Overview

overview

8

Static

static

6

4669ac7ff2...a1.apk

android-9-x86

8

4669ac7ff2...a1.apk

android-11-x64

8

1.apk

android-9-x86

1.apk

android-10-x64

1.apk

android-11-x64

Analysis

  • max time kernel
    2720882s
  • max time network
    136s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 16:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4669ac7ff2b0fe6edf1a084680c2d54bafdeb243231208faaa9d19f5963533a1.apk

  • Size

    17.1MB

  • MD5

    91a41d019817ee961d70fcaca366a50b

  • SHA1

    9162425f6a7f25cb6a0239037a7f9a94944039bf

  • SHA256

    4669ac7ff2b0fe6edf1a084680c2d54bafdeb243231208faaa9d19f5963533a1

  • SHA512

    f81d636e2d40a5d429e7245ae36fbaf5f0c370a69217abe87ddcdeb7073b55d1c5fb890d8b38e46f748f8422da33ba8f38f79c5c997b6dc89966aa657bfe2109

  • SSDEEP

    393216:ReLgeDiZ1KCgS1bMPBiMXyq1EidzGLgq9BTxiiMKVTzV+K8:GDi/pKjySPlGJxiiMyc

Score
8/10
evasion

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell information.

  • Checks known Qemu pipes. 2 IoCs

    Checks for known pipes used by the Android emulator to communicate with the host.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock 1 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Listens for changes in the sensor environment (might be used to detect emulation) 1 IoCs
    evasion

Processes

  • aos.com.aostv
    1⤵
    • Requests cell location
    • Checks known Qemu pipes.
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4255

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/aos.com.aostv/app_webview_aos.com.aostv/Web Data
          Filesize

          52KB

          MD5

          5168d8c4556ac22decc2362ce61ddafb

          SHA1

          664cb3c7b0b5b13c3b915c28354793bcc0afd408

          SHA256

          5057cf5dab27589d93f7d55ffa505ea8249c213b79fd8c85ac39423c135c5db6

          SHA512

          81cefa22b3b1d30acf590b44b97a47b68c265a15b3725ff348ac0256faae0aa76b6a9bedece897c912bbcc86623c3a20c193ff131d9a25d0ee8e315394ae332d

          Download Submit

        • /data/data/aos.com.aostv/app_webview_aos.com.aostv/Web Data-journal
          Filesize

          512B

          MD5

          608c11c03ed4b279964e1575704e9020

          SHA1

          bae91617ccb2e021b71612318011133c7a4f3b2a

          SHA256

          d11a7ed975d437420c1f7cd28b81f919d3457fd7e7b4737291393a7cd5787953

          SHA512

          87fd6d3c3b554bbc2c2a7fced7eae2ccc757246182abeed1b47d35d813858f6534d85aa0c52b0d73d7dcc3ecdb023834e6f2b3b9e1b24c19ca480ab39985cf4f

          Download Submit

        • /data/data/aos.com.aostv/app_webview_aos.com.aostv/metrics_guid
          Filesize

          36B

          MD5

          3e56600138dcbbad7404c25a713e2a52

          SHA1

          add8e0c95bba726b769a0c93bbbbe1b4cdaeeedc

          SHA256

          a86f11d798961eac99467c35b151fd80051ce780ffaded3cabd5b08247a398d7

          SHA512

          b1ee75898f0ac843bb9dd2faef9088c36543fc36f5094ff75515736729983dd8c294bd652f4fd2405ae3bf259b90be4c5324260d752e6f9319b5d512bc7dda3d

          Download Submit

        • /data/data/aos.com.aostv/databases/google_app_measurement_local.db
          Filesize

          16KB

          MD5

          7237409e0640cfab7bdbd429bf821a3b

          SHA1

          4c3da934842f8d4835dfe2a9c275a300e5123309

          SHA256

          5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

          SHA512

          c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

          Download Submit

        • /data/data/aos.com.aostv/databases/google_app_measurement_local.db-journal
          Filesize

          512B

          MD5

          17e1d5a30e5c4a0375c48bf031bd2041

          SHA1

          92ffd7542b481ed4bd09412aea6181409d84ba22

          SHA256

          5d06b61f5dd0401371cd4bfee445761338e5d4a3cc69eca850a7da6198e39309

          SHA512

          7b8c2295f26c46db83879d7faa90565c9bdc962c18634543a288009abeeb4548e3fe9c5cc778114385628a7c3a414b461dfc8a7c5a638d223c9a7d9989e47d7a

          Download Submit

        • /data/data/aos.com.aostv/databases/google_app_measurement_local.db-shm
          Filesize

          28KB

          MD5

          cf845a781c107ec1346e849c9dd1b7e8

          SHA1

          b44ccc7f7d519352422e59ee8b0bdbac881768a7

          SHA256

          18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

          SHA512

          4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

          Download Submit

        • /data/data/aos.com.aostv/databases/google_app_measurement_local.db-wal
          Filesize

          36KB

          MD5

          14b36caa688f661be24d433d003de3b2

          SHA1

          109703b8acd5e90c63b1ecf86641904405702058

          SHA256

          5a57cb5e8992f948e33541745ca67b4892d32471e563f63f0a127cd2163ed660

          SHA512

          42582e5439b34535e378aa9a33f6c302fb42ee8b3742cce01b4314c5f0cec2bac69eb671ecc6ca92a2dd054aba68b2e07a2411cb1095164f07be7e3e400f9ecc

          Download Submit

        • /data/data/aos.com.aostv/files/shared_prefs_sdk_ad_prefs
          Filesize

          181B

          MD5

          5f1a61cd768d1d0d2ba1f41af39ed1d6

          SHA1

          e9efaab032c07d485ba10b77448eb05eafb5a8ce

          SHA256

          323711ea097e99a032b55fd7c52e319f64c28762778f63760046ba3f368bc082

          SHA512

          2a89c90459c010d2e0a943bc5fd085d0472d9c167e827dc7d25843b66a88e284330827767c4978a96ac3c763fa18242bb225590973fe0ca2fd321d28b04e4d12

          Download Submit

        • /data/data/aos.com.aostv/no_backup/com.google.InstanceId.properties
          Filesize

          2KB

          MD5

          793dea17520892172149a7ab6053b610

          SHA1

          c8be9e1fe3439915125548be5d7a78d27d2e45f5

          SHA256

          c0f67a2f5c9b4c15766d0ea8450f073d920899a7fa23536f470885f66aae2fa5

          SHA512

          9da6e7548d683d5254768d5fbfa9a0292361d95531654fa30324c204a08dcec9a75d126a18c1e85ff2eb083f9d75dfb20e52ec66d492d314f063deee1cd75559

          Download Submit

        • Anonymous-DexFile@0xceedb000-0xcf0df6c0
          Filesize

          2.0MB

          MD5

          663fc2bdf40a7cbe8838ef9843cc4077

          SHA1

          c8830152e10d8cf6f39a0509a52b6371472901f9

          SHA256

          0693560a230897cba50d7aad69bd641b717f71e55f8f59d05671a0fdaa83a257

          SHA512

          61d90328c0eec56c6f1445627baa5d2f22a13207016dbc7fc984dabb0fc88a581d14c4045d00b376003b2f8b16b54a004d2d4ba21d6379625cdfbcd295afa523

          Download Submit