1bd3f
SHA25669c091e8114ad50df9b677c6f539687783601e42a4c8f1e6609c1a7e257bd5ad
SHA51262ca6243e638003f9f5e4f4800dff047db25160ebed2c36bc8a2b3e0e53361cffaf2ac70fdec3dfd10d668b03b51852b7dbb672015a7ac1ce6c310d61ff58540
-
Filesize
2KB
MD520d3e9753cfc4cbcf60acf1790a71802
SHA13a2099281a52af4d8542d065c958e1ad2f4e71f5
SHA256cb2f1baa6e436e93202287910b3bc692e80a72b747bc63b17e6ccb8127c42dd3
SHA512d8586ca3dca1f8a157f3f1ef7aaf45d22b97234bd70b50c91c5dc2c26a0b2087ad4713695382b78a236f7af131a8c62637f5e285b47860ab4dd8cb19c36c0c4a
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56