6026c43b39b415dff5675691d144b91ae2999cdc773ac9e447a7deb5e66f593e

Analysis

max time kernel
2619198s
max time network
129s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23/12/2023, 18:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6026c43b39b415dff5675691d144b91ae2999cdc773ac9e447a7deb5e66f593e.apk
Size

14.1MB
MD5

d3462e2adc4b9e6de6b57b2472dad6dc
SHA1

737441082479a0337a5bc2bf5412ca523d2fbdfa
SHA256

6026c43b39b415dff5675691d144b91ae2999cdc773ac9e447a7deb5e66f593e
SHA512

708366bd6a829b1ffd8c806c5b2d65320f7ee07c46e20e402b6de508d58347b55c9a254187d741880bfe3fcdf9dc38c2fc2fa1cd0b2c9ccf7fc2a71bcf2f8b02
SSDEEP

393216:2QNN4NjGE8f+hlAFvQ3/2Qc/mVvr3aiAOXEQGTGlMzgs:2QNNXEa+4w+452iAOXEXRgs

Score

6^/10

evasion

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.zyosoft.mobile.isai.tommybear

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.zyosoft.mobile.isai.tommybear

com.zyosoft.mobile.isai.tommybear
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_analytics_v4.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
adec58d26fb0c7afd337be26a2237ff5

SHA1
69dcf37e41762eef6a94e8e0e2dab6172261210a

SHA256
0e38b8a373105b7a920ac333d7ae18edba45ad385a477f7cb3f990111872bd98

SHA512
db6a3ccc1907617b0beabede6e06c7c71543d6909474556ec7682c8322f2d032eb4bba3a30a30721484468fafa240b57734408daa02a2c33de40eba70603b250

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_analytics_v4.db-wal

Filesize
52KB

MD5
113ce7949187ae5ed4ae9305f836cd87

SHA1
637bb554f15cb7b323cfba476e8885bf96c4bb18

SHA256
3cf2ef35a229237e75ad33671bfeb723773c8ffb44948015890de6f96b39efb5

SHA512
73ed50c90334f795f0109711148770ea78c1bfd449c14d25f0b985c7b2d678f94dd67007e9bfc365ca585767f47f30c030c619bd8a47b5875abb072979967434

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db

Filesize
16KB

MD5
41172d46ff8888be4cfc7da9dc7d75bd

SHA1
83758a810bc86c52f60c838acebb9bd0c541be19

SHA256
7c27b82cb8af372763b0699274222450a8311bcf96cd8e876b717d4ead2a4c9c

SHA512
6d2556fbd104bc18366276346a8fa3d36992b5a7e98b2dc43683912ab4322dfda0ddf76c43b20710f8b5a8018655e731e5a52b2e573fd62f0ba0767b868c3972

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9cbdb4be386fdd4713dbad1cc78ee3c9

SHA1
0f40d2991749cd4be337473875ce3c47e7c33d2d

SHA256
f785dc4ba8754bcbb71b3be34d04294d5fce1018f41ce43ef872fd3d522b9cec

SHA512
d4e30940a0af9e7a8a1789e195ef61bee3f459933bd581b41e989606ca2d37bea9b91b34de0960f0d6cbce27a8c4c223441117ced97a0a3e218bf9c7268020f5

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db

Filesize
16KB

MD5
aa2b024e19f7c10610b465a753f8b5c0

SHA1
60dfc245194c114eb417b6d8547e9dd200106687

SHA256
084f9a0f16d7292269affeb875f125734fb9461380d64bd9a9393cbbe0d96dcd

SHA512
92cded9fa7e9ff94f813b98c888c0c70f94c5593781c45304338ef936b1d4afb7c58270ecebd351dabbb9b922a50604710f47ec75d7c694e6683d7dce28b4a28

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db

Filesize
16KB

MD5
be4901100e950752e9c162781300bdfc

SHA1
52dba0f26872a45e32aba7d740cb4f9d21d72467

SHA256
1a172153137fcdfe1e31037317adb9db654b37d9b4bca1664644ab711b2b7751

SHA512
7725df731c61033b1a5ecb1a83784c63c3591fa0976859a9f93d0502afc63e5719e3fa16f00cc388f2dc9d569164fbc9ae2c9ec86fd84180b17f7270a396cb5e

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bd28bdf4772037dd389bf193f431e448

SHA1
604ba1565c27daca5cfaec959d8f37ec57e9be6f

SHA256
cf53493800dbdc498c189c2106c36bc2fe51f6aa4d91b1535031d43c8f379d63

SHA512
ce11a88f48d68988585f7a6cc0cce4c2681b7ad63973b5689789f7792bf7312328ab1a720d32b5313ef22ddae4a4b1b4368d30961c7c0aee7b63b830bdb3863a

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
5596cd70d025000bd80fededafade6c1

SHA1
de4155c3591b7550dc13cfb1f601f9f2b5164724

SHA256
a68c4154514159c952af2d2f3360b306ab6e1b3af405caeb1c4a7fc91cfcdc75

SHA512
353f6a88577c492fd7ee80817b75549ea20b9327907767552403fc87876e6fad841f8a1fc5397a4188480c02479e8ad8f94161d71a1e05f8de698d1c7173fac8

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
90561d64462a76e0b1428f6cf250b919

SHA1
7d4745893d1387907d6033290c83e5593c4f498a

SHA256
ccc78706bd088d78bb155c9242c1c36594afdb940d9650426af265aa8ad16601

SHA512
4298f959f2f437bde5750a7b188db08ba171ab35ea77253928b65a5b848a614f7aebfd5976bf482396911077afdc9458bac686f988c94ebf742615e8567468d3

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
8ca45c2dabf4ff5c27c738a5bcbf6978

SHA1
637c8b68749a724865af4f028679d789e019806e

SHA256
8b814c38f47ed8aca4a6ff8cf0e553e80a97a30dfa22de63b1289a6b0369ed35

SHA512
8225cd8792cbf1d01800ffa1220ca11bcef99d04669d9d2a6fa575ed1d372f856e4ef4d1ef35303b51d7309c62a373b9617a378dc72390e89c2771be4097953d

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2361e331221899cd753b6040d884d043

SHA1
1821c942bcc6611e55eec50979a48c245d274d05

SHA256
8dadb841d1dc563ea020ea9430b4fc9feddf221aa1b6a7bdc8cd37fb1066b21d

SHA512
866da1de785258d23997bcb20732bfab9ba45cb6c1035205fef524a780a3bf02a98104bae2f8daff2e1a89301a224217aa2884935fa59b3ff628db7df573dc3c

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
41b0b3bbf2ebfd5b9dca37d2d76662ad

SHA1
070ce614060415e05a5853ab2ef9e037116086c2

SHA256
085c7b8e886f42db3d295e01a455134718ec7859ff827e64252b3a25ce2170a1

SHA512
65d894c022476b30d959b2cac64a440a655b8a277b9b7e8129fce9c11086f604ef6cb807779b66b0ab7e00c522a4e60ef3d81bc04c24857da759c769705d49a9

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/658838B00189-0001-1198-95786C2AA699BeginSession.cls_temp

Filesize
77B

MD5
19dee5290f582869b67ebd8c6fbd5356

SHA1
33da3717838dcf122f07d8cc7fb73221876609b5

SHA256
bd307d8cac9485e819ce2e3dc3a6bad0ab9446e3006c557464bb7cf2a0fd2f32

SHA512
57f0a1749d0155bc479ad9452991be6df640e6d68c059aac2f7f6cce2a83a7a9d3acc3e440baaad7ab0afaf0aec0393f81528856aa9d05d3ceb89c16dbe5a617

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/658838B00189-0001-1198-95786C2AA699SessionApp.cls_temp

Filesize
137B

MD5
b2bbcd177ac45685028a8536d063b82a

SHA1
b5870ba013e827528d8dc388b1a4cb8cd5722a0b

SHA256
cf46ffaf6d09e5872d7769a97ba4bbb0d824c3be7200d5ab2753498ed8a1c8f4

SHA512
1d526031463244456ba4d10f45357f48fa2e88f9757468d0aa429e316e3e281d0e179e855685b2053327831ec7ba20cc7539b2369caf4c8a6c2c7e8261d3ef27

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/658838B00189-0001-1198-95786C2AA699SessionOS.cls_temp

Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
145f2f1aa82de59a6226ececccae2f4f

SHA1
9628e52abdfa365d815aec80fd6c261ceab15b7e

SHA256
0140960a81f28f3f13e0d3272884b9dec5ab4f5f890eac5164a86dbe2a31f02c

SHA512
7943deb8ad5b64541ec92138974686066b96e94c706a2f8549532070b660047419492f2a18f81d0f1359ff3436950ff5bc0d4b5f7c54a44a9bf7c10363616015

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/files/gaClientId

Filesize
36B

MD5
43c4ecb04c3c898fedfeb57650f20c87

SHA1
4d66f6b47f563b2ebd4df675cfdfcbda8b112899

SHA256
8bd31daf77920ce5e74f370bd98dcd6cc39ca2687ced793aacb944ce281b17e6

SHA512
036208a35c4c178b0ddd4a5774366b0226a2e467d4252d2d728c187fee636ae00526fa745962e713e8edef73bd8402918cdd2b7af6ebfe520a7132892c7bc9f0

Download Submit
/data/data/com.zyosoft.mobile.isai.tommybear/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
840c6ba4869d914035d418b471aedcaa

SHA1
57c5d408f9282d76aa9da4b1325dad2908c120cb

SHA256
ad06f8cfc833d6d373a0905fc38da9b423d693232bfb0fd3bb45f6b3503f3bbc

SHA512
684ed79a82278e5e32bcd0ff27b0d4f58cb9ae4aac874a396a2ee4b2f877ec5eb8e2f2b735eabeaea8324649fa6e033ff8598a79627da17d16e26cf55c919415

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads