Analysis

  • max time kernel
    2543805s
  • max time network
    144s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    23-12-2023 16:23

General

  • Target

    48e9454d4e2151340a0af9b9a88fc6a3ab0d73ff87820dbce3ca882b2102eee0.apk

  • Size

    8.1MB

  • MD5

    b3bc671950a0cd1e8c62d4b3cdea84a2

  • SHA1

    4da3fbbdf588820c634c881923798bd68d84813c

  • SHA256

    48e9454d4e2151340a0af9b9a88fc6a3ab0d73ff87820dbce3ca882b2102eee0

  • SHA512

    71e59893299f64cfb8c5edc8baeeeac2d0fa56c09a6a2e1bb92d4f0de7b32a640d64378a2d10e2866ea7400813a13b39d24e7f01f4ff5e53f5bfe5c22dbfde17

  • SSDEEP

    196608:edYoVDhLFYyqjNdWnRtozMngFpWm0Td0GFA8P6XWF:SdFFsH+yMngFpahJF

Score
8/10

Malware Config

Signatures

  • Requests cell location 2 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.nahideh.lazaniya
    1⤵
    • Requests cell location
    • Acquires the wake lock
    PID:4471

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db

    Filesize

    24KB

    MD5

    2cdf77d5c14dd3f313b60c691579a0b9

    SHA1

    6a74a7a3170cabead82152871c90749afdd6f310

    SHA256

    55ba022e5aa9eb87c256026289112e4c0531a41d0d56380fcf845de71ff99ca0

    SHA512

    eaf21f0acf8b98ac8bf4bce81e66a07d6a501483b141bfb7a2ef476a8dc9927ccd39971f4e0d1f7969576dbf7abb7befb3bec04e40c5a9b28fa7a2f15ae7a98c

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    36dd4e2dd30b7fadac29a7af08777417

    SHA1

    1e81a4682c1cbe606b7fc91fcb11554199d97983

    SHA256

    065db0d136751caf6d40b6b3049c3f4da35a93be21c63853f9217b099c3c1b63

    SHA512

    75ecaf948002ae49ac349205131b5545f823530dbf2809d298210613826bc81218ae8b5e2f2c841de0d469f40f1411c871057028ddbd08009994756a18622354

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    b235fbabbe380de26b8f925e9499affa

    SHA1

    e13c3e57440cf93a45d5892b9ceaec4b9837ee56

    SHA256

    d685ba5c33e4b2e3b8228ec9a7690bed4c6c95ec9a7e7bc9d5c49b3c95f568d3

    SHA512

    9dc3d1b07523d6836cca379d96c940bffebe057315bd2cc8908c03d057c845eb3f739e86af3fe8ca5a66d9483f89eb503c2b2e0782e9a9265c7a2f3fba557116

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    0ac0d94b57abd126ace806d2749a17a4

    SHA1

    dfd80430f75744930b4209f9a6490a9c49fa8af9

    SHA256

    4a89949f275ae1d010ae6eee05651dd26e4fe7c7dd1955140fde992712741e23

    SHA512

    22dfee4f17f74001380313f6676e7c8fe23fdca4b06bf6f3e3dd36b791c5db0be87768b4c3e87bd2fc1430b540e027fa90f156c5947eff9d629c5ce1baa3973a

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    06badb38ed8767f497d719afbbcb5582

    SHA1

    f96a686788067bebf6f814aa145f8ff09bffaee3

    SHA256

    907decc1faca73442de0d6787bea0b0d88d403bb8f802461e76ab47d93c75c95

    SHA512

    45ca160477f793f7d3ddc89e0361b41dd486126f9fdc84090119b5a68e6488d8f1de3752ce9b795a8524211a8eddb3fc53cd0cb5bc4cf733bdbcd77042a08c8b

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    8KB

    MD5

    d9371d452a6bede7b6cdbb81e2da2eeb

    SHA1

    60592a55b1d380c95eff2bf304078eee28d8fc0b

    SHA256

    b814eb35b063423ea7e8f75ab9ba3cc7e6640a76db97fc64245d451708bdd279

    SHA512

    b447ea19ccfe384ec1d32ae09601e5c4ef5f534be59cff507d96466ac42571093bbe0ec0fe52d3813676a8c42338e1f3000925545a2db4a443267537d3da9802

  • /data/user/0/ir.nahideh.lazaniya/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    e97e0edb5a31627ed7e5b30b73297b61

    SHA1

    4dce453f61a1bcb138aa611f22afc415bae7990a

    SHA256

    6768a3e2756af3e7cf879061a15117f4b9e9d16c6e2c25eadcbbd8c2c7ea7294

    SHA512

    0b82adf62a4c7dac4c419af7e0f0cc51dac3e40769eb3c5d72c5e043c14ff7660a138db2240054cd635d98042f7acf6c600646713eefc0cd007b725d70172b51

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    045dc4e90b3d327ad43c6ec43ea34b6c

    SHA1

    477e1a96643da0b51df24e26fdb056fb827bab99

    SHA256

    33c249991dfb1422383d59f41630d8939d6a311043c4ed02a61e137220f51551

    SHA512

    2415d8241b28c0c904619761e4f3ff39660452ce5532fbc41c251cede441e8cd362b6347b16ef9a6472cc2d36ac86a6d83a3470ddb2388046ab22504840915df

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    ec1e94c2c8287db0b449add23b491196

    SHA1

    2d7c6ea46f8b3a9bb1cbf4c5e6019babd928d6de

    SHA256

    2e2b66b586d97d9b03c1c715538a2e019e943f717b6e94f72d5c1f78bfc7aaad

    SHA512

    8edcfc29625038fdc988b34427d6fcd39d545fc2cfc972a8c2d9d9e60e1dd5d6b5f72650c835853478dfaeb26ee213f1b288dca162168aaf542a2e83802c5ad3

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    374a7ca32f461c087300efe96402dbad

    SHA1

    9b9d8d4c38cd91bc80752bff6c353473686b68cb

    SHA256

    c6f3d8d739fb0f3d132849f8ef852f29866a456821f3d89d2d42c780b847c968

    SHA512

    935301baf27db919ab9f5ef24938d577e34b1847ba128c0d061784aa168dd6de25849b8388e48d1af9d510e6078ab406facd2296d40f5f8c12e1aaf591b0d15a

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    47080e3bfcf2db9b8620f2faf6c5857a

    SHA1

    6f63c1851255e0fa99567f047382074b086d38bc

    SHA256

    dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

    SHA512

    e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    5e6239d091c190c6794825b6a4bd1220

    SHA1

    0a7676a2de4a93dacfdf041ff2e6fc9edd44448f

    SHA256

    dfbd033a4a744efa2e6007260daad8e5f01d822389fb5662610e44bd65716acc

    SHA512

    80c2570cbf14cda3cc50c1cb8511a1de63079dd947005d3cfcde8d2a3346cca6c8ecad091d111928da096e21f8933359466d9d8f9f55409405dcaec251dcd458

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    545cd091014e3b805e687c82f200c97a

    SHA1

    f7d542679f432a7718f6674d9c08450c1611fadc

    SHA256

    3a61f4eac0dff8f9e6c288283d47b33a695936e953f50c22fdec32ada6dc0f2b

    SHA512

    4350a107303675447f4df8f157f163b3bcbc85b1b196feb00e757b0ea69b712f12f28c6cf97d92ca14ce0ff1625e2d7580fe1b66722cb8d2837f52e0ad47562d

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    92e471a1c06cefa6b922de5358b24e40

    SHA1

    c289dec1c1cdd8df792d3a674f602342c67d70ac

    SHA256

    fac8059fee0e38d0ec4b308592136b4b5c4ab177f2ed43023d663a5596570206

    SHA512

    2951ff846ed49c0191bf0b9094cc36977e3883e06a01a914e9aeb3597e3abed825ecf7bd6ae095bc923ee2679bbcbe7ae015130b561c8486bf3d547784a25eae

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    4f6ef2a50af20c340d643d21561dd0f6

    SHA1

    cf2457bd0375b3f0a6b45ed942adba7ef5805601

    SHA256

    439452cc262adb11f18fafcaea7cc1164777b42eff302cf5f437ffd73a1899e7

    SHA512

    38dba6dd1e97dfc109829965269b94479bacea02253099d37824b06e708ade9320d9948f5c286756a08568f9e36a7bdad52b39cf9d1b2708c2b0294d7ee7c2e5

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    05df5a7fd175cfe76b43d98dd14dc22f

    SHA1

    66bab1338be36d215ebfc211380b6bd9d0dd44fd

    SHA256

    6bfe1a8661c61830185b0be15d77b56eef4109d7905430c694c0ebcd60348382

    SHA512

    1a08eb1ac15474ff355216b1d4a92f05a7312782b215eebf06aad133e579f6bb3357dbd55f481e02361925a748aa581facd2d781379bb08b31dc27c45167162d

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    3013e1baf2a1d5c2f1ab68c3916961e5

    SHA1

    7adfc75bee558e24ee4d13c1a4e9e98ce467fb03

    SHA256

    19eff938700d898d9f4ff278e27c46bd35182e3936851bcd73519006103d01d0

    SHA512

    f01300190547e73b576157956b150260ea8008a7879c674fd53320b4fc3e53bfa98ff54b1a259ca7c1d001cfc7be49b043eb25e3749e4e27f0ff7617947221f3

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    f5b1fea712e74c4a828c27c545abe673

    SHA1

    85c6e301203bf62a714421ef637cfdfe99f72f67

    SHA256

    254b3cd87ed4cf16e0825d9052a7970b3b3ff90baf7cfbc78c5ef24b3e0031f5

    SHA512

    83f6529a90de76fbfa4291eaf06e6e2ee4e5d0430fea7624f8b24815ecc72a3775920ee82e135cb9f829fb1f35358416cb5ba87dd08fc6bb4db5a807cdd42346

  • /data/user/0/ir.nahideh.lazaniya/databases/evernote_jobs.db-journal

    Filesize

    8KB

    MD5

    200aa7498243f7b0913fdf4a51a7bdfb

    SHA1

    2aaf6a11f6af6b2ab3a8fd7bdd4f25cd4d86628f

    SHA256

    b6bc4cb17508dc75d1622a52157ab59772b1ecd37fd1172fd3ce0f05432b97cb

    SHA512

    9604dddd626add349bc03e25b163894c8b87a2ea240dba3c5f470000b86a27a3b0d30720bb16b58b2a5e45911ba9e92d81a7aaf7d655da495756c8409060757f

  • /data/user/0/ir.nahideh.lazaniya/files/info.db

    Filesize

    808KB

    MD5

    e8ab9ae7d09dc321be16917792535fd0

    SHA1

    c4859bcfd02c3e8c868747320d78a6c3d5bf4fef

    SHA256

    7035e2261cceace80c9c4f8a03517fd64129372d8540d03af02954bc2aee6665

    SHA512

    c8a64af73c5c903e29170f0b839e5138548a802807008d618cc9f0b0b30347cd6780a39efff1c22e5decabf49190413d4a8b9b48e260b1ec3524d2b67175e5be

  • /data/user/0/ir.nahideh.lazaniya/files/unsent_requests

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1