Analysis

  • max time kernel
    2644100s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23-12-2023 18:37

General

  • Target

    6a578d9f7793412cb9155e811f8c913c2f6ea805a5d2e50362dc884097f4e849.apk

  • Size

    3.4MB

  • MD5

    6e7e12cdcaf2188697cee24e3878b936

  • SHA1

    00f49638f0cb8ca1bbd80508130f9c6a3d1d2670

  • SHA256

    6a578d9f7793412cb9155e811f8c913c2f6ea805a5d2e50362dc884097f4e849

  • SHA512

    2e66ed715817244723e9f343d3e3fb3905a67edd203466c6669816cfc3e9d07004ed2fcb985d2036300049a1c1868047f1e5b66c7bb6199e7548920420f187b7

  • SSDEEP

    98304:X06BY3h/E8NdnpMbFXYkFpYy2ZVXeh6zM+pss3mFOF:/YNEupMbedTZoh6hz

Score
8/10

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • ir.dena.iran2018.daryaei
    1⤵
    • Requests cell location
    • Acquires the wake lock
    PID:4256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/ir.dena.iran2018.daryaei/databases/__pushe_base_lib_db

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/ir.dena.iran2018.daryaei/databases/__pushe_base_lib_db-journal

    Filesize

    512B

    MD5

    66484b7f73a46506f5860835f22c8342

    SHA1

    7b4d3107ee5dad8eaa90a1bf1650581d78697177

    SHA256

    27e6dc07116089783eceee9f4efefe84ad85117e760ff9199881d4a21766dcab

    SHA512

    00a780ef994206d71762d2ea0860d95f48e832345661f1d6d70c3df2e1b4c20776ec9732c7646992269bd65f38f67505593f64b2a3ceaa20b351cdec1c82390a

  • /data/data/ir.dena.iran2018.daryaei/databases/__pushe_base_lib_db-wal

    Filesize

    36KB

    MD5

    a4a6756c6bf19a90f5b9d756407b7e35

    SHA1

    386ef9ff1ba1c5e289535fca864eb48c17817282

    SHA256

    c20568fdbd0e0c6df23e1fe4270d848ca0dbbd4e2534ad93d3f7ed7188dfcd27

    SHA512

    f586153a618e843afc5878a1bf08fe3403502895d852de2880207e0603c4bd43e2587920e8a099f0c393692cfa9caf1cf26e23b38bae2e0f67a6770b03029936

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    534dea76496868040da12b269fe877a9

    SHA1

    7d7c72a7a478122e6cd4d7a14dc2cfc11bcac713

    SHA256

    ea72a547ae8d0fb8637a15df065eec17618a08e699c11e18519ef048ee66ef5c

    SHA512

    6c7edee1ce7cb3d183234ef3086ac538f2a90f5efe5c940d5a37d7b5f02b131cd86f36c1fbc439dad42851b75b102ca35fcaf77d4af81e94273cf18a1c538839

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    7f769659c9c7084a338ac615425f634d

    SHA1

    84d62dba4cca29b72888e86b45868bcf64fd1b86

    SHA256

    065519c587071042f721504fea206fe3e0c9d692ab8bef2cf8998be31cae1d0d

    SHA512

    c55112ac964fcaf948ad38f703ebd3e20834519aedc3c438d9474e5830ed9b7839ddfab80f8f2e2636ca1229d3c9aa208cb609f8f47c8634b9879bf9bb27e5ef

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    978fdf85b8448e3a7c9015e51477eb49

    SHA1

    793bb88398dc9457935a4416638d5ed3974baf19

    SHA256

    8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

    SHA512

    852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    80a7b8a3da6b358e3638257e68863242

    SHA1

    8ceea928f76dba5ed03ef48c306a8424f39a7e6a

    SHA256

    15bfaeed327524f242e5872cce393a1a1ffc114ece88182df251643b57e6f94e

    SHA512

    e1df106faba72a87e55eb78ca63246ea18a42057c9006b0f5eee6a03487b3d79686ac34a742a3134a7649ece8baa620378a8e173c45c4b80545874a8964b206d

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    8822036d0cfcf7db719141efcdcae7a4

    SHA1

    cd37c51455d682de03f817d63cc3fd605ba28888

    SHA256

    220921108ffe976f47454bf1034a640815cb072193a3a599881f495e9d4dcc0d

    SHA512

    a70dc21911ac3bf2205caf2c42e734d046e47a336ac10a03b29e0cdd3d1c2c156e7b03556dad69a17f775923883aa2bcd8507a7a8999be9539696d9bee871a83

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db

    Filesize

    16KB

    MD5

    1bae7148446b3fbb683ed46f9cf90a65

    SHA1

    f25115e38c5ebdcac4eb4f6de06062251ab6f8d4

    SHA256

    a077ad877b424dfb4369a8e43df470f2a7a2e0e00789620959e6a5654df93ec9

    SHA512

    593a2ba3bffaa6c67bb2479b52176cc0ad8d11d2ff24ec4e7d010253b728b2d849805d91a7c8bb8f49588f80362b74a8b15384b22cf22c3a2f9b4dbe777abbf3

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-journal

    Filesize

    512B

    MD5

    e4ab705391871043e899323c058f1f90

    SHA1

    691634462d4a08aac5972fe940e4e232efb6e0c3

    SHA256

    417e1e643df050ee0a33249a2da8eb833c81d30f36fec89fb15026b23abb81e3

    SHA512

    8b3642a08d36e2ba985baba87e710b12d2199217241c0dfe5ad754adb6bfcb3062f4f0057ce09ae965a9c146f2f9f3d6e2db440119f1c352e57a7dbf6455548a

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-shm

    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    2a8e14407dc4919e40fa7f5dc5b823cd

    SHA1

    45133e69a7a953ffc11355fddcc16ee191d6db1f

    SHA256

    b9622fde2edcce0b57f89d4edc91295efd90aa8bb8296331e35597cbe28478b0

    SHA512

    5faf6f8dcafd167e518f98ea0220b57908de5b679f8ed73ea9be68b07164678526d99a51734731cb324f0c3873979c77ce1ac9f76c65dca4c8b9ec5fb01f1f57

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    a3ff45dabbba70863f4f8b91ff167e23

    SHA1

    83718f00029494acc4d6569e01d34c79cb2d046e

    SHA256

    a6254702ff05fe41f2576d32be0dee92a09d1b83867bf1aab23faa440c752edb

    SHA512

    f36d9d4b87d5c9ef7d867a3603001b855680be94a50b9d5dcd2fccfbafe57a09b2d5c3523ee629d7996e94bdec83656fc40523576e392e7f37f92207907b78aa

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    b9cc4108eba8c398a235cf1337dc552a

    SHA1

    0dc003d5cf221eaac032dc9a78f6a2af89ee0d41

    SHA256

    64079dcafdd53670aaf8363ace38f590d212383718c14f5ba53e2cdc8ce5f98e

    SHA512

    c4792154d0d80c84889f4cd8c32f92129923026c16c22af743281c509ca8c283753b3eaf49d1b412a8aeeb8d3fab819f26c2cbf524744a2a33d256a59574550e

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    b4ead007d22a0a7ef78cbb1bc96616cf

    SHA1

    5b09dbe687c63ec31e6c12b22c1a1f4b8245fb76

    SHA256

    254357dd3d02ddf2cf09fe76939221c0e8517c50c98deb5911dfb40ffea859f5

    SHA512

    79f7faf30756ca766e87dccc425d6c923593c65b55f8b967d249e42a693f1487e0c4bf659df7a02071a5deccc6e6c765d11f6949ddf535c3ca197369914af120

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-wal

    Filesize

    28KB

    MD5

    8d193b9562a6d0f693035ab0df667ee4

    SHA1

    a0c518ccbc0dfb894dafa84441eaba5ddfb0f9de

    SHA256

    1d2aa7399f9fb69e2db5af8f1f3508a414edf02c7c64d4406c10971f1c4c9697

    SHA512

    378ef2e904628f095dc254034c5a0858f724c46cefb66c4775d98d8ddd314c2bdd221a63c1aafb81a9c20daf5cd536be9e52eb2dcde4fd24c2d4f189b10bd852

  • /data/data/ir.dena.iran2018.daryaei/databases/evernote_jobs.db-wal

    Filesize

    4KB

    MD5

    703d915749bff7a81f291af67fb4c331

    SHA1

    1151f6294d7c2ed07111b25a8a354a3be1a5a72c

    SHA256

    224ff0545f1d4c08a24447d004fd073288e6082ada14b3178c8d42d75658e15d

    SHA512

    a5a9df6ac8a6c9abd6b1e4ee6a2c4de3226ce451f55edd27c68b8d5ea5e6edd9ea1b1f42ce314864e406afbd59614bdce1e286680e92831f4a0fceb768ceda92

  • /data/data/ir.dena.iran2018.daryaei/files/daryai.db

    Filesize

    119KB

    MD5

    06fe7dc230e9deb9a5ccd10511d8bf60

    SHA1

    4088be49b5310b656115c48a5bcfec759a3f97bd

    SHA256

    4164f2bdd2ff5b8509b04b24d78ed8e072c06f63dbb8183290ff1a1ee87bb781

    SHA512

    5d11c5e79dedeb89b2c24d7da697d83dd171de387f158ef293d908c3ec7063ba59137998cc6394c52fc553d289b02906aa9cfa9bc13057b426dabda1fde90f72

  • /data/data/ir.dena.iran2018.daryaei/files/daryai.db

    Filesize

    1024B

    MD5

    96134b9869fdbfb6491584a296f45ef9

    SHA1

    3089cc30719070b354614b87160e4b946ccecfe9

    SHA256

    b812f2f316cb78784b424c8586c244810ef3fe44bbe870fedc8811d611fcde51

    SHA512

    bb9c4c0af35f2a2c641d21d13d3ba715e16621c90069c75463339620174881631f347aa4ea5cf9a75c1d3d92e9aa3befec50f75f448e4e33e8d4a97d11fc29c6

  • /data/data/ir.dena.iran2018.daryaei/files/daryai.db-journal

    Filesize

    1KB

    MD5

    b99abf933142c3bc5dbcfdd94a707188

    SHA1

    fb9094a340470cc5515f27fe8e17af3ca845e896

    SHA256

    f099608b12d78d01d988816ab2b756b77344709220a24d3df2033ed8a20928b7

    SHA512

    03ded5aa3a305700986b997ecd8538a12f852ce876f88347b3b59d8f61e946926bffd20f755a0dff08e10c999c5509b175b5f3e2d8ec55748f1463e713587b1c

  • /data/data/ir.dena.iran2018.daryaei/files/unsent_requests

    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1