Analysis

  • max time kernel
    2543793s
  • max time network
    146s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    23-12-2023 16:23

General

  • Target

    48e9454d4e2151340a0af9b9a88fc6a3ab0d73ff87820dbce3ca882b2102eee0.apk

  • Size

    8.1MB

  • MD5

    b3bc671950a0cd1e8c62d4b3cdea84a2

  • SHA1

    4da3fbbdf588820c634c881923798bd68d84813c

  • SHA256

    48e9454d4e2151340a0af9b9a88fc6a3ab0d73ff87820dbce3ca882b2102eee0

  • SHA512

    71e59893299f64cfb8c5edc8baeeeac2d0fa56c09a6a2e1bb92d4f0de7b32a640d64378a2d10e2866ea7400813a13b39d24e7f01f4ff5e53f5bfe5c22dbfde17

  • SSDEEP

    196608:edYoVDhLFYyqjNdWnRtozMngFpWm0Td0GFA8P6XWF:SdFFsH+yMngFpahJF

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.nahideh.lazaniya
    1⤵
    • Requests cell location
    • Acquires the wake lock
    PID:4917

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db

    Filesize

    24KB

    MD5

    abe9fa56c177c65db8c072e6d81fc41c

    SHA1

    abe9e9bb6f7294324f549af4435f58578ae69f2f

    SHA256

    53f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a

    SHA512

    bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    69b167556f73ce722bb11741a4099631

    SHA1

    339a6e514b34d829116e0553a362a265039eb4f3

    SHA256

    5732b0764d25de03d17a802cc2006d2dd75a77513d0cd1e638febc9e8a1eb442

    SHA512

    b267718c40daee48de1e0976fb1bb4df314b52fee645409c85c9f53c7e643a6b7a6f926b267fd6346ac0836c3eb2defa0fc732a72d88703bf0f668b840b5270f

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    16034cff665fa602995e5cc055b27fea

    SHA1

    fbdb4afba592ef9110328dfe49b02ef8fc642c97

    SHA256

    952c348145212e354c578569f704c33c382d9dd0f8f02653106fd10fe82d19b7

    SHA512

    d858782f57dc65908106f73f61f0ea35cf6983e9c35a903790800eb204f13650fe15394866f58399909b7816019b5ce166b8bec64bdfeb8691dc03e0b54798cf

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    7f521114ee014ebfd45b4db872e2717b

    SHA1

    3f20fa4bdded19b6823731f41b043470e532a1fa

    SHA256

    54dca45553404c81f7bdfd27775f6c23eb029f620b69f11a45e217e560b63e1f

    SHA512

    7a4d513570aae6c5dd7ed52ed59e390dfb125dd05c819b3fb2285ce10b7b863f6d3b2106d444e88c82d144335e0dbc4698ee7b02437763bf90e99fa6507f87a5

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    1b24cd07d68aaf3d5e5735b2a5c1043e

    SHA1

    5bf096ffee4ce3626b5339235367ed05ecd28976

    SHA256

    3e021cf920da233176e512a3f469b33eb315cf08912acc648f8e7b8ddbe45dd8

    SHA512

    bc68a9a9c24e895d586eea680bf1520b460a2e42ab7392905cc1f1c9fb89db9102166e36f59726cae469ae0149f4e7be202392e33d8f34faed3561c746081ed7

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    042085a9a51d57f1221f59524d5616b4

    SHA1

    fefa2d584c1a578213caa5e45821afeb1ea78741

    SHA256

    ce77cd418b6b26b77da32501c16607614be52f1c490c8d4503f67ae9a8d1c504

    SHA512

    a5892b88b4ea73d68d731aebc2bda6bd1d0bf441a822684fe28b02b7e56af0c2a71d82faeccfcaa32f9bd2d9cfa6d9105e6019d259f501525d13562694b31197

  • /data/data/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    7fe1a21a6a67f2002bcdcd358af474d8

    SHA1

    440ee99b0d69fa28092de224a9843b67458650b3

    SHA256

    4ed558dff4dc85e6e3a1e77ee94dd742f05f51ce6c607998443a58e60a819f36

    SHA512

    db32587087af75db46de47cd5d2fd12eefd199067415f375f062057385c723d5be6ddfaa8cc9b9d6f728fd0974ca2c705adc37aa0dbc17745c792e33aa6e6380

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    613652bde97cebe8823d54c2e1fce754

    SHA1

    59d14b56e8b39a17f10a0b48eac8325a8548c618

    SHA256

    9298f04ce80f18ea4563962a854541792b89221e109dbc322f98fca660aec04e

    SHA512

    240b36c027dbb86db52fcf01345a75164ba883ee70e710b8b8936f338514510cb191b53139450314414b7478f047464255653768f31213094571ac5b74bdbee8

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    7cf84fb62fb781997fdc44abc761324e

    SHA1

    c497d47a9e729ca4897e03ea627b1c064582ee7c

    SHA256

    111869454578709184fbc6aaae49e6e21a93790669fd0681832c7c56a0ed5951

    SHA512

    62254ad1073f8c082fad1bcb72afded45e33e8225fb7693cbaea9f0bc88ca775c1e715ecfa6ba746b87a80d6073967b6359bbb38c9e00adaf6b40bfb85289199

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    32d43819ad679ec4eeda8fde0c372ee5

    SHA1

    8b0d4806b651e96daa2e9654ad11c8fc7e2d8e98

    SHA256

    744a063556272e778453651a45c3f41c9f12c7117da645a0b1a3debdbb0f30c8

    SHA512

    649c237511c179bd329944cf8ecaf3348db3c8ddaf7897503bca712593f0db3f851cf399354782f65e3b63bf140f7c38d9a4ebd9713eaab04a182b456d22b420

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    00e829076f54c72b50b63fd6de296a03

    SHA1

    fbeb1b8be863931f98a7c29224a03b89f9616ab2

    SHA256

    c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df

    SHA512

    1c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    830b2ca1308243e39896d6169a7b0842

    SHA1

    f46be748b639637197d59b6ca2574dcc82f1db6b

    SHA256

    f38e7dcbe2af53a358abb9753a6cdd5d1f85936c989e38f6e512a665b0ebb3ff

    SHA512

    400a7052f0a3ad58f57353718266054e73449af38dcbf781658d10b33382b76a4a8acf78670cd9427d480884047a6c40cc1560b67985ea3dae1cf6cee06b00b3

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    edeb17f515be6417eded08c1d4adccd5

    SHA1

    b8305ef0b438829a40923e622b7f2d27d9a56253

    SHA256

    62357c1207e05cab16381d1b2367e8e9f571200957a69ccc9ea355e2f2b0eca8

    SHA512

    8dba31d23cd04e6388eaa0136891c1d7d97a7661f1ab3ca6b37733ada2ce9723649c9fd35e90fbff2269b7743a47bca3e577d37f0164392bcd387e721586ddd1

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    9f0c9d1bba11fa40e2b87a9e4a914016

    SHA1

    8be8596992ec7ec4c710cfae89367210982b490e

    SHA256

    22100f57dc09956cc62127989eb5df3b4bf7e4be4e86b58cf57b011868f3ae59

    SHA512

    a0b7dd77fb862c3e86beb25f2d32a911c300a23c843caea4c7668e502f785b919bca08f2d14d56c09a3cb6372602beba6e96922e0710102c449d28d7bf23295f

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    714e0e36465d28cf7e9d981be2a4d835

    SHA1

    4f11d98d1a219127fd8fc8843d07b8d1ae9cc5b0

    SHA256

    faa58d25dc2c789f71e5d3e0b97a3f4a051a9bcb642c9beb0b05539e15b009b1

    SHA512

    5ca1100bb015d8950aecf6205a42764ee5c62e2d4b920c5d8442fff1f9f0748b9f31cd6bf64fe5396764ca4f6b3acc068e0ff2ce8e5b40c3b00f8ad09f75542d

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    9ac0841afbf57444173735f19992b627

    SHA1

    b6a2db474e5892783c386d0952638491cb6b8bdf

    SHA256

    59255e5ce14aea7fc914fe8332e7c6df48034dd9b0e161187a93981fa7a493ea

    SHA512

    7c8f7d401cb00595f8ce7013fcd0afc2ad1186682662c862d600e21ec1114183c1fdff823c149ae023dd353d810eac24eb8a2eb2c1514fd2b5dfe5d341f55de8

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    a72b00744d3435b06d8fb1315768095b

    SHA1

    82baf045f1bc23e48750b5ed00195980bbe3654c

    SHA256

    45ced0c6a8e19476994ceda5c66311ff8af8a379a17c5770b4ab96ef944cd107

    SHA512

    6144b0eba44d2c3f60d7ba5752a6ed2a0bf5e72f7636c8aa511d7dfe4e8720b9385f86c29e2cef0a203af8fe38cf25ea0806765f2cbfb5a2525868f8266681ba

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    433c6d411fc9c5255d588d87e8cfcf48

    SHA1

    289ea123ec3cd4deb1cb5272e47e8b59dcff036c

    SHA256

    f37fc5b99ebb900cb874a9fc04cad36c290443e35bb296e5cf3910fccf4c55ff

    SHA512

    4b8ac76569bdc6f7a03c9481632e4f46f6d9263b97e3198d52ede1fde140c8499bf460c5d6c8020b5fe7eba0c13d177b2eb675389983d82c76be4b59f1b50991

  • /data/data/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    b523232182ae6fc984fe3e7654f6daec

    SHA1

    06a0f94b2f08c5e6470f35a726706c207b5ceea7

    SHA256

    8ef34dc4fd3adcaaa332260fcaf38e6d53861034cfa2aa5997e3b65f4d35cdab

    SHA512

    0cfa839311dcaa08715e6d762311616117ea721f96d92d7d448e0a3bb1d3c23ffe2d1150a39ebf49f447d22059f7b38d3cc39f9069978a62452dbae7e78b9f17

  • /data/data/ir.nahideh.lazaniya/files/info.db

    Filesize

    856KB

    MD5

    b11b503ea552774cc364088f6acc31c8

    SHA1

    c821de0dac73d72fc0b166d74e09b318f7aebd00

    SHA256

    d2305d315f9fa6f891b79594d81181f4712985f02939e3441d7b8fc78c3795a1

    SHA512

    b5ecc6cf1d404542d3179cab4376e9389847b51f344fde9cf9a27eb1bd25aa5e9c6c8c13d14fcb65c40275399b45e3c38e8b7fe874edd72ceaf02a1440d9ad28

  • /data/data/ir.nahideh.lazaniya/files/unsent_requests

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1