Analysis
-
max time kernel
2548643s -
max time network
129s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system -
submitted
23-12-2023 18:17
Behavioral task
behavioral1
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
-
Size
9.5MB
-
MD5
790c5d08427133b278814a634a66b373
-
SHA1
ad04de30db0853f03d0481f3d9d7767b2ecce29d
-
SHA256
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823
-
SHA512
6b074c3e676741ce8b5d7214fe620c5849f066f2bfeb6857f7674caecb43f04fde153f27ced60eeb5979feb5750c272ce49ba2a4bd95039bb3d3b8caa7ee81ef
-
SSDEEP
196608:Fdk710HuHigflHUXdBP2zsU3pAeaoQA6tDGDKHlexSKdhiU1rrsOMgXjF:nbHuHig+BPksU3pAeaoS42HYQKdhtrsy
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.ziba.pankeik Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.ziba.pankeik -
Checks Android system properties for emulator presence. 1 IoCs
description ioc Process Accessed system property key: ro.product.model ir.ziba.pankeik -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.ziba.pankeik/cache/1582435991586.jar 4269 ir.ziba.pankeik -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.ziba.pankeik -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.ziba.pankeik
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/34b61d36-5fbb-424a-a96e-c9617dd66060.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
/data/data/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b3d316b9-3177-4b25-8951-e7fa83c1abc4.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/data/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/df680a25-9bdf-48f0-bd06-e24ad803719e.jobs
Filesize278B
MD56106c4d71a226b0149dc27b97a5ad381
SHA17f903f010d172dbe166964e29763bc0497a7ab71
SHA256217a2f5aed2b133497a2110ff81e82ebf61d7a69d8f17dee18309d179319a429
SHA512ef5df534549cf0ad60b94b185775dee1629e1cda75929dffafa33ed290b0b165e09cf2e6c7236197000f182792a6bfac84fb5206ca35e6a1e7c6a16e7a767402
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
512B
MD5db8ca85d2e3de367b735cfaf5e56b7ea
SHA1558b5d78a5c13fa4cb9d5ee611e6d319cd3498fa
SHA256a3c88c3881a8d1cfe7cb108ba2523a46b780922dae55feb91e4a51fc27d9dcb9
SHA512299ae3cc56e7c8d7d7ea64f7c2a824809cdfcaba754ad8fc6bb44a7e42b38f37e7b034a36439ef7394c83f958f33f63c814959464fc2305c5f050ca890a62b0e
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
36KB
MD5f65465e8f0ab54b00c1b9bcb75e66451
SHA1c59fc554bdc972262f5451c68b900eb5313e5e5b
SHA2563918ab1cb22a906dd88bbb0382901538801cd85f63802764aa65baf5b3bae766
SHA512a33844bca4ccf172e986b1995bf899788722d951770965df6dbb8ac9ef2b7152c6de8d89dc14e027b71c15425f56da4a81bc7f72761b79e39a7d034f9aea9b6c
-
Filesize
20KB
MD5c8be5fc72b34a1cda856c35ff24e48f5
SHA105d0059b179d258f94e9d6b21f45a457cecb1e0e
SHA256ab0509ed47c46ba470646821b8a8c3e8a56c48b1f359521640832027c54332a7
SHA51279db9af9314c18bd2535a47e1f197d3f013626d866a8240dee2b0a84119124d7b40750065ebee39d3f3169ec2ff38ac189e0c103ba806065cd90544790f3d536
-
Filesize
20KB
MD5bd3d22bf7a39d8bfd1b22a4031671500
SHA1ae4c133ae241cddafd9b71cedd5a2db7debd78a2
SHA256dd656e9ffdf7cc06633b66b880faacfcaa7c5366999d9378145ecce7de6b3e45
SHA512b63a4cb4e83cb8bc6a33f04ce86dd15cbdb7583d031c32d083d2ca28aeec11bf1b505b60a066bab7550fab24a1952ec56a0b27e6a2a408f6b81fcd814f2945f5
-
Filesize
20KB
MD547aa47eecd8e308af0a268a61d17acc4
SHA1e890b2ba3e8c3b36f277baec8c532c6b2ca1982f
SHA25667a9a09bb849654f6d3cf8b88c79267ce68819809a0895fe91d16fc77fdf7919
SHA5125c748f72cddf64b6c85ce032dce22c6aaecc7a76723d9f2df4d20a5c832a1009ef1390a33cbbb715651df94947f0df194dd3381be00628669c5cd15264b42741
-
Filesize
512B
MD52ca10dfa35e61a34704d7afcb9702583
SHA19e80c00483bd07ff94252585a3913d8f9ad61d41
SHA256d8627f5fec7af2d86f64ecca136585f729020c5e698f9b5a1f2c167fed50c485
SHA5128bac31579cb9c070483b58f55ae6610752289fbb6d33f1d15b056b23d28427436c5dc34d318f52c2be51bc62bd55943731c903c7d733a36410bf3df1bfb6d7a0
-
Filesize
40KB
MD5163a484fe43efafe77e47365087f973f
SHA1cc645996609729825595256ebae6043f2343d4ff
SHA2560e329da29360ab28ce026f34f07dae91a291beb46ee88475bc1939f85225feaa
SHA5128a1c20545d498d02098eb02e3772b63c7b19a39f1dea519b81a22ab2bff6c5879f5ee87275295796091f842e9be00db2570fc8c97293df9952ea2fadd6eaafb9
-
Filesize
8KB
MD52cf7018466b8d9568940114f20b35625
SHA1345a9d362dcea32ccb0d886819bd97cb066a2381
SHA25679e9d54d15a84ac8f01c21b53e6f06fe8391293a046611b13a5b049cab014bf2
SHA512b483268dcb1b69a8512f9c9866f3db2541651aa85980e7394156392543ea703a2eeecd0e2981b6fd9731b5ed99f80907cf92c8dd7b701a472351a7d485e81117
-
Filesize
8KB
MD5e4039d4ebd726dc8e2602a4d646f243c
SHA1e24340a68627ef86c57d09d311378a07ac2f708c
SHA2562c017f3e35f93c53fa7767c2126b2ad88fa591755984b723c32a624f1b98c748
SHA512a957fcadb1ca91f0ab2e503dd800e223e4c97793eb31b039115f75243a0cfef728284d6bd21f50c257e786cc4ddc92866826a702623df73a4fddcb7364e08704
-
Filesize
8KB
MD53541d80f8476fd5ba6e89ead85733fc2
SHA1c8d0c5cdd1e064676d00faaf3ba617c8f624cf20
SHA25613ef3d44253db788aa308bbce51f7e03c353dadb32fd6ad561ba5bd693dbb799
SHA512d2f7b579d9b94446ce65d2403b045db8b7f76aa1593db347e1b2c72fafd125c84885a1344052fb5231fcefc84673787f4de469a0eb18e240a8bb0eb5410c082e
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5f55e53cb4d4f53dfbd0a6d886d2d3b54
SHA1f04557f4d5609821cd1223752ab7ca1923fc0ada
SHA2560caa45a269856049d301a7cc5d1ee6acf519eea0f41f26dd2147f08ba6bc5022
SHA512c326bca43bf4a545413bc8582d0512f17aacfaac018dc52a6b7fc81f6fe552c31f130f231851b9c294ab5cc5988e14c7b12567d788bfda2624283c272cc6d175
-
Filesize
64KB
MD53b7d8a70c184c853a6a2421422488a98
SHA1e9f3d456d7f841bf76052779ab1f83634db3fa7d
SHA256756fa1bc37f7ff00ddaa7217643e8f04e8da9624afcea743709bb16ebb29d1f5
SHA512cbd74e1cec9e1597c506af2c75dd826d754e353e577399d79dc104b5c76670491426b167e75638650868acc51f8ae0945c82b522c58edab946147739e9b396e4
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD56d8f55d1af46b4d9a605435ca03a4957
SHA1ba1e4d2fb88b492fa4d40af52e28f141735a3d9c
SHA25690d5350cb92cd4d6146577f7e1951b8126bdaf108cdd8231f630c0451d604c3f
SHA5120266969c701bb7c505be71605ea04cd8a45f5bbf01c1d1b53359a98a9108d0bbb75371f53708b2eb2c466d63254f237509a6f1715b5b93e10e1c61f0348a8339
-
Filesize
16KB
MD5ea915a73eeffe242abec572d1425a3ae
SHA1baa9ac964ac0a7d4095e169ff123ca4c81d4eca2
SHA2562870f94faed9d51ce78b97ebf465c5b44237aaf6002b3a589c93b90c0b8c76e2
SHA51243f1f452126f4fbc35c0ef58270bcf90dfc3a98db1bd022e6fe1901f618c4815ebc0d08cd776fabd3af6d31a3fc18750ce03537292418f5202243ee4da561a1b
-
Filesize
16KB
MD5677bc556e973caa4800858363275bbca
SHA1a5cd706f364e0b549e157a13177cb76de1db457a
SHA256fb7772b58d050413f47f3b0d3177e8d7e6c09938d6983b5f343dd4a3e754cdbb
SHA51214354c1416d02ca2d3b7561b2de823f6112203c228d5a8bb3e0ef78d9f48da56271d63e2fefa510ecc120159cb7b26723b989e4fcd594e505f1a2435896f67cb
-
Filesize
512B
MD584341e99860663d2ef7f3606616e83dd
SHA1eb5eeed76af858608ae31397a38de9f456034d29
SHA256da92865394abd75f3166bda5aafcf5e33c9528de31a2502feb463c28e8a3d4b3
SHA5122ddfdfd5dc0c0f9697e7d22234c1f34648753c1ddb0c15bf204d3e0f207d9b8dcb49105c474653617122fef964c52a2ba8992d8fc0aff5ef0dde0108ac5b89b6
-
Filesize
36KB
MD50cce0ed0e9a83087c8016d6da23ec949
SHA1cb1caff120afa02fe0795f7cfd0acd4241d94f34
SHA256259d3048d858b8ac08ce344d5c8a68386c15b0956413c88971f48e67967205cc
SHA512b666a04965483348087af74febb4ff3886a76eba5f815153b195facb45528e56ad05718d9b1938b4a0421717cc5c7671204556b29fd5954a222a026912260f98
-
Filesize
4KB
MD5c508022b4c29896d202d274bd290ce6a
SHA1639dce940c36105b6a40beba2ab64e38cb77a2d3
SHA25617ba3430ac4bd09317b73f4f4b4062fcc35371f656b611ddeb01d51112a4cffe
SHA512d9cdbb7c34f5005476e5f01690da4204b416ac91b77b50bd52184d6aa64d519d067109ef5db8b18f90972e86f4b5c5489eb9a7c2595b5e943d3beb1e3c363bf4
-
Filesize
4KB
MD5e4c29604df4b1940aa8e7e1a09ec22d3
SHA1e1d1d2355bb62c8d8c8a5a25d3cff2ef647cdcd2
SHA2566c0a767726634a0e742a0e390ba923e69c54c419e5b7829bc38043e6cede7780
SHA512e0fb164c517c215536a104d2eeb622a1d547a1a3572caf1f9e9f9f4afaf6e8ba468392028a3d7367a9cdc9a015856de942a424590134c2c1ff4e6f7eb10d7328
-
Filesize
4KB
MD598f8de34c6332620b28a0d0e32c493f8
SHA102158279ccfaa6c6b0f0f0beee6b6ba79283fd39
SHA256d7276b0a4a6532aa66d4852731cf99b020aa291de411a436f4dfdd8dfe469eff
SHA5128154af73d6b0d1de5c20c8d43abf9f3433946b474f84b3b8963dbf15e689c720d369b2100ebac7333fe7ae437dee276eae19e2894d353287ad5ce93ab8ce5328
-
Filesize
5.7MB
MD5e02b005ad5d95800e94497f93524d089
SHA10e2be71b6a5e96ac5429b8eb0fa6af354ffd1011
SHA2566e2730cc4e74f51ded0353619e9cb4343e997ad7b26d4144b62fec97f64ef000
SHA512edd446b5fd6a951d47bac670eed2d68614a01254f9a0026ea57cb4c8e32bf8fa5c7ff2619cca4d663a7b862b69cafb64d1855ccd8a5fca323c37e3a0cef6bfae
-
Filesize
1024B
MD54f4f0a964e38f5e6326ef848d4a80c99
SHA111eb5ab21ad35fccd28e33c021692b45988aa484
SHA256ba3d6343f4105cd357a9edda1454e50cdceefd5ff539bec15b3643b43573070a
SHA512e860820e45060779f47592ac8773481c69346ad47d6e2e07757270f8c01e7cfc5337962192ffbc3cd9e1418a6b97e5999c34966328f628d67866d961c8870b1c
-
Filesize
1KB
MD5c723e1f164b9c204ecd0388da3ae75ca
SHA103899e70034c24e00201fba7c125fa8266b583de
SHA256bd99cf6973a226e3b5543e3a963d556cb84a8ef3c57008f1a27b5cbb956c77a4
SHA51282144c9987e4cffb15e18f0d38327ee9721b48906cf4fa1c6102dddb35e0071800605185b0985c087de231ae6619da13a284f6ba0512aa31adf4c4af5bcd962c
-
Filesize
2KB
MD58470ebbee919988b0ca4575e95ecf53f
SHA1a5d509eae7373841f9ff4e8cc73624d5edffaeb9
SHA2563b88f17861068213a7004ff383c11128bfe52004ac972574348c3c157c126a55
SHA51251164163461516e0f6dde9094eb17dc6459f6523b11c6a49652f1a839e2a814f2ecbce7e3ae914d8e20722295e3eaa610add51f07ab7ea96fdd1ab9401ede5c5
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56