Analysis
-
max time kernel
2551797s -
max time network
165s -
platform
android_x64 -
resource
android-x64-20231215-en -
resource tags
androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system -
submitted
23-12-2023 16:42
Behavioral task
behavioral1
Sample
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b.apk
-
Size
8.7MB
-
MD5
ea4d865aa58070491fc68c69d33ee624
-
SHA1
fcc569109747ec01c69351afaf0be08f0fa67f75
-
SHA256
4e0503817c7455e6e69628add64862fc8a2c0c43ff78adbdb59ac151bb9a0b2b
-
SHA512
dacbbe311d6655f401b4bc7715fe5616347280dd3d644498fe677d6e92be758eedd443bd1f7bd0b4f6d06cbc904b9dc3c799f7670fb5ad8e2cc24429ec3fe0f2
-
SSDEEP
196608:q7Z7iUB3axSzvsg36Av6DrO8FNpU4gtqMdhiU1rrsOMgXjv:+RXvsg36Av63OYpdgAMdhtrsXA
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.sibsorkh.gazakodakk Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.sibsorkh.gazakodakk -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.sibsorkh.gazakodakk/cache/1582435991586.jar 5010 ir.sibsorkh.gazakodakk -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.sibsorkh.gazakodakk -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.sibsorkh.gazakodakk
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/629b9f1d-726e-4be0-b2d5-8ea6fcc99cb3.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.sibsorkh.gazakodakk/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f1af8ae5-c331-4938-81cb-50841d5da576.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
24KB
MD54c95d8bc291aad0748a30ab87299df88
SHA1c1c4617278b99f54ff2f23d5839e6cc6ae0abc58
SHA2568258bc89fba5f25b3ed0bd2abd9e5761d40d30fbf193f672900316b64b899a2b
SHA51253c4d6df4331f07862bc2a3e79f1b0b2bef10c54ce5ce3c3e4a04b845dc0d04e694905eeb75e702a3c3894ffaab01720388f3b76d259d25a7eb9adb56ef20b25
-
Filesize
512B
MD5d03f93ff18da7cd85f08f765866b8356
SHA175045af7373f24f947bf8c881ae0c1f47482a129
SHA2565735c933acc70703f9c938546dfd50bd7c27814154d845bc28c1d23daaaeb29a
SHA512f72e6a9096529e29ae320fe745b7c286f936f501ec6031f9ab8f5edcc36bef428e645f0ff9f2a14a4f90a6644e32dd0d3bde7b3980d49020bf14aa0056cdaa2a
-
Filesize
8KB
MD5445d31f80e3f4b187b86faae8008f209
SHA1c65e7e327244cefb24b944475beaaedaa8dde000
SHA25616e4bba135d543de6da38f8faac3deed7de7c90688063b2ea9e812f8b5e6a436
SHA5124f34cc4b18c084415b965f90530ac85682310d2a50ecfad885d827c432c5856ac427fba5c60838eb147da05fec655b64286235cf80315f83d3056402c1da1178
-
Filesize
8KB
MD5a74440d84d7990cda3d6904c13fac7ab
SHA1c973b4a82d5569f671aee835a386856870c09d04
SHA256d163897570307d819820e20b48858b560f78fdacf270745659caff9055fc42a0
SHA512774f1b1f66cf5086cdc93a451ab5e5c81d17e2f8ebbc6f8fef5b981af178e6ea6e1bef79d61dcda0863c59256d315c270a0c1f3b7685825694c58dbdc158ffda
-
Filesize
8KB
MD58069d6af3eeb98380f86b5bf2a5dc0aa
SHA14de22bd0cd38759df753eb47857238aa6a7ef821
SHA25664f81ff645987140149f3c53aacf5a567d4579bdc8ec149d94396c8f7798427d
SHA512e998606451ddc8ce7faa3b5e436dcc43c6f3de9d70189847646a8c8f7c77194874562d434bb12f6832e9522fe8c9783690b3bac9c4bea233c08945169f84cef1
-
Filesize
8KB
MD54412ad756be165298c53a16d333fca03
SHA1bc0b873c8a001ded23e40aa32d92556992279314
SHA25665d38ff1e4bcaf8d81dc498ead2afc96aaf39d00a0997ef9e43b267d80e86b50
SHA512db5a378f975982ee1b129e480c4519b2f41b3eb94b385b31b2530b0a84f79d7e47e6d6d2bbc25c9acc49ebc440b2b0a6aec127b94daa154359944405e5d84ff2
-
Filesize
12KB
MD5ea628e04765adaf4238a5dcdff4bbd51
SHA1a801947619ea8c368efe9c006a324dc6339ac60b
SHA256885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe
-
Filesize
20KB
MD5a8af73805ef417f4ec2edb646b539c4b
SHA167a4dad6719c85e473aba0c8901b9d6afe8aad11
SHA25662746f90711572861273a42a6e77c825088d8d1420f8ac0e59608adc984e54cf
SHA512160f29b92209cad7e4bcccca9a7a58ca47a5e5bf03423df3da22370b47526d5efe432343e431692dd4d4a7761c0ba32e50f50dcdf2c69da7a8d2324057f3bb8d
-
Filesize
20KB
MD5955b1f2696dd164fa14c1e4f1e9047e7
SHA14e12a1f8512e4cb3abafdd20c7f186578c0dfc4a
SHA256aa4c6ef6610a621b2507fa0d08a5ebe82c699f5cb04e8bd64c0f204a0a3b5873
SHA51290831a9999708a3880d066fd48da40bf714ac5033545af5f7456a8ee6b4bca59e584f6c2dbaccec0c7436ce67f81a9b661a2900be79fa31b52c6432fdf3e3d45
-
Filesize
512B
MD54b3031ace5ea23c3103b871190b8798a
SHA140182327b33709fbe8f2988a25b74398508dcdf6
SHA256d8df8fa3f9303b5d16cf035320a9b4630b2aa048a9eb93f8d8e9fb0261647052
SHA5121e94e0bd2c06601c115d9547deb009a99380e7370d66cbe31005e6f8e0b08f08bec7d062ce41f339960033e7b8c6350b62efdf1cc1b270e75d04d2530a0df19b
-
Filesize
8KB
MD5bcbb5ae199b29d81b83873972756bdfc
SHA195aaba20f661f742dbea26f632454dc4fdbc97bd
SHA256c707d28b00082107e4a311c560f7291bff3139b7490b54f64c1dca4d2aacf101
SHA5120773bd8b96d371a45eeed06cadf5c6070c2f9183224650e5bc8ed5f521e3a09aa257678fb79ea740dc1f3fecbe5790087a33e9a8986188054675de874a6394cf
-
Filesize
8KB
MD5a6057411affff8346c181580bdbe9211
SHA1dce63b79dd44fbc5b7ce54fdea73b70af84912b3
SHA2567af1cdf1174ffd836fbdd2c9d4b3ece654e12f0c955fd1c92ffddf276d9740ae
SHA512c8bab37de91876bf25152346455addaabc0375530ac4662a5183918ca20bcc242c4fd79e24afbdba0010b465b2184db147fe1fb75c11338e247711d3e83e2cd4
-
Filesize
8KB
MD5646363b6b7ead1686c132420c62c7a35
SHA1246547ad160c770611e72b974ffc1a95accc9893
SHA2562ce7742bd62ead968e163a7363a61a873940052ec035e16ba1b61203783a58e7
SHA512f55aea2e481decc962964dea04cc75cc61079805bf54075edcc9d221d6edfcec48e61ad2aa8adebe2d07c8f98526e1859efcc3a9516a61b53ff9f05ae00f280a
-
Filesize
12KB
MD5b917880df312eeb633c7cecc1a523618
SHA1fab152263c6835c6daad3a49f6ec32469e7f0e65
SHA256b209cfa45531d22f1ddf5866f6ed20becdc409e78354bc0f60e1f3d81e41bcdf
SHA512839dae2b90836063ee2004ef9e14dce5e1b837e608235cdd3566ef8f61186a2837e23ddaaf1c4922954868eb0a7f48d33dd7225013ca476571236efd24faebc7
-
Filesize
12KB
MD5163b0e3f017becbc89b9d7f330b78f09
SHA11ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA5126a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd
-
Filesize
20KB
MD5a295789741dd62ea364559a66df7cfb4
SHA1229f5645dd56169dca7ab0ea78b518cfd1add46a
SHA256d34ce72b2219f1f773b3cd94396a533b7fd1a353cac1060ee889370feda4d8c3
SHA512c6653f009606988d52e28175da82cd0c2de2ae35ef63794785c1b70fec4537590b0955b8e8d1a88f83b27e9bf096181d9d54a42dc87efdb7662c139f22227391
-
Filesize
12KB
MD5ef87b87814c6b0c42a5f0ab62009ede8
SHA152bc00179c13945b4708c45a5f7ab3cfef08bcc0
SHA2566354ee702cedad0c95ce5d1bee99f630ff586597f701736006acc1c47ab53d50
SHA512611a90d89e25fd66487f0f9c7eb7a4fcaf7fb2beeee32a4608d8f3f9822e2ea31091f534ee12260251a2b10c2a8b5523608c694a3228a16c134bc49cb2b4e7cf
-
Filesize
512B
MD5c491d92b7283d65b68f50e357304b07e
SHA1f6adc244f49e9cc36ce2f32b234ec1d4488d08c2
SHA256ec221a9bc0272ed93e071d34ee6773025c8ba8c04e5404a700a4750f90d540ab
SHA512fa373ca2709371149e6a97cced7e88a1b19a19a3538c9e523db91e6dc1929554013ada06d39a3b85dd5b1f002dc9295e5710fa92fb99cd9d036c58cbf270c74d
-
Filesize
8KB
MD55134dcd3dce370519dee69b1f9bdd7ef
SHA1ce268f18e3af2d9f3c3933cbb428275f3eeb9994
SHA2566615611037aa906bc9d4b06760e8d1e8b6e856c83de3f5facfacf14c760187dc
SHA512f17521064cd930ab7988f112a4c6ec6d0832a3c0d4484bccfd74d70f7ce3abc644856e15242f44413ce6a962a9bbc15f15a1866e1f47136879f633fd839b9f4a
-
Filesize
8KB
MD548d4d77df02991ec8dfca35b45fd1384
SHA152eab4beaee678380ccf86ad390747d41d59e4e2
SHA256e9337310ef05e4a15d8cfe4862513a6dc07938dc745f0704a253d691952cdfe9
SHA5125e65ac6eb8a45d78bf47dd7e4a218d8d1c69cd8ef8f462ad68d21d1d579dcfecc72be36f71eddfa77a7213b1513f04d2974c11114b8ff9b26ffc2769f3e4bfd0
-
Filesize
12KB
MD50f08baf594b474fd1aaef977643393d2
SHA1d8aff5963f57dbebdfd8327d8587386c58ae0a31
SHA2569874fe9a930b2635a8d9af9e00c89d1c968e4687697f64cab4a3d866dbe9136e
SHA51292792018e970c822576609323d234c5b4724492154199da9fef258848fd61f4e2edd417473efc38ba3843fcf23e391b2731cc568e5886942ad04edc73b013308
-
Filesize
8KB
MD52e60e62ac085f0c67451bf51e7fdbad8
SHA1ea98a205cab4d8f25f5dbde6002f32afc6aa5d3b
SHA256e22c26506c2521e47dd6d6cbc43662aad30dff9f89f782ee3e92165c8eaf51f3
SHA512989f53619635d70500503404c059a686cb4e0dc91775d0f5cb06a41faef8d9cea386111ef9411424d4fc974daf076d47c8f50ce932bd96035a762114707de4be
-
Filesize
8KB
MD5ab6b197a03e5f433c2beb76189776e28
SHA1fc59c366103e73cbcb89b132bd4169910e8a17d2
SHA256582d19cf6a9072a6addf6212b3172223cafcb190da7e1f392c1cdba2fa44ebbc
SHA512caa8df45bfca3403e9d61a8b1df3503571e03d6f4f300f22e2fc6677fd1a2f28261e0f6cee589abbae4b3b6e8a86aba65c7b737ba1fcbffb6544ac8046ac7eb4
-
Filesize
8KB
MD5377fd73bec847780510e2b59a554bff3
SHA1749f5e157dca3be171d3e03458ae36c231c25e6b
SHA2565a8090bd1191958118035cef7483e4399839b4e9f5ef199252215dba5610d298
SHA512f4e303504e52df65e6bb4c633b33c57808f728fd238dff9703239f65b6ee8b3b6cca3c6cf1d6e4d019a0a41da7056e427418a3a6dacfafababa4df24922353e7
-
Filesize
16KB
MD5ad24d9f81dfe2a6cc33c73f30ba3c8fe
SHA1ff722909bf33d6ae3f9ced889d60c59aea2d2492
SHA2567860f160c88d4e5a7ac9d5e2a0b91f5beae8d1af1ddb17e515f35b30b1ef79ca
SHA512fcc26d605a898539f0586cf9ecac812b18f25b70ca85e434f4b163060498c5c2cc6af57c5f428eef13b0aef0435b30e507be656bc2ca0867d779f0a569bf75fc
-
Filesize
512B
MD53fec799f60c5d4d0c8bc95063cb539b5
SHA11e0a74401e4697cd725b3589261ea24e0eebc25b
SHA2566881e7cdd686f1620e9c38f257b8139b406e363731d641ac7222049866af8aba
SHA5121329b782ba84740708b1e30f2499911ce9d0ed119f61486b02372c94a73ac8aea08d304b1c93439593d32aa50152d20e2519b3953b72f6faf4bb80c7e6c6c396
-
Filesize
4KB
MD5e2905ef69e6cf2659974dce7294861ab
SHA174adcafb162b84f39c72220725c4c1cb89343508
SHA256e52f4a2221929feb797505441594ce64526234bbbb2cb23a23f3668ed8ab7c59
SHA5124b9ace7ac89ed632c28df23cc292256242db83d6ba0c7c494c46f1b5e5e3d837fda598364b4c70724ac51a22dd4ed2b73616d3795cd4739d1ade0e63b39dfc26
-
Filesize
4KB
MD53c912335e763d213603b4f78bbea0404
SHA1d5093556e05de83ce922cbbd2017828f7125e8ca
SHA25615317e3c6471a4e6ff1d403361ecdc02355359d62f8ea236931da67b78fe7fc0
SHA5125525b6f91fad0c97048cf9c89bcfd28c88a47fc06154e137ca811d38679d781ba2abc6645a886c67e2e65512a0df99503bacce71a378e379611622143f0b90fe
-
Filesize
11.0MB
MD561b3b6bf7ce36c506752f50124166436
SHA172867a3fc180185f5a664bf7ca574f40e723b8f3
SHA256da124754ab43b99882dfa15688f23395e1f5e8c51814ae0cd42a733c17b89e6c
SHA51249954191311eb5b8c56eaad1a5ebce73a9b57a4af30a6b3db55737c78fe2d76108e8ef700f2dfb15d79d8d43162fc06ebf9be60df43058fa806e516b6be8acd3
-
Filesize
2KB
MD5a9322d60651f88aea2d336fad1c5b737
SHA16c67d18aaa36fef4a2158c75f494b53c1def7ead
SHA25676bbf9f5f528d99cc0312e55ae3ba49dc0ce2b0be9baf8bd74b76e94646f371e
SHA51213cc90c381065c977b4f40cdb2bb14a09233f1514ead5af29b6ea175979b7f0a18e52c0f14e0c1ab491eae2bbe5d81de7b14f135149a85492c88b4bba6b4ef3b
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56