46a90c680c3daeb4832abe2903e52ae285df937c68a83297d5a7038262a22fd9

Analysis

max time kernel
2629357s
max time network
159s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23-12-2023 16:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

46a90c680c3daeb4832abe2903e52ae285df937c68a83297d5a7038262a22fd9.apk
Size

30.1MB
MD5

e2482c275e9af5f813a80d8276ae4849
SHA1

24c13e6416d79f568b39fa8a6ca22b734c182461
SHA256

46a90c680c3daeb4832abe2903e52ae285df937c68a83297d5a7038262a22fd9
SHA512

cb05850dcea6ebdb6cdd186f01517075fc7fe4e7c1ae1bd34ea9f973541dfcba2a90e50e25195b2dc18fce4c900dc1f70d82ede42713b24b24a9505d930bf412
SSDEEP

786432:rVQUEUR+7gd3RyTy9MwpO044ilLEYRdRCqsDK:CFyPdhn1O3lfIqGK

Score

8^/10

Malware Config

Signatures

Requests cell location 3 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.iquizoo.maxrian
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.iquizoo.maxrian:pushservice
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.iquizoo.maxrian:pushservice

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.iquizoo.maxrian
Framework API call	javax.crypto.Cipher.doFinal	com.iquizoo.maxrian:pushservice

com.iquizoo.maxrian
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4922

com.iquizoo.maxrian:pushservice
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:5143

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.iquizoo.maxrian/databases/ThrowalbeLog.db

Filesize
20KB

MD5
a852ebc3321d2bc807b23175a6a71edc

SHA1
645a7fd33cf75a23628d576e6c6fa5b454d16f13

SHA256
256fb4171fad95478a5a6615ef2bf8cdbb9948eb7f60ee6c909cf5480436128b

SHA512
145ecea475401cc23e175ae5410fe8bea6f2b2aa7f9dcd40ea048cc60f57f48395cf6aab3681c35a3d275d20e79a342de3e8e2302ea2ee234e53ec9f34b5a831

Download Submit
/data/data/com.iquizoo.maxrian/databases/ThrowalbeLog.db-journal

Filesize
512B

MD5
d6c34f2e208bbedcec12a8a07fbc4408

SHA1
95f7de3e8e6d118bffa0d485c106cbdd3ffcf27f

SHA256
de955fc43b4b48d4ced78d095414bf9f39446d1338e2d9ae282a3d0995bd36f5

SHA512
5eb4c33bb06bfd3cbd0b14ca34115b48a86408a14eadca63e0e650fa318709e585c128e88b9b2a29eabfb8863d9a9443fc0277dec8c0ef04353600a269914b4d

Download Submit
/data/data/com.iquizoo.maxrian/databases/ThrowalbeLog.db-journal

Filesize
8KB

MD5
421a07e348bfe53a29a6819846a56a01

SHA1
47065fcee765259c9e2b102c361d5fee6520236a

SHA256
50dcc5cc537cef823f204f7c622ae838ef69b466df138daa8bb3d33196732433

SHA512
723c98885eceda03f47c166ac3483b1364739577e2803968991d428ba16d157341653e658fe7381a4decb184b34453518f3bc9f120159065f4ecbe725644603c

Download Submit
/data/data/com.iquizoo.maxrian/databases/ThrowalbeLog.db-journal

Filesize
8KB

MD5
d2f414fbe1d42f0c66c21618925ecf41

SHA1
2111d14ad3638fcd269ca3ea9993ff342e391aa1

SHA256
bd55c459c7838d46ba5a59840a936a5e4517c7444d4451ef47d600f49ed1ed85

SHA512
96196251e2bfb24eca5d91b88bfc2ff7c0010a4aa624749727a5866c47e3d01c6a2da8bf69964c61a2381c6a1b4a3f7aa3476ab194181b23e1e92c3df42a5739

Download Submit
/data/data/com.iquizoo.maxrian/databases/pushsdk.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/com.iquizoo.maxrian/databases/pushsdk.db-journal

Filesize
8KB

MD5
1c215a99278dcfc004c83c4569fdf4ed

SHA1
634c9141f640d158e951c8ca60e0866a5d1f9c05

SHA256
cda5f20227904c1999c5470d7de0d5d85de66ff1b146ffade99a84981e8c47d9

SHA512
916102b6c46b3a7bcd24a8b18b0a16d51aa0f54f022541394578ebadec1a692927e9963c5a5d54fb611a2932413240cd05f78dff1a285633f7c8fe91d9880ff2

Download Submit
/data/data/com.iquizoo.maxrian/databases/pushsdk.db-journal

Filesize
512B

MD5
5da08d8f42852af7821615d3c4a93bd8

SHA1
25cff77ffc84cc15526424540d1127a24bc82c4b

SHA256
da1733075b8b2abd7c41b451ebbc3e354ecbcc0eae3925ff9fe47e87e66c1538

SHA512
73e4e7e033fc9073764dc74662eae79287e561b0e57c2e93128cf7c417edf38838f033624e24298b0fef062ad6bd0ff37bd7b477e5339a1a216cefde51efbd98

Download Submit
/data/data/com.iquizoo.maxrian/databases/pushsdk.db-journal

Filesize
8KB

MD5
7787a7f98666d3f63efb2709562a14f6

SHA1
d1e10b2b8ba28fbe90aea05a14a879bdf825d769

SHA256
b4ddb169131a0086be2ac6b7bae9b04a4f869f4f0a69c2b94157228550d638df

SHA512
94ede27ed16654638dd47087908eba72077e478e63d0be79b6fe59ef7025a083161b3da2fc49f9322aa3616ef471b8eca7b1c2984d8bfeec574c6da68d099942

Download Submit
/data/data/com.iquizoo.maxrian/databases/pushsdk.db-journal

Filesize
8KB

MD5
90c642820bbe6dd623bec11c211655d0

SHA1
18c926696ba5c14564a85c8bdf7acc8c8c4f0f24

SHA256
c1f1daa5e3554473ad1bcb0990a3badfda87514b1f486449b54590b04f35d465

SHA512
cc07c4f4fe5932b96eb2e774d7d4c5059550e22c6ccb78adaeaa97b109167bff4b844eedc21d495e9e2c1fad7386c42c926390a672def176ae526699de01e2de

Download Submit
/data/data/com.iquizoo.maxrian/files/Mob/domain_1

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
/data/data/com.iquizoo.maxrian/files/TDAntiCheating_Switch_Value

Filesize
1B

MD5
55a54008ad1ba589aa210d2629c1df41

SHA1
bf8b4530d8d246dd74ac53a13471bba17941dff7

SHA256
4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a

SHA512
7b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339

Download Submit
/data/data/com.iquizoo.maxrian/files/__database_reborn_January_one__/td_database2SaaS/1703436359422_5143

Filesize
2KB

MD5
0dac349ff8a4c069cd4044fc50f6b08d

SHA1
9fc1e1f66f1ed6ced5861d262edec40b1029c0c3

SHA256
aae7f95d39c1ba4ca358fefba15c82c972c6303ba36cd29dc3d2f6b33f6bfa82

SHA512
265ccbdb9d062c56e184d4ad3f8b66ad91cdc0e8924e326d0268404611a1bda057df27693f6e48607706a7453c67e12281acc4985f9a8a3d91de5d87cf9555d2

Download Submit
/data/data/com.iquizoo.maxrian/files/__database_reborn_January_one__/td_database2SaaS/1703436359660_5143

Filesize
3KB

MD5
40a19eaff59936e477b9a4d6aab3297d

SHA1
a228e38079e7eef515bcc0562692e9fe7595f27d

SHA256
2ab11a97747b9a5d4c787bf7231b7521ce470f9ea5cd849052d14622000c1805

SHA512
1e215f9812863c6cd35c53d4833bfcf29fa4a84edea188da297a929794efe7e02a26a7befb40ff8611f3847d3c14c9b54c05f52f05c483bc3ba461d401dd989f

Download Submit
/data/data/com.iquizoo.maxrian/files/__database_reborn_January_one__/td_database2SaaS/1703436360256_5143

Filesize
3KB

MD5
7ddb0c6ff00276ee65454c95cc4cdd87

SHA1
01316705ae886084592075f0f873d2592fe7cccf

SHA256
9dd120491e9844f53ab6150578cb5861f8567f211232c4c6d95f54cef4a88ee9

SHA512
0c57f279b14064a047d5261a99483e862fa1975b7b01f7df9c2f072f4397449dcecfe0d131583bb32a56d98426da1ca9226fb52c0c21bbd4f96671d86af5af98

Download Submit
/data/data/com.iquizoo.maxrian/files/__database_reborn_January_one__/td_database2SaaS/1703436360519_5143

Filesize
3KB

MD5
6192a95a272f91ac8555770c607db700

SHA1
f5d82e75ca8b94e6de21254803f3c818594b7237

SHA256
8246d50175c0e9d966faebd3eb56d6de5b7bdb9c82b81041a215d35c1341525e

SHA512
1acfa40fa88de71fd4051d7a87ecde73992d3207663a87f52272bee4381bf0f7cd94f1067dc4675ef306b7a7af3be0a821f294e1938d0f0d221eced99bdf2999

Download Submit
/data/data/com.iquizoo.maxrian/files/__database_reborn_January_one__/td_database2SaaS/1703436373951_5143

Filesize
2KB

MD5
f537589cf4da2e4fdb60ab574631718e

SHA1
2b68079ae468c2a337035a85c5a0f6d3d1f77232

SHA256
015839c8526c412c71e2ba4dd84c19572911c24ca5b745fd3c7453c647dfd71c

SHA512
c3e559ebe437e1ba28a929bd94f57932f35a27bb84b571f2e57563c5046a96e82a925ab284492ea4469224aed2b89c491b038258bbb4268d6fde3550f5e36ca7

Download Submit
/data/data/com.iquizoo.maxrian/files/__database_reborn_January_one__/td_database2SaaS/1703436374369_5143

Filesize
2KB

MD5
3ece72bf4a33d3fa312591b43a2d6422

SHA1
f530f8812998982af954e587de8c33cd0a095c08

SHA256
a77134ffa65d8408f9b011c4f252982fda49a02e70fc60d467cccba5659db473

SHA512
fd9ffccfaf40eac9bcaaa306aaf9011ea65addb70db3387b2ad112680e38facc4b1aecfef57bf1360c65f55159a8a46c1195d3829c9a4f4675488109ba88fdec

Download Submit
/data/data/com.iquizoo.maxrian/files/init_c1.pid

Filesize
33B

MD5
a80051646a60508337adfb202c2c2be5

SHA1
ca354addeaf13d3615136e3e00cdf271a85a5385

SHA256
4a147d80eefd246bf2eb555edfe91481d149933227c7a9846259d09f9be1154b

SHA512
04aecd96558df60803161144d5fd674bf3ef832b2dedb7c7fb29604c12275e476380cf8406b1726aee7d40a28c63be0ab9e99287ca1b1d8912be743fcaeee3c4

Download Submit
/storage/emulated/0/.tcookieid

Filesize
33B

MD5
f897f5164400a12ed64e42001538c02a

SHA1
30600b6e52e37b9d5707a88323e39ebb7504e6e0

SHA256
0f8bc25f45fdaeae3cccdc16c4f9ecb3f68e2bb88d68ea3b8d2bd2984db6cbb6

SHA512
e46bb8bd8ad34bb450e8124e98b13f3b91f05cdce0c744e39369472a31e70c46d7429aec4b1e18dab62e0906c6e57c1749263f649a716bf322b3a21b9e6bbda2

Download Submit
/storage/emulated/0/Android/data/.mn_410185822

Filesize
130B

MD5
10f2c445b06892d1d93a2df35ee73113

SHA1
2e478919e95a0f07d8ca02c9d9f687b1424fae36

SHA256
350bc14ebc173ebc2edacd3868c489e857ed2630e8d4cd0f9a3d8a19c5a38685

SHA512
fe14b5642ede3010c875056f04516eb0b294bca2b587d1b3faacc3a958a2eec49ebeb8a3e1781a5f71bdf9cff1b1b88d77f960191e0d8d68fbe0e5e358667cfc

Download Submit
/storage/emulated/0/Mob/.mcw

Filesize
82B

MD5
9c169536d22d0b50edacde5cb988bab5

SHA1
f7e741d26bc11d8448b68d05874a2130caaf6886

SHA256
77dcb07733012ab8b11f7b8c0ab1ce44b46566adecc0931db7ee65958e8e4844

SHA512
13066eaffedd8079523fee8d99067076536c1b710a4c0806ffcae78eee40af837d3ee7c93e170539c0c32e7e24b44eac6ea0aacb3182fab27f45213f31f2f395

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads