Analysis

  • max time kernel
    2553253s
  • max time network
    173s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23-12-2023 16:46

General

  • Target

    4eba266251e05b86382f2a7ca3309e67ba33250c2c4bc872abc40d2f68726b16.apk

  • Size

    6.7MB

  • MD5

    2f1da2cf076b9c79b8cfa7ae7e6c7206

  • SHA1

    6bcb3ce4f8700aebf959b1c4bbfd641b70e26301

  • SHA256

    4eba266251e05b86382f2a7ca3309e67ba33250c2c4bc872abc40d2f68726b16

  • SHA512

    2bbda6eedbc0a1703bbd1a22ee113ccdecb9ae8e1241daae0b4a9d2bd368d9e4b4c9b62841e2e329eb95930500f478f77e089777ed2857023efd0a41f6026dae

  • SSDEEP

    98304:K0Q70Hfk2oMiOD9PglK2CcwG6JEaI0g0ujKbPhnAkmN11y/bbvdZw5PHo8nhGd2C:K0QwftkAG6fpu8nUzInvdCAFdV

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.daryadar.deser
    1⤵
    • Requests cell location
    • Acquires the wake lock
    PID:4978

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db

    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    b653cf2fbf56a8203012664f6b6ad5db

    SHA1

    d608eaad8fdd696bc2fde9dae9bf4f47bd00b13f

    SHA256

    888b6cc66b3e04e81cfaa8dbb5a90aaa058b0d0eb118db27b5f49c6dee7a39e5

    SHA512

    b364036f02b388ec270da13c3ef1c8f9aea78b8bfcec4e267fd03494ffcc5ead46dcad5ec954a855aca48e612431aa583711a275135dd911b57aa3f94086ffe3

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db-journal

    Filesize

    4KB

    MD5

    b66132a2dfc817968a854cda6ec57988

    SHA1

    b023c1c8515c9d664ccdf0a8be902fd180e48330

    SHA256

    de8d3d7d1d16e50fdf8fa574468641c82cbec17cf7fa0832ee206bb455ca4258

    SHA512

    d0d2ec857c17672e5cb1ab711f8d29dcdb1704de9ae92a576fa640542881a699c489f8dff551326b2e783683fe9f01ecd07157263ba16cc88078226b0ac18706

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    bc94881c46aaf8393c19b7721386a04a

    SHA1

    4b3ce899e687eb036675b61a2319a2404c4b445d

    SHA256

    cd12bce5ff6b134cdb7912102db3306a54ec6e7918dad7d44c42b19685063afd

    SHA512

    d401f6acb3d00af838588fbcbcaf2a62b8c1aab9ffe72fb9f9656fd99dacdb458d17c5f170c1de6485ec8bb7a8c1de8a7815c62c513474eb04be1172334c0b25

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    168fe4c41a40d93a66a022630fef3009

    SHA1

    509885127d0128aac397a270db895bc419d14b00

    SHA256

    1c0a441ac05e9ddda5ef946cf995661c9bb5adf8055a9ebf70d29a2af31ba946

    SHA512

    be57fcf1cdc7fbb8eb896717ba68141bc97be79941262b308f962e796cc1bf9472d14e7ba8695471260b8602e18a708c11425cd941e557356ee44249e2cf2037

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    64cc6faad19ef4645cbaf3b6030c818b

    SHA1

    611570d2a374f584239bed03e200a2819c417495

    SHA256

    c8bd459a6a6620b7de186cd50e3d91b657f6c19c42c8b5e8e5cf0d0113ccbec2

    SHA512

    6b22c6236f816a89e4adac43ad9214bbf8cc726c33e3fbdde5d2a1c764c3e344bb19c97160ca4050b7e5bfd197ef0f844b70cd17f96e7d34e2893063d47c1e0d

  • /data/data/ir.daryadar.deser/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    d4bfa1f8210bd465ac1f59d2cd81ecd1

    SHA1

    e1768b94aab96e920c4e3e6c2cbb800a938e3b9c

    SHA256

    cab7397f67561173b321859aa5f5f07bd1e7294eef56847cd8701cc10a0dfde7

    SHA512

    30af1cefc6bfac33c5e1dd4b102bac65a755b05b680b118c096c2157cfcdcc4ad54b8d3e81b2f400a3733a40d2d2089053b0e881289c74c21d443bf778c86b3d

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    00e829076f54c72b50b63fd6de296a03

    SHA1

    fbeb1b8be863931f98a7c29224a03b89f9616ab2

    SHA256

    c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df

    SHA512

    1c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    85b53764e7e5b2d35675a052e1208276

    SHA1

    f5ead8780bc36d60d508741b12909a12b246a100

    SHA256

    946e3e9f8234d17528f67d497141d45309ca1d13830374249aa2ebba0f0c3c45

    SHA512

    3bebdec88879b1cabb7e97f44cb566e90e8de249d4f9c73a2bdbda94ad5e424e88ca6b2f59f6b7145347671a80f996851a8758b9843708019328b5544af1ab44

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    0b89d3994b77a674a095207c22dc8fb0

    SHA1

    c95a7ebd1e825996c251f89daec759147c28ed12

    SHA256

    fc8fadf2ce04fad4995ca627166305a404c85ebf7db276fc79bf649c81986e57

    SHA512

    9da47720883592f365217149c50bc28c5e6730055a2ca6e7b5d4e457c21ed8477b01c4529a1807c63d8e65bef668d8a52c62f099e8cafb6b4e87f281503bd23b

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    27ae934e42bfe8e177dffb6bb4efde95

    SHA1

    11955f435daf8c8fb7295668bb116ef8af1232ec

    SHA256

    760f62ff46717b56da5006c27ebe6daff383c75334310cbc04a895159ce7d8c6

    SHA512

    4ec7e707b0f5e88d0c3b3e677453d159a40f60b8b3bbd03e8c0b02f89cca88eb9728ae081090a3485ccf760a2da4e352fe0857a9fe56e7b2daf08da8f1907dd1

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    54d785e6a2de5777bc7f45a3d56bd850

    SHA1

    9e1fea1be522104ea00856037a0f8f69cf46e66b

    SHA256

    a5283a41cb1d1fc11e934b4734371b6c4dc164d3eb18a45a11c97408acad6217

    SHA512

    c7b0c097afd175894ba298824efae5023787fdd18b5a4bedb4e724abf0f5ef471884efae36c7bb927f0d73dd711f78fb9201f674301a436b29918e51c109b2a4

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    5de572413cc71c0a04fb0b2f37fadaaa

    SHA1

    c9f66ec71f01b3af9e8cbe21e85ef14b70e2bf52

    SHA256

    2a3d328caab6b8b01540e05a8090b4ed1076fd9280ae226939217cebac065a95

    SHA512

    b702b5c319789cd015756dc14921a6ee44197933ee5e0b5275890931ddff4a4f2ad966e0fa65aa15d8c69e42ae636e048d819d07b261f9da3e6adc7428d53613

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    11ac216d3e41d8408669cd5bea115eaa

    SHA1

    76321f9038f2235026164a32a94019f27664684b

    SHA256

    46237208130c3f760259cc55c9cdab6a41232a5d55f750a75625812c72b2ba13

    SHA512

    3e52df8321c648fb93d93c525cbc45967a768e4393f77a83b6b8a790d9f28a7969d22de449b0695159385dad0a1c6a013d69b964ac6148c6f3cd7082494397f5

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    cb0c7b8762f3a20f6a6d63df642dc5a5

    SHA1

    c74139b9d69d48f2fdb05b87119fae6930195c3d

    SHA256

    e6eb2c3c7e7cb2556e0f72553e1281a38c3ea61f93c93759dd358b7a2daa8dac

    SHA512

    c93a2cc1167804903da2b6d520bdc691a23cbcba770861c4b7e8785f3f9779dcfca2631ae45586cd2e0c66a1efdc15593bd1c28fcde17558dd63de1424c49ea6

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    a038aa722eacd94df4aa300d22d9c771

    SHA1

    04999350a8696a0289380c0bc829995057b81175

    SHA256

    35aa23f11e0c5bb6fc1a2aa59b4316e2adc84ff1a2bfbac08b353a484934e288

    SHA512

    efe04ad0387ed17ee1ab36797ecd0bbe7fa440414eade1668ac9ba6da972be0e4ce81b621df504f74289168c5eb5acf9560e92f4041a8f73978225f52d0659cc

  • /data/data/ir.daryadar.deser/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    a51cf474759d918627f5db12276bccbe

    SHA1

    fd685cb00de608295030004067ae7b622fbee4b5

    SHA256

    32887e890fae2021ac7e94b9b24b64bf925450ec2270de9aa81cea55d234fc23

    SHA512

    4a05e595556a5bca04408e664ff6b1fd250c2665c67c5f844ea03a2e60d6a8fb492c7063ee31b1fb6a03ae8a7575d650a95c43afb79f41cb06082620964dff31

  • /data/data/ir.daryadar.deser/files/unsent_requests

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1