Analysis
-
max time kernel
2566013s -
max time network
135s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
23-12-2023 16:42
Behavioral task
behavioral1
Sample
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
-
Size
8.7MB
-
MD5
ea4d865aa58070491fc68c69d33ee624
-
SHA1
fcc569109747ec01c69351afaf0be08f0fa67f75
-
SHA256
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b
-
SHA512
dacbbe311d6655f401b4bc7715fe5616347280dd3d644498fe677d6e92be758eedd443bd1f7bd0b4f6d06cbc904b9dc3c799f7670fb5ad8e2cc24429ec3fe0f2
-
SSDEEP
196608:q7Z7iUB3axSzvsg36Av6DrO8FNpU4gtqMdhiU1rrsOMgXjv:+RXvsg36Av63OYpdgAMdhtrsXA
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.sibsorkh.gazakodakk Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.sibsorkh.gazakodakk -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.sibsorkh.gazakodakk -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.sibsorkh.gazakodakk
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/08bf5dee-fa90-41a1-9c68-d042e17eee38.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7e215f45-8c66-4dd4-a66d-1b86c88fc582.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/99e8e56d-3af2-4dd4-9212-28e073951093.jobs
Filesize278B
MD536f56df99be3af6f1d114d00614ef3aa
SHA1ea54693310a0388fcd0bf11c3794b9744e17d1b8
SHA256ac85010a3c1df7e3df34717557f5f14e889695478567d9aa8716a832e0351749
SHA512d9273fb25fe531b46a8c8b3289a26bf70bde713782d301f4c235aa764ec9e6a001570dffe6a5029d78d46eb1dde30db3d9466c04d7448636462ce8cf03ed8850
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
512B
MD5ee2c96112444ec1c141d653ff04d1f8c
SHA1be0985dfc005c58b5cd5ce49104f5d36f02c6a01
SHA256820f2a25d7b23a7c3a34c95b615c5782a654e7a4cde4f34aac1ca22bdca2e6b8
SHA512b226f389bb4d24d215b5a8348e4588abcbb6aceed539ba47d1bc947af5badaa8c3bc666c7b111bf1fc9e9f0f3890f40ca03dc1f665666b81f0551afa54708aa9
-
Filesize
36KB
MD5618bbc5473ecd79b4189a01be02df8d0
SHA1088191366b8369a19507f487a718313c9cac7a9d
SHA25677472c3211df9275fce349c4e4c6e4956b930c5ab7e7010450908df5f5ddc1ed
SHA512580c9d77250e5070e122232bb52d607a7559e78c268e8aed42d604fba44cb4c1e5814cf87c304971ddf0f0bf27c29ad38a05a63a9fd96a9b7da748a79daf3272
-
Filesize
20KB
MD519cf63590d08ca8c35c728d06bd5dc09
SHA16464074e8f286abb866ad248135deb22f623a9bf
SHA2562264d4e561801540a60a967833ecbc757dafbfde94d4501bf20cfeb1998867ab
SHA512185ba20d370fed9ebb745cd7f100b2a59970e1df766dfc2e807f21008c47704fbcfefe16625695ee2c07a831432b958f06d5fbf8e7f21622fe754b82845bfe77
-
Filesize
20KB
MD569370c01bfd0e55481ac3213927c35ef
SHA1e65405f3812cdc13c38e04271c7be7bdf7013048
SHA2563edaf87cadcf6ac47dbf10a999d0a5b9962e07631776cdd08eb685bf30934f01
SHA5125f96b138cf85089a8fd6c77d08f712e5b252db96ec260cde624e9526cce34d16a972e6c0cc760001760f7637aba7df46c3029ba76e2cb40ae9b4712f2ba0ffa9
-
Filesize
20KB
MD587bd9d3cb4105fba015a75fdf9de298c
SHA15b29d0dcec4035baf1eb35caa719760346300ac0
SHA256b5677bbd5d78dac80837f71c3c6d7e177ed60a5b3b8ad2e7e0f85f5fcb3e0e30
SHA5129d07cb3cbc5a063371dee1a71e3e3e28e77bbfa56deee4344e4dc0f9fba07a612122514e2a60ac093c40521dc0547090c0608e14e8eeab65e54b048332f5ef29
-
Filesize
512B
MD508a3cc4187dd1344b740fcf3f741227a
SHA1e884e595c795593d5b40019b6f711368da31d681
SHA2569799b7599eabb9ddb76d5ba55fa75c704a1a398f93ac598b9ee1f02797da1219
SHA5120a355cbcc53fe7a776ef4d065622d8c6de57351f0a6df4760074b4b50a3ff7df22104e8482851f84711b4c93f307357f34109409ce56ee821032ec66d1c1da7c
-
Filesize
16KB
MD5d87e5f703ab197bd96db03aaf0a9fedc
SHA1e3cbfadcf9df79ae55febe977e70b78b3d2d7321
SHA256061694fad78d7857853311d22ce4612c2af8495bd989ad957dacfc82c6cd7e69
SHA512fc77023e5b6d0e23473a4bc78d1b20d97543d5be53a9446ff4420f3f435bc332924f08aabbd6f35666f423ba8c7643715373f12489f09abaeb81b197c9473963
-
Filesize
8KB
MD5c936f2dc0360121a9b2c31b7351a9552
SHA1bf365a91f77cfb5157210c1464f07ecb32253d9a
SHA256984f7ee63b0c005fe2b24b3eb14205bb66e15730657136e735021c7e4275a80d
SHA512d0f924ed8343c7c218eb6559f1fc00acb1e293c0e9a2baada30f831f8ca9ea49fb7eeb815fc205d235e92472def11dff4ccb3b41e39452eb4d4a01a33c47003e
-
Filesize
8KB
MD5990cc502c304cfedcd47b6a8db7ff479
SHA16a4c379dadda35246fa1ebe08845822a1dd50185
SHA2562eb1a066fba761d6b68611db55aab63f891fed14544dafa07775bcb39c916398
SHA51236929eb660db9f66158b10cff8fe34170c9388bdeb2988bae5763321a779f6d57a1de3e56650141e264edca98fa5933aa85ada51259f9eae20e3902b03edebb8
-
Filesize
8KB
MD5b86fad7410aee8828de82c33a6bba85b
SHA195bb5faad49bc9754db4260206ca6fcced9a5cbf
SHA25670e1eeebecccd31cd1455497ebe9f42492c4987d7be1acb34dc7745777e7aa84
SHA5129adefb9e460ae6b7fecc97e24dd2c918e918b434c64cd7a9f522c97ee1cd200b899ece32e03929be2da5959dcd47f123e477a3984518909d2c36ba4ec9f6ce58
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5ff3ceda2f0dc741274bec3aad09da537
SHA1f80b355fbed271829c02000444280ea00569848a
SHA2561a3f3d495bf0def4399d872769ba49e548b8e302f22a8ac2f35e33872ef6301e
SHA5125705ef20cf4f06e7eb818b9d63990c4c517cf83d8fa8019b27e6ee47203f396e5844dc39dcf307fd23e27a39a53e124866418b283681153692bba56b456baf79
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
68KB
MD52b535ac3a5f953c73f7892cb51ea58e5
SHA1d6f1f315c378d5c4edf588f4273233ecdc7cb12b
SHA25676fe77c4337faa7173699750a93960e27596e5e8cb90497a6b2d0f71d43ccbff
SHA512971e7b9175ab34e50d26a7ce260f95d3229ee9922892812022d44ac16346a65bf9729301a4be615ecfdb4608f0938a930d0e9f1a8fb5d4221653d9e410b1e661
-
Filesize
512B
MD519361aa3442ad47371375e1640360bc8
SHA1949f61426f53bfc4fea71befa30a5d9b88906a1b
SHA256fb204f441c78e14e4839a524f8db52edb28bb9ce4a9402da9c446cdf4461959b
SHA512582150cb02b8d782f378ccc992a6e2da31996d3e0adbf6eedd1050ae089937971f47426ffa1327ab6c91b10fab8239c0a33545c40256cf16a2a4a4b3272394ef
-
Filesize
28KB
MD59536dd0efa36ee05184eaf0a888f8ff2
SHA10711cead772479f9eb9ccbea4b3e1804895972d5
SHA2560ddf3144a1cab541b49ab926376bcac683414a08249402da2c5716200e337bd3
SHA5120606d951e75b3cad5ca6da37e3b06a1822424aa8397b08e1374d9f5c353d3fdee063fb494a902a61a9326e099c0665fe5ab83e7281b819483a1ceca017a89456
-
Filesize
16KB
MD51eccb39db1d796e642b434a8f3f64862
SHA12175bae7a807d782ae87db8d0a1c32a3a65c42ec
SHA256411f56952967202404fd2721dbd6e3e5a7f6d61c3001692a8f4432f647ef02b1
SHA512901e37038d86cd0d180d92cb4fa9b4abbdf21b53b986aee813ad807634d90726d5162fb685dc8bee2e2264572ff8f7182288419b2eaa8bc389d1bbdb24700ae7
-
Filesize
16KB
MD57bbc64ba3c42ac5c9e7d4a66745071eb
SHA1d7643dc7e90e6a94646bf11a13eb9f0ffc1b5401
SHA256548a9c87ec5c5ea213ce1b79f07c6d8cb5e4e95cfb1aa81680ce01373f6de56c
SHA5123ec09aab01e536cf23a027651864d89be6f1d9ac1bd6a92a5603fd7a3dce9c6520d4dd91f153db0b073cdb6ba16d68f29ba5444695fccbaa1684daf25997eee8
-
Filesize
16KB
MD5067e33eb374d8918268c078f5f4708d8
SHA1ccd0709f63ac166bfb1c6b47cd0068e600277116
SHA25667fa2c3354fb7884369ad6a573111525160c0f32676dfeb8d7f30b93055d4e1b
SHA512d610eed8c9c117816855406304fe9ab79f1e9e195e300500073bf2132e1c5b6a75e60a9142145bf293cd69635f4b5474f1cf90066261974143b1c0cee80a7d6c
-
Filesize
16KB
MD562f3b0e89343e7bb1134320763fa4068
SHA17f76edb8c5c6d45f62a085013a43aa14d2e1d225
SHA2562ecba1af70896b428680828507b78929a4f50df603279b1fde366b9535718e23
SHA512afbbf2ec31e1f4483934acc68fc30c7afc717160851b34e7b169d7527bff3ac8b2ff064903a0b6fe7b956cb5b23d1b48d46c49e084ee1e5af16bb10207338800
-
Filesize
16KB
MD5720589f0f2f8201900329edafc42a113
SHA13dfa3a3e1bc6f006b0488abc3a0143af6abc1c27
SHA256543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59
SHA512bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea
-
Filesize
512B
MD5ec5a4f186572954e120726cfe385b8c2
SHA12a030c9ee0ebd20124240570353f1bc62e4e333d
SHA2564ee407bf9429f37ce7e79ddd7a3f70d591f20b11065333a8ca9563a0fcfd53ac
SHA5125cf82d308b82012d43c24b85231e871dac2abd9b9ef5129a92db92ba4a12734e056cd7bd6ea72584bc3aff0703db4a36904121138abef8d27eeca5361354c090
-
Filesize
36KB
MD5372ce557e932236728de86787516cc3c
SHA1a9baf61bc077b7cc2e7edfecc6ca0b739dbc069f
SHA25615cc499990de846a58b9bd0b947c8c0f43262f941317f25d7f659afa4b68577f
SHA512f7810756a447581b86dc66ee1d3906343dc718d1693efd802aa57e90020aad620822e5a2ec452462e6b8dfadd43cb6d2183a8ebd74b00b1d2178423904b34258
-
Filesize
4KB
MD5e48e76a0eeb90ceaa9aa28231c58fe70
SHA109bb5079ebe022e495b2f73d5212a3ccf29ce7b9
SHA256b03591b2f3514ccfa3b0233cff92529a224d14c1757b83d15b5e11c9e63b4e8b
SHA512c8f3467a0589e8911a90fa1dd168e795a3a98bb9c192419dcfd1cdc13ac85ef66530cdcc4f16bd5e8b78af5a60d7093241c29858fd17491148783561b3ffd3c8
-
Filesize
4KB
MD5d378b9dd52dd7d4ab3d09c928a7183a9
SHA1fc8c996dd6c49d4ec58ddc705eac6f95ddfdf2dc
SHA256a2635b2677baa597d4f1812a520a4b2942596171ff2627bbe58fa691a11f5992
SHA512fad916c99cd16675f5b266e48d4dff138ed79c0dfe11cb9d6a5f616bbf06c9294ee5643b014a8654f3d35bdbd5299bdf8b01f0dc4cd82b432b3ed91625fd153b
-
Filesize
4KB
MD54d6a6418193be40859a25bdfdf35dd4c
SHA101376a889cee57ac26064ccc08ecd4bb775a7702
SHA256d2295bdf38d16b4011b5081fead9937f68565a18f6c86f6d17c94832dc3ab682
SHA5123877d04f1f8daa5d85116b7cb127e7856beed379cdddf189590325641039675b861e38adc241bc4bb905c2b07252298537e670fb32fd119430d1c49e798fa594
-
Filesize
4KB
MD51bd6383cb2f791a63b9e387bb3a48c95
SHA1170c9989f432f26259e6f21288b4191511b64458
SHA256b61fac0243a6df3ef4163f7a32ecbd072bf497cd913a761c851ad9e7e6705a40
SHA512d151a9e4d40e5fbd5f65aeafd6cda7b95a27bca020c6e58890a2c9c2516f4f8cbf7b8e818089f11ee875291f410e210b5b058948961fd24338448c0728118145
-
Filesize
4KB
MD5140b9d4f687b9734967375d2fa148790
SHA125de6d36354c10f54c0572f3ecb34a1246f98ee9
SHA2569f1664572f2147ad4c2b3f5c14a933ad338346ca534141a2fa07a3845f3fa56b
SHA51255ed57a85d112d65f6bcce46fbce68e88f374d79a59fa19ae97918c2cc30bd26f495b78e6efdf0e3cd5ab8d620f33d6aca2ebf603519fd7f9cca868f1501d183
-
Filesize
11.0MB
MD561b3b6bf7ce36c506752f50124166436
SHA172867a3fc180185f5a664bf7ca574f40e723b8f3
SHA256da124754ab43b99882dfa15688f23395e1f5e8c51814ae0cd42a733c17b89e6c
SHA51249954191311eb5b8c56eaad1a5ebce73a9b57a4af30a6b3db55737c78fe2d76108e8ef700f2dfb15d79d8d43162fc06ebf9be60df43058fa806e516b6be8acd3
-
Filesize
1024B
MD5d8e64b140c3b26d4add360e91237da3a
SHA17718629d6b481be31feec795afe3f81ca9104a6c
SHA2560170fa325e4cd2b762d095f4b72b8ba922b93034d10bc3619ba456b1cc7384b7
SHA512aa78c3f99af92abb84839c33d00b56b61e61d54115837b7312f9d509ca03557db805e1cdc800080ce897e1483997cea2e01d3caaff403bb6aaebc6282cb52341
-
Filesize
1KB
MD5f8bb728cded70465ca86633a3eed4b11
SHA184237debc1b23384e268eeca07ece5149476a85a
SHA2562d66a80812f3b48c1237ecef4b1cf5d2c2b31bb3de71cf71ba99159007474ddd
SHA51228e44671a78ad6dfebc38830401f55e325a51ba1285a61e7455d6f84d78718c52e43df8235e2c7ca493fb91c7bb26a22e3431334c2e44179ecb7ccc97c2312e5
-
Filesize
2KB
MD574f7eed03435ffd3b120ed74233baa16
SHA154becd0e7ff20f70731c4b95f570c63bd0f1b913
SHA2560f71080b1ee5a04f8d42007fed7e390155c10dbadf62a3207b03b5f6360ca66b
SHA512b4f5d9578ae03783a73cc49110da040a5961a16d480815c28e5be7dc17b5cdf34dd4339836892701f8eb22710805a593eff53c5bbdac89032bfd1b7b30483cd9