Analysis
-
max time kernel
2592021s -
max time network
157s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
23-12-2023 17:34
Behavioral task
behavioral1
Sample
5936661db2df9d475550a26d2e834aa807760678b8ef148084ca0242c3cc526f.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
5936661db2df9d475550a26d2e834aa807760678b8ef148084ca0242c3cc526f.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
5936661db2df9d475550a26d2e834aa807760678b8ef148084ca0242c3cc526f.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
5936661db2df9d475550a26d2e834aa807760678b8ef148084ca0242c3cc526f.apk
-
Size
10.8MB
-
MD5
8c8354e6f3f2c595d5a5f1ad12c44bf8
-
SHA1
41bfc202d3e527f48c1b1138033cbbedde03e447
-
SHA256
5936661db2df9d475550a26d2e834aa807760678b8ef148084ca0242c3cc526f
-
SHA512
3f31f601df2c4bf0daf6cf57ca185d2ed67e88e33e6aca66deaefc5b7df7c1343f4380a8a0a5d1a314306e65e674ea91011c3d1c4798d6cf4d41d446adc4d0fe
-
SSDEEP
196608:UvpF5luTCzHYIibt4xVuz1FFoZCU3pAefVcfeUd2mdhiU1rrsOMgXjr:UvTPue7Ymsp3U3pAefVcf31dhtrsXU
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.nahideh.amozeshjele Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.nahideh.amozeshjele -
Checks Android system properties for emulator presence. 1 IoCs
description ioc Process Accessed system property key: ro.product.model ir.nahideh.amozeshjele -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.nahideh.amozeshjele -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.nahideh.amozeshjele
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.nahideh.amozeshjele/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/23b1d1e9-f1e4-47d3-a900-1b4321129230.jobs
Filesize278B
MD50ba0f9e85f74d3291aef47e5ce75bd15
SHA1601ca65291a120c6f22892709d8cab0465e409c0
SHA25619b2fa8c7f99a7ff2b937c50fa7230359a1b1e5db1e6efa57ef885844da3a0bc
SHA5129a5a2bf47e2d4cdf4aef93ba75741beeb472a86fb1ebe4f592310810e280c9793bfd24148674b4ce6423a18bf4285408a8769c3e28f46dab949a722a11f3cc4f
-
/data/data/ir.nahideh.amozeshjele/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/bd091890-085c-44a1-a579-ac35ddc78308.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.nahideh.amozeshjele/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e1b23b61-59ce-4d71-ac03-cd24214993df.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
512B
MD50214856c9e19eebea000a28bfd7e3b86
SHA1400ed0b7cbd282ae8771e0ec11603f19a48b7170
SHA25636f517738fd578570900448c828c0f58076c2668f093ee1937f11078c7e443e5
SHA51286fe8be2a703e8b4da038641278e83878bbeddb36741816df48f9b3923beaa41882106a8df910478c0657f477ee4d68a91abddf68a8e58697ae81ca3feaa338c
-
Filesize
36KB
MD52736eb56803e282041cb0881cd221a37
SHA1d3b2dfdc721290855a6687da155f6ca9e8cd0400
SHA256332bec021966d4fdc9ff4a204a08c9349869f61ccd723dfeb0e73907cdf6ac7e
SHA512fbd1864a581d4d3a74b6bec4195bf3c9e6e923fec53e1fb4f9814eb6b9dc4e5d2b77822d01328e035ea82ebf88c1a4e427e5363e3f51acd100f62cf748740271
-
Filesize
20KB
MD5f209534f47abff744f8a123bb33720e1
SHA14d3d680b1bb2b7f1367bfd36e605c7aa22e16fb6
SHA25624f381266086c3b126a838cf99ce4c57e81e24d5f060b2aff565602a699573c4
SHA512099173203e2d66e34b4dacb1efbe76884ca9529eae1e9d10aa9f72ed4a38788fdad211d6c662a4349e81cfd44b3556a7c45618adf2dc35e333d6def2ce9f6d29
-
Filesize
20KB
MD539db6f0be745bc744fc613c73a9e10b6
SHA1fd7b91a17a39017c31161db892d79e774a15c94c
SHA25630b7a28c5869795cab13cd095f8075ea6e0001687370e5ec1a8334daae38573d
SHA512e060156be3586da673a76a345a89cf209637c82efe7188a94fc08a856ed5605393c4a7de18634f647d5909af2d2b4a88a7c3ef3f3f9a5028c62c81d9975eeecc
-
Filesize
512B
MD5303184560097c88e629f600e5f7f4756
SHA16096dc5ab27f3a318a70fb9bd6b55d85a5bfa696
SHA256174f50ea1b6674f92bcccdd1c8db5d1ffd3a8d3c4f4528b63347ce8553a7211f
SHA512b0ec0b25270c0bf0b19cd91ca953715d5ddb2037f61c0a4a478fdbff0db8a4421a0f2acc5d3cc049cac78f1e34dd840558de4d26acf91c8f86ed48e85f1a36f8
-
Filesize
40KB
MD5656ce15c0499a294356341f7e7bfe576
SHA114a05e3a7f712ca3dda287c9fc0bf57c08d85fbd
SHA256ebe6ed6bfc97004a985f3cf682e1931bb4dcc72fa6914d24ff5fd5e86697f88b
SHA512f8b691e335bb04d6646c0cd05421ad4abedc0029dbb8fceafbfc9a5086ff26e38881f63228dd0017ad6e024307bbae6018205256ffe9a238e654770fa79e27ff
-
Filesize
8KB
MD57ef1bdd4990c3992001acf1fac0da938
SHA155dead391d27e5526372ac8382541b2ef287b548
SHA2566928ff7be04178aad8ada20cbf06462f7d09f76dfc05a6557e971f2c149e94c2
SHA51247174df9f86369ce9077c6ed234def00d74f53b49da6c6a4b95d46726e0fc9caf5319035504d7155212c4fac369848fb82e47c343ffbba69c4876e64070799ef
-
Filesize
8KB
MD5ae5412d0decc9e6a6bfda166f812e344
SHA1358eb6ed5b124e228d3a1eba80b90977d7763eb9
SHA256e14f3a9eaf3d64db5a232601dc6f154ee52827edbde6541ff05ec8d7b866ff27
SHA5125a10dab685e3fb649bd7c8fbb258ec4caabb754c2b488b3b89906215c394f3774501193dd8b0686dcc555dbb237a5fea02f3bc2c1a2e05a18f1b87b3be0e8fa0
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD586b38de5c2da501ee7e9a8a77f7450b5
SHA18b8023b514069ac5d894af8d532bf2b8f5eff775
SHA2563596040b64c489ff26acff7db526e000689f44dcd3b3ded0456f293e5d86a1d4
SHA512a13aaf29847b8634f45874ad555631df2f81daa3e81149640b9054ab6febc3f7b6a22700970a42cf5c1106c9bca39f5ccd8d2ae77adb4f02aadb0ccad6d8b6c2
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
40KB
MD5d8c34e127bfb069daedad8b22b208208
SHA16c0158aadbddb556552f7321698adc5e0a10755f
SHA256a01c2d83add0c89580456c7c5249754b27344bd9e53042cab0e48fb50a9a4399
SHA51233159cf096050085063231351a961580c43ea037a20d5634339ff975c7ef8094702aca8bbf22e5e318569dde4f6e131e96f095e6038c44a2b7db803533fd39f1
-
Filesize
512B
MD5db568300515cd16f1e097c837efc8d75
SHA127ffa52544694019c2ce7e698a027d1811136d29
SHA25612122ab8f2d858d06930bae239e6cb6e1a5bedd5f62d85300855d6e8e9890103
SHA5126f5f742f576c749997aa2e22cd268aaa6a6f5ceec149b8987c55b2b2040fbc81af11ae79b3b3775504e2ab829aefe98aa1ff152352716ddd6171a596116b29b9
-
Filesize
28KB
MD55cfa9712f6f52349bddc167e6a51ac2b
SHA118f6ee53af8a2b77642eb2a14f0d43e3e34afd6d
SHA256ab417c0dd745320b53c3f97f5c0a93148ee7fa75af60509bd2ccc9f19303225d
SHA512b55b5067939c0f523c92bcfa6a405f7310b16eeb9782246f5cb3201a814beea6e2ea8726f1d936b49c5b53e344fb913fe16a1d7ca78712768d36474bdebb1b33
-
Filesize
16KB
MD5047887e12308343c25d94cbb9a39d731
SHA1cae984b3be07b1e6d378b80610d70a8236deba9b
SHA2569d928c15deb5d49ffee85e82b2ac53946996b2cc5f18ed11421505bd74983b22
SHA512de26d650454e7061101107248ff5deaf513298f9dc34fc3838d49f4cd1f3956dca4125eee1633a63c138bb32326c46766f8e3beff6525939704abd41e5e074e0
-
Filesize
16KB
MD5c92734036fbfbd2e5e558aade5627890
SHA1696634f1fd2dfd41cec1a39e6f469fb0d46da2cf
SHA2563880e78e7fe703734ad4c2fab7e3c8c29301a835f41b34ed86fa200c30e1fe4c
SHA51269a860ca2119a014495f6077323f6ac5cf1e517ee20aa465c65dd672d02ad197052f20e2aab7ffd2e48f109a704c44e642780174f3f1df2f45f504c92090a3b5
-
Filesize
16KB
MD563b2e99a9ceb7fcc0273e6b913a1ec49
SHA172787433701f67b5a9a7d214af08bc9281c524ac
SHA256710142c7940bf04db099b5c808e037e38a413704085ea2fa2e13565dc56448e9
SHA512d4cb30276a3ac14701fbe5b130cfcaf976e3431cb6beffdc20497fead84d2cecb284aa10068d68256d8fbb8e949ba1133edbf5672a55022c29b637e2c942c0c8
-
Filesize
16KB
MD542cd694dafbf2d73f235a1ba873bb1f9
SHA161e6e054ee23877ee3c6a58c33a623058fd641b9
SHA2560fb585a01ed07c4e90cb797b5ff70e77d374e4b2f690a97168ab523f4a8601e2
SHA512b8f5bf66bc34344c4d43c73a5c37a7f5a6b60c5c3f3e00584105921d43821df8c3234e124ab828ca2a3fef0ce5b79d5fb2788d15aab378ac6a46a53d25183539
-
Filesize
16KB
MD5720589f0f2f8201900329edafc42a113
SHA13dfa3a3e1bc6f006b0488abc3a0143af6abc1c27
SHA256543aea7cbf3be4c12119572af98ea6fda72e8cf886edd19a6ba8a80263e16c59
SHA512bc4da98c2bc11dacf7e5b8edf23ba5a123faadb5a02cbdc4f082109619ca956c93b3f2d1a5b44aa039ccb0e0915ecddbfb2bd71307df7fd4fba6d38ee9cb63ea
-
Filesize
512B
MD55fb004a3698693836bb237c3803a6523
SHA133fe4b499b2361040c59f4ac2d629f6e99e46a52
SHA2566332750804799cb3264bf55cd722b2798a0c0d34f05fd8184ddca892840a07b2
SHA512e6d022b2a444d7b8a4e7785597f5c5197bfd497b1490257f8bef10848999ec0ad00622d1b7770dca0e1905b16887ed5b92c06126321383c93e48260bf9c03efe
-
Filesize
16KB
MD5807c662ea5ca459d5a64d64fc9c6002e
SHA1ca8391801cb5e26a71476d4ddcb01228527eccc7
SHA25679da97fe501744cfefdfd930dc405000f3fc087f03044fb4cacfd4373182e52e
SHA51251e8ff83a99f468e9cac24ad05b655192c08163cad07311de614a7a2719dc2348ce963e1c99d5db418248896fa1af7a50e004c11c820b8e0b98ffccfcfb5b1b6
-
Filesize
4KB
MD5fa8d960c8925adfb6c66986f843e2f2c
SHA136bfc0db32c65ca7d8f28dd7eceb6d997de4c07e
SHA2568824369320f4a48039baaccbd09b6dfd6d89ea3af4cb8caf9bae26299cd9bd24
SHA51279392b1cee15ffb86179f141f8b875c44f9c83d6bdb237255368af45a3a40c82fc322112304ea2257b68ec348ac56df433aa214c6cf86c2f6c65ba5b42916f0f
-
Filesize
4KB
MD5670fe72635604bdbbaf24768abc82b5e
SHA1c4c0950a77431329a14dc3d7cac08c2fcfa2a8b0
SHA25607d798abf2cfd1c977b6396aadb7f16549fd18ee69327984f06be7e0a085e63e
SHA51226439c722bfb2e07a974067bf32cc8c100d53c37c358fd3558801b39ebb1590f0ccf4ad11d050fb15770903a07771f502adaabf06f52428a3b5c7303315d143f
-
Filesize
4KB
MD543a420ca783c91c121769f3ca05a8015
SHA1ee134eb70c03bb1f12f60517a4986252635426a0
SHA256d7b6455982edd9086270e9bf06bd939929f5ae2f8715b759e8aa73dff7bc9cf9
SHA512f94ef66d8477cfc5ff66cfe54be29938f3617d78fa9766db514fb888384c75ef666b2f938bea82e76e9a937db2b956f54d264804e3d7cde031c63f2b636dcf75
-
Filesize
4KB
MD5db6cf7afc9dd1e46c9a414aac762a1c3
SHA1479a7db04e2afffe327c69959bd6b4959028b6e4
SHA256fa654b32dc2a59de58315ac9d12245c5e7bdcbd8ba3979ab6223d37bb4b58d0f
SHA51298fd2426c237140224b7d308b95d14e1c376e49988285f56a9bbd97d68ba5dfa9f2cba00063708088d2e81fb04ca3ad17bf27135d5e3cc2290a47a37b6bca5b8
-
Filesize
4KB
MD5cdfcc575d98193b4e2c2f1e3536ca52f
SHA15a43d1180bdd4f4d4a0b0491ee8b78678e7a8b0b
SHA256295d9dafbd22419fc1feb95d0acfe15d0380219d5907c21de66243a5c819f9e7
SHA512b09382c71b160dcac8fb4c6db66eed4772b133cd6f4a4accbf2b57ae766b4cf4418472a97da5b7ca1be0dfecd1960c8e40759c2e382358c0d25383b13319a973
-
Filesize
11.0MB
MD5754f469bd97296baeab3a599f3929c5e
SHA101e717d061ef833a3b8a97699e24495316278d85
SHA256a7a2c41be2137bc2f323eede89c890f0e1bcee9a7cb0fe89461e6a7d4d35eb13
SHA51218f448c6b862ba672ef5dc732c1ba77d273f1f27949dd0069694639985159af07ce0304628db3a83b7010927bc74539fca811df3894ec8ff7d1f4e6106a3f3d9
-
Filesize
1024B
MD5f4098104ccad5bbebe07e7ea04c6f0f5
SHA17fc3adb39d1c4257ecbbc8e1feb6cefd3e206f3d
SHA25606b034ab1187bfaef015ad6fb2d5bfbd488dc781f8408cb57db4fdf3ebb74f4a
SHA5120ed94f869a18ae1767472e1240a487a2a1f59317b5a2abad95669e2453883957f6a7c5b84c9091c17ebbbbedcc2cd7da7e9736c01f3fe1aff45c1184b755b809
-
Filesize
1KB
MD5f6bf186a6cf5def8b253430ac8dfe087
SHA1c3d02322892c277f3e5d79a483786d81634480e1
SHA25672ec972ae260429adb8850fc51873792220ba0a22b0bf186a2437eb64e1ed0da
SHA512098041447a042131071d5e51e82b4bf0c6d546dd61c6d4e4966b0e310a0a982967d330d58e46e89fe0899a9033b6c0102d26ceae40441a170c9739834c3c64a4
-
Filesize
2KB
MD56b6de9d8f13de7f3fd6eda298a235afd
SHA102734d4dc91cfddd5ed45a0641ff85e31b498ead
SHA256f6fbb94794895808d0c148a9ce8ae1802a3d46b97f00baa15a08322b94d0b182
SHA512de7c97c183cd44c5646da3e3caa99ad40d340b6cd5f9caae8cfb822e6538a99418a8847a57aef2107f7f529109738afdab0c22891baeb9aa7855cda21f5f3d83