Analysis
-
max time kernel
2581706s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
23-12-2023 17:24
Behavioral task
behavioral1
Sample
56f15d1e349b6b8db38e82a78f5be3480ba8dbdb70ce6f40abbfbc7dac5513d6.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
56f15d1e349b6b8db38e82a78f5be3480ba8dbdb70ce6f40abbfbc7dac5513d6.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
56f15d1e349b6b8db38e82a78f5be3480ba8dbdb70ce6f40abbfbc7dac5513d6.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
56f15d1e349b6b8db38e82a78f5be3480ba8dbdb70ce6f40abbfbc7dac5513d6.apk
-
Size
9.6MB
-
MD5
09d65159abefddbdbb34f0a2395f5ac5
-
SHA1
5124ac356ce7723732b8c4e5e458a25cb13089c1
-
SHA256
56f15d1e349b6b8db38e82a78f5be3480ba8dbdb70ce6f40abbfbc7dac5513d6
-
SHA512
f6ce06f1525cafc279a76e5856f8efd2a73df550b8ae714523b8c57d5845c96cbfd1b8320b3d44299cb0b44d98a7494d3704ff8ffe97dfe797668b0d49abeb93
-
SSDEEP
196608:hkQmTyPTsFe1iffMellHBCT8eiqQyzgW/kw8PO4awyxV+Xh6OapCnv8HrXvA:pay7gjMellHBCT8eDkwQOR38XpnUrXvA
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell information.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo forat.group.noshidani Framework service call com.android.internal.telephony.ITelephony.getCellLocation forat.group.noshidani -
Checks Android system properties for emulator presence. 1 IoCs
description ioc Process Accessed system property key: ro.product.model forat.group.noshidani -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock forat.group.noshidani -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal forat.group.noshidani
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/forat.group.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/1651eca7-981b-4402-92e9-ac634b5eb02b.jobs
Filesize278B
MD564f6147053bed34f55552a7354d7c8d7
SHA1b45b8ef253f9418c011a60df7a91cd9258459f13
SHA25619884ea6f7a7731b8728d5091b6717d17c4e59bf94dd6de2376d14ca8b25f67c
SHA512de3eccdb902fce0bb68e3bbcd1db942c5c5abdd29404565fe137cfb3a51c18d1440de2be1ad011a0eee2956c425d5d132677f93d62223170b8d9440a1f7f1eac
-
/data/data/forat.group.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/39bfee92-f7b5-4a46-a3bd-a1aad2686357.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/forat.group.noshidani/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/ec3c91a1-cf69-491c-8d28-d601f14bc4a4.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
512B
MD5045c6a86871f10d4ab17b3657f36d5bb
SHA11aaaaeab597e7c79908a294b9cb9d6874e81294c
SHA256714830bdc89eabe2930a10281cf4894ce162f94f2a9c9cf1ef0c9b5d15b4a1bc
SHA512d042331c2e446d20cebe1c326d322efea3f8c31defb1ea9339b806bd821930249e86d1df311e541372dd230c73fe42d956f392de2f935cac9318e442a745eb56
-
Filesize
36KB
MD5ab6ac72228f22947bb19948b82202274
SHA1186f6b52fa0076ed24cd20b8d21f297ea3bcaae0
SHA2562e9efa0affa5958e059dd6f67fc4289f29fee59228383402d34102ba454b1e2c
SHA5129ae7861ef856d6c8064442dbfc9fedf3f1ff8c3a3d014e8c04692d64d3863df848142f9d34e8ad00529641c1ee1729da5644b0b7a66c3beb146631822e2cd6d4
-
Filesize
20KB
MD5a1cc000872dee68a41aa8786279af6ec
SHA122d82b7128788431f07cef7d2ce283aa504521f4
SHA25660384fa5ad99c80ec15d1f3b5abb7b96d072127684827b7d765c3d7e7048451f
SHA512689b77a0d0526de06c10c5168c416e8b5a9b5fefcfce7be9ee3f2c2f57730562b52645695665e8648013e6ccae912af8bdfac83b4a60037b5b5198e59b7b3678
-
Filesize
20KB
MD55e236f3d38d670df5c212893e0b3d529
SHA166dc9ca6dc645d0382176b187cfacb2a42848650
SHA25673c6217d7a97b3ec3dd9b3152adc9628f0064e8c5323a114a0782f347d8e0b20
SHA5128944fc0cac9116644891d4cdf940c5100f41137c9c31d46b975a68fb9506adf2234349f90c6eb528a7f152f9a327c60ab28bf741869b75efeacb624a795d1f51
-
Filesize
24KB
MD51f347cea6a53594be878e35079bdabc4
SHA1ae24631f83d3c875dd678040baafb5e64fc6ba6e
SHA25646cc2cd48a3621ce276d0927dfaa0e367261e740d6c248c48fa48b25be769fd5
SHA5126f09f140cda839271dcc15857faa5ec7fed65afabd0ed53164744e0b15c145b4fd0ae3f6ef0ad01cdf4eb612510f7f150ea72781740a9c6d67ed1075e5e026e9
-
Filesize
512B
MD57fe3e0d5fde5e465d9e24335af5896d1
SHA1940585b3d41c382c57e41ca6f008bece65714357
SHA2561d872a231e0cc5732bc2c2563da940192fbf3f57a082bd5c24e219745ac8dd67
SHA5124395822d631ccef0b49b2f90c7bba1624500944bdd576255660bbca6419352df82cc16ad73c731cfe2cedfc19a6d3199ffe2fa4c7bcf0fe801b104318698c616
-
Filesize
8KB
MD5cb631a641f3d84c59c225163d547bb2f
SHA1db5e729ed5003d8c10ee7f7e3a21de81543143f7
SHA256f2a18f36b68f7397d37cda193b27a7d97a237da9220239a81752e3eecb1efa18
SHA512c3777fa6af6e743faaea00096acf2cc45741f9e87d562a5dad6d892f3a04579c3dc73dc658c54a050b32aeb86727542c6a69d6ccab5bc361c251ff4bbee61e15
-
Filesize
8KB
MD53eed297dc6692a2e9ac714cc2c6d72ef
SHA11336f460862b8577e953964cc855f04ede38de3a
SHA25686753cbc9fb818a5350899814c73d26dd7373d1ac5ee479e9b449c7915d42ca2
SHA512d74a81508e8415e5b350139dea4dc0d0b718e5ca142fc05bfe4c06fcb555e16dbd3cef17c67fb2772ee54f497322de7d604417176c89ae632cc5eaf038ae2b86
-
Filesize
40KB
MD5ada34c393582749d02ea83c76bdc9d4c
SHA113d5a48d1834b6521b532245c40978e37a3463e3
SHA256395dca287f55e7f7134fc94c28e960b996b47c9594c01c2cee04e0c6abf17d3e
SHA5129ca3a14cab45f860abce89aea95d2da9f753a0eba0677445d4a49120e77fd09e84dfc95422adabc19e0db46c2e6e3a1dd3a43397bea30ef0dfa2ba5d3e3b54da
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD568ff23517ab4518ca1aa92474044fbaa
SHA11abaf1618ed3aa91a9b4c307c84b34f7e6290115
SHA2563a640f85c53f9a94b10f9af0bc55f53c1ce3ee090a4f76462202ad17994fb7c6
SHA512ebdb9ae4dc204877932a5d41a4f31fc918505cc5126d9d4cb69deb089ac1bdf2978aef6333c32084594e13ca2d4030619cef96a3c9f2fb679ed51d0c84eecf83
-
Filesize
76KB
MD51d35fe26cad06f7a30ce9c0caf957c85
SHA1d0582e8bec25a17b875516c369b69d774d781576
SHA2563dd1431b615916617c2fd15351693c4d3d03f19c991910403bd6c354e23350f2
SHA512ce95044e1bf44f5b8012febc95becc44610071d0476e73a6edda7a1cc6550c6c410c49207c272e5df9fa574ec1dfa4d613797d08762d3c399305b58e93dd290d
-
Filesize
512B
MD5739e63ea385e18df12605ba2d30e4a3d
SHA1e1006af5253f66dbde73fdf0acdafadef134efa7
SHA256aee0e3090047d71f6bc264e18244213f02aa7c548e85e2665df5a14883aec826
SHA5121119d4d784649a5583fe792f15acbe0ba6c699025e87535184d6c6702bec4dd129bd48f3c1848ab8f723a0de8259d33727174576ad6e65f83825dc3220e77448
-
Filesize
32KB
MD5f4be4d42f7bac8b38de7ff0a3f2bd4e2
SHA1cc27db52f82e953b618408d3b9bd97c7b6013356
SHA2563aadc3bbc0c74d07a76140a7a1e843636fbfb9a51854661aa0580d8e7f10a797
SHA5128e42a6e6374261618be9391568d518b696231d219236b825199289cecf0202739eeea75bf1ceb75253dfad4fee3341a7db1303671418df43b02ce20e783a3fb1
-
Filesize
158KB
MD5426179142a16f9ccf11b14af2c4b9814
SHA15ef5bcd7454f56017adc4d62e480de8540970301
SHA2564b4d274ee8b5c46e4fb929fa1b1d272c388cd36256a69bb6beaaf6bfb698a0fc
SHA5120c874897956081b92557259a8f99eeda8bd9db475aa909731f2da7b21e42ce7c14768115600646cc0984ecbd7f845c3d8092526f685cdffc35b876f257483b52
-
Filesize
1024B
MD55bdb981b75700cecff7e6f86bc918d3a
SHA1c1e27ef5fd91bb364297411173f853c50f9304b3
SHA2560b9781155a34cf1746179c37bb03d125e51968fde116995c4c5a73f2376b8d4d
SHA512466efa75415779bbc29987667b73f989947fc1fd2b2106ef8bb63e7ffe970d4281506071e39b600cf891c8e8f00c7479c5b2b692ec58773d57a8db28c5224b1f
-
Filesize
1KB
MD505aa70a60c25be4cd3cd4b4cc707aede
SHA183ef7d10cb7b760a0819c33c7388caf67b319e00
SHA25682417130bd91d43b4d634e9b7347ff0385a5375349d76ba8526b7d67b29a9ae8
SHA5129e6385fa792c33115c61c68abf657b37a80387eb4683fe90709e5f5a0e9ee361678206570a8165f34bf57e6213dbd3367df914e98d12500518f214d4a2ea8714
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
2KB
MD5f10ad2cc87b027b788f2e8366215f654
SHA12ad824f8736cf20ae1b897670142b20bab1d30fd
SHA256b77500538c5da86bdf366be0e3c4a14f9b819392ff075bbccdd4e9752fe7a9f0
SHA512e8aedee7c35c88dbf8bbf598291a95d071e1cff91350822e14ce7d3317cbf45cf608840a2177883e39d81ae35e27736955db9786f0c39b8b6724419ef87aa3ac