Analysis
-
max time kernel
2548498s -
max time network
162s -
platform
android_x64 -
resource
android-x64-20231215-en -
resource tags
androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system -
submitted
23-12-2023 18:17
Behavioral task
behavioral1
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
-
Size
9.5MB
-
MD5
790c5d08427133b278814a634a66b373
-
SHA1
ad04de30db0853f03d0481f3d9d7767b2ecce29d
-
SHA256
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823
-
SHA512
6b074c3e676741ce8b5d7214fe620c5849f066f2bfeb6857f7674caecb43f04fde153f27ced60eeb5979feb5750c272ce49ba2a4bd95039bb3d3b8caa7ee81ef
-
SSDEEP
196608:Fdk710HuHigflHUXdBP2zsU3pAeaoQA6tDGDKHlexSKdhiU1rrsOMgXjF:nbHuHig+BPksU3pAeaoS42HYQKdhtrsy
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell information.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.ziba.pankeik Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.ziba.pankeik -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.ziba.pankeik/cache/1582435991586.jar 4960 ir.ziba.pankeik -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.ziba.pankeik -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.ziba.pankeik
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/81adc0d3-7f37-4497-a68f-63cc951c408e.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
/data/data/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/8ba26e1a-55df-4865-ad9a-f17e07e99091.jobs
Filesize278B
MD56595d0e4c03570ac4ffe89571715ea3c
SHA1555490ab55155f12a239f9c43996b85b8b134214
SHA25603e1c64ade3536e3f625ad4b7c057145f31b3120a94cddfd52c9a062d52f4138
SHA51295be8e98c41650a33f22bcd9a4ac3c0503209265289bc50aa5d9b90f567f3d7e0c1a002fcc04eaa7c47e7b0518864d11ab87ad4ac21ec1b15c1bf8fe4f95d5fa
-
/data/data/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f6f58864-cf9e-4484-a716-64f7114639c9.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
24KB
MD5abe9fa56c177c65db8c072e6d81fc41c
SHA1abe9e9bb6f7294324f549af4435f58578ae69f2f
SHA25653f09b897033e2496e13f3c6e8d14ec1d1f7b273c2b4d47dacc569594fef0f8a
SHA512bb1b70eb859448050dd71822652d1976456be07c098ab41f2f75fa277cde059aff0c45629564170ee07028b85d501cc941529ab06753e5be2e710692bfa3922a
-
Filesize
512B
MD5c448a06a9751ec012d886e597f35c565
SHA10b9ccea0e70cc1ff84eccb63416b6ee236c73035
SHA25612c652d4021c8f4ba2e5530f9e596946895263ae7d5e25f47553e50794c2669f
SHA512297fc822fe3482d67b042c00db50d0184fc05602afe11a41e228ed273c87bf3c5e82088e2c8c28c9bdfdb9351fc34f60775160132e006b404e7f28e4916a96c7
-
Filesize
8KB
MD53d8e61478e7cb612215aca56cfe63de5
SHA1c17d26eea683053816fb341a330bd19a1cee6c8c
SHA25694dcc88d3c5f818d627b8a85c6bde28ff9b0bb48fe9092fe5c64961334fde06a
SHA5123522194ea21aa72f1dc51647330921cf6bd6cd77592e9ee9b51b116df869aaa419a896c119d5997e52220246e36df827e6f33e6d2fa47db1510bac47c0122943
-
Filesize
8KB
MD58b5d23473b7aa3ad132d1421f7f65f73
SHA1b0bd61f291896cf4020fa6507d879f8f27f6177b
SHA256104e3d39aeaf11c7def5f306b538beda49f480261859c2855d1bc0c479db22e7
SHA5122e3d6659b93d7ba941ebebbd93b52e65db464114f4894101edd6e548563e80e52e17aca01d33fa5761a12997bdcfe29859e3661e3be2a358c0876128d1af3b8d
-
Filesize
8KB
MD595e4d19407576157329c53f9f02cbcca
SHA1ab0286af48e7873079014a607420b760ff51e173
SHA256e8a9e937f2044e9e3f6ed7030b8d6b4a20e3e6dca99958bd3e940c8510da15f4
SHA5120ce443898f98f675d9813ad6ba473dde62d5efce4eda6cdfde958b9b34e07161c40e4eb9661ce51c1da844eed5a886fb6e2db544f91a15eeffa202ac6da8096c
-
Filesize
8KB
MD5018eed0ff4eac8ed1681f2230bf2bd31
SHA1f1cae56a4b8b9fb635bef19bffc9c951d089484c
SHA256882f437c69222683115309d13357f76f9421c740657f6f690f94808dfce21227
SHA5129928d01d6b07d1fd581588886fab3cfb51c82914847cdf1d04fc81241f50dbefbf5860027ead6b77422a4506daf084aec1f9990539a078d03956bf8fa33e2bc0
-
Filesize
8KB
MD5fa44bc1a9f1416ae6420ce6c97cb325f
SHA1ed2b1220ed1d9e35320e871a184ce51d85791c43
SHA2566b8df87b2e1abe3d677faba5b6a08caa2a6abf7add2c7be1cf9277bc6854551b
SHA5126231010dec5a689a5fe90ddbc98301adfe5bc343ddee0572c0c3fc8f85ede7ead7720b305111422ccc903d7d6d03c9b72936ff8d063d1031fdf6b4813506611e
-
Filesize
12KB
MD5163b0e3f017becbc89b9d7f330b78f09
SHA11ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA5126a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd
-
Filesize
20KB
MD512711729a8084d21010a51ac09be6fbb
SHA1d9ea1ff61b19fc62b2fb6f1ccce65477d838f027
SHA2561b10d60038cf3971ca5310ab16e7f63b56866522b37ff27e641a2d46595a979d
SHA512259209e664e46c090d72e3323a3fc736ffaeba7199f2267acad4e778ec3ad7f12fdcf2b80032faa5d42e8205f6150bedc2b0e109ab5524f1b04a1678eed0e85b
-
Filesize
512B
MD565c803ab0aa98d608101bb9b692da91f
SHA1a0cfc8b41fe4f638c7804d0a443f9eb90747ca22
SHA2564e5733427bf9e9c55debc6de4de638df3d0936558fecf7e7e345874f444a0e70
SHA5126cc65dea891d4119d128673d5d66808283261066c250dfeea28de07f105d9bb6520c75fbdddded1262e94b114f0c1f8a481620cfcea2206af421668bd6b88497
-
Filesize
8KB
MD55c103d78f32f9557cb2e570c2cca9457
SHA12ea446c1ee3406a5401636c8e4aeba95fff7d9c7
SHA256d90999e6f26e2c3c3dff79b0346be282a84eaa2fcb46602073c7f3553350e23f
SHA512808095aadd1d3c3f5364d3ca5ea75a5375849da29f5f1578401c27d51e09935f3276a46b37ad47f621e2ab9543c523940ca2f9701a8156c710a9514d6a718dce
-
Filesize
512B
MD569fe1f07dff96f1e944dfb99d2d8b428
SHA17c41db5939c4be2702821cc8263ae520e865c970
SHA256f3582bc2e0229a25a9ef48995778dbee54166e22813b2fff2dfdf34387b42e6c
SHA51273c6f61bbfa7fffc930ef9d3da06ad0e8a7bf2d1ba6720a236cfadac7fdc5687705f51dc2bbdcba9482ee28a0ed733ce3136973597299ad47087b8bd7d7f9be0
-
Filesize
12KB
MD52a53afe0e80f7a4011ee34096c3d0b42
SHA199011e0bf945ed0c8c59e32ef69a417adabcf524
SHA2560b106f9adb29c8614997e195ff048b68dc69d36d4cfcc19feb9382174bf0411f
SHA51227a00b12dae007fc78c8f822cc6acd314e38a3c13a61573abe3c0e9fe999e2c8dc50fa73b4a27a2ee4d5b0d8332ee95183c6a6021a3d3bc6b36a962b723ce849
-
Filesize
28KB
MD5eda4e5f53129dca7344c7e3f3e6d9513
SHA1ed01e856ac998b6c3de46ac8a2a155f09d6db185
SHA2567c4bbb192102dd3dfc3d30cd5542d9a115cbc6c52369f1630eeb9e5ea81c8e5b
SHA512cf733d69c95b4db67de951dbd2b4f3c9b31008dd0b7f8a1d42bb14820def6b34a5bfa178d1e8cee0dafdf64531751674e7f6398743e915ef469bb97662c063a1
-
Filesize
20KB
MD56ff19d6c2be6c6c0256afbc3b71986ba
SHA1f782f36157b596c593bd55b5f8cebd66a90240f1
SHA256af152786ab5ca3bb515227e9ac4c0a46550c6379923fa6b604fd9e125f497a11
SHA512a064730ef2815b2f44b99d8b62615b5df33c57f8a8f2b9974d3ef96d7f3bbf823a5ba66ed48ddb2e2685fa965966b2ff0a0268ebf0a6efb3b91570f6ac3bb594
-
Filesize
8KB
MD5f8f5b2be70eb8c7e211b5a25f54227d7
SHA11f03b7b5fd49eda70dc6ccdaad84d4e067243774
SHA256c9748c4d03a176b58fce734ba3ff34cdc56bd2adc6e6aea8aedc7196347f57f3
SHA512414ccbac0cfe162058acca3e37c894f7dd60c06a92d83a65c13aa8ef06b7f4afb17b0c6832f8ed8558418de09caafd62dd1ddf631e74592635843b07d72a2fb8
-
Filesize
512B
MD5b8b7e7f6aaa656967255ea8e3e930ab6
SHA1202241fe60d75ada2ad6dcb32889531e6cea02cd
SHA256aaba8c314344a9e00b372da49fc47150bf43a5780b3d551c54ee365215a6b4fd
SHA512874617e480a0e34baac3d3029a9071abe3c8b03a6720e03b5f9673a6fe22691922bb3020832b5bc08a1498e269b2395e037f9919e107a130682440ce99a39eff
-
Filesize
8KB
MD5963b939d266a0945f4c702c555a31d2f
SHA1576f32fe0df108d357cf76543c982af8a57b5c90
SHA25679a163276c7687fde9f299bae461900bbb0fe18ad28ef13fdfbaf998926da12a
SHA5122a2537f0b5dcf11e03da79ecd2cb184fcf21fdcfe5f6c005cc4890b333aa29e94905af2d6f3eba4d4d215e6681478349e52bf793f095a7fb906608344e8f1625
-
Filesize
8KB
MD5bbf1e501718f10a883e0f84abf72a884
SHA1145c1f366a45b438459e4f66e1da8a43c9ba4286
SHA25645ba00f7f1a5b622b04a4fa18ebf03089dad4f65071720e6d0259d5dab330edc
SHA5125da68908b878fb7c58ad7d917e19a36c1343dd668cd72a9a79db18468a77dc63cb5aba2ba07f3b33541d2919e62900f8de057cc1666b0be3f3e259d052a77ae9
-
Filesize
12KB
MD5b259764a66c266c0de2a13639b90af3b
SHA1bac724739c03cab95c224e9aec229d1676105e1e
SHA2562f9759920d68170c878765320373f96c530b28a1204d6e657f5d65542d5e9089
SHA5128b8b4f3463823c302d4701aca6204888646b4ef91586928d50df5aa666ca63bcad806c31e298655163fcee3487d6be81c3f69642ce1b22d66362102408875beb
-
Filesize
16KB
MD512627a2ec645c4a4bc50dba5903afd59
SHA1504005c938517e61bcf68b65a055c2faba635c2e
SHA256f177ffae9650eb4f407c2d9a510bb5a5abe1ece2fdfe24effc62478a1bfa5903
SHA5127ff69589296e02383a217373399e75d8a82fa17146e4273f4c0eb630f096dd9f394a3324d60858b02f7e5cf177c82c6d966f5cbedb68ae6a98df7cc851b79cfd
-
Filesize
512B
MD579f8152cbaf3bc229a29a2337446fb01
SHA1eddaab8ecdd1f6777f7a4b065da66795c4ad68b0
SHA25640e5151a399fd6ecf0eea0fabc0be6a60b36fc48bf5dc1b02755e6eb488b1f40
SHA51292fb4f95aad5ba54b07ebc298180ae99155b2310e22107180cf2823c5bb8058894bdd0b5ddbad318b8d53a4077f8b27f77ca81f0055f9673a7f0eb3a1c3b2c13
-
Filesize
8KB
MD5d3ddf8ad35f3fef8c9013a2cab2dc59c
SHA1c4919dbb18c9a18f83e1995e2857ab2fb60c840f
SHA256ef82e60331417cb918fa212b57ca63b5f985554a1ed878c1670057878584ef9c
SHA5124bb2ad1bff964b01f22a781e7464d402b06618fe2a8e0254dcdad981dc7cfdb2704718f93cecfe986a1479aaca8728c0329970ba39d7ffa7c6010cec6f8995d8
-
Filesize
8KB
MD5515e338f0624672aa1d070cdfe2d25c8
SHA195c8e31bc410a476baa8d381fad91a0c1c29cfb5
SHA256c02b261d8f81aa9e7f399f799700d382766e1522eeafc1626763b26e39a29361
SHA512743ee7210e69c0f06de524041f3ab8a978fffb07cef25698b0b81b748b7d45729f77d9af710b6512d358739f47feec24b44c64d2e9b567ce0f48956f217bb1d8
-
Filesize
8KB
MD540013f722cf08c934419f83576cf9ebc
SHA1df60d5b814926a816263fbfec863bb3deb10e7aa
SHA256b3c4c86365c839047048c20c8ce6bcbf204ca84f9e20227a2675d85fe8ffaa32
SHA5123a886486fea594b17665543399548c14cfc5be1a89d5106a89fd896faac97876094e95f73e9696d1040ef519061fe85d90751ef6cb0b0512c30dc2ec7ff5397c
-
Filesize
8KB
MD59bceac57095c1d30f7b38998e5982f57
SHA12b8ed6fbe6456ace7450a2a3b255cc65485ab6d0
SHA2569db00395902e426a184cffd9de6fca516c09e516049289fd04d58d55ee374143
SHA5129aa46cc9f0f2ede34a352f9085e6ea5cca43a06ef9f1e288f2ac6e1992d86ca7200ffa4dce97fb0391c3965277eede349c745cb0f2673c7dc976ad6ed529a04c
-
Filesize
8KB
MD5aa4987c8c13a7c79ef5b4ec02170b220
SHA11b6c133b10da7b9a524ccbf0810266178c1f945d
SHA256e4782201c40b15caa197cf93fe1e01055a6af1d02917c0e9a0afb21ca356b875
SHA512899d12a289012928bf41144513037f8f8663cf563978127818a5c6adde88aed11a2a1dfd210692fa7c29ab45fb0570b62861c4978c7cdfa65f9136044679e405
-
Filesize
16KB
MD54234b2d0093a0af00700f645e623f18a
SHA17e361dd722445c48414e2d324c598618440be5bd
SHA256a691d2e9f44ac9166a92364c06fe01a4a341ef504af59653ea8fb0fb5ff19879
SHA512536d70ff33f14bed8f75eb28ad7dac78300af6c732ebb359d5263b6de5a6e39af2d75b95a89a17b4dd667e4780430d3f09636a7ba7ae135be377ccec7f1694e8
-
Filesize
16KB
MD59ef585326638adad0a02b93a241f2179
SHA1f4303992a9cdcf5ab78177b7c0fea4e664f6ffab
SHA256a84f2b911df14933feee7942d4f9c6c6694d0f8615b4aa4f83a1480be89007f1
SHA5122cb5de97127001598a581a6296a350aa715e68cfe4d4e049afec22b69ac05330e7fc88dcda72ffb4f06e1d8c35d1c865cf5ef703a901dbf7991dbd3113e10d3d
-
Filesize
16KB
MD52849d1268835afe0ff4e115d583f84e8
SHA109568c09a2d312bdcd7e6b47b2784f5a905b2e70
SHA25678a22aa4653caf062b3cfa6a7c2a245172ce28ccec9f9fe888a5c7306a3dbf4f
SHA512dbb0fc4497649112049c3a5f8573686d1050498fe9ec62809ae86d3625eff53e456c8b973f0166b0c78cd7d2b6bf26b093b78bb1705af89dd82b851ba7de62f2
-
Filesize
16KB
MD54f99f6780d89e9ba2dd31a0ac56beca8
SHA16c0f437257a0b3757e92938fbe90d5ccaba2419f
SHA2564ead79d4ed4c5e637e714abbdaa2845b1753bb0115b11de0b758d06bcbf47434
SHA5129090d5c63341e9b00f71cacdbbe6c80e7b5d9cfd5ed6a5465492f2e5d47841e051d013365a6f652f4b267cdb088b06cfe6494db20e47dd954d987d6869a1d674
-
Filesize
16KB
MD516d25bafaad6d158417c16a475df3342
SHA119f5f3ca61d8e6187df7e380d2101d29617b6096
SHA256fdf55fb5d0d0c487f44f35136c21584ba466445659653dccbf647d68b789d051
SHA512f197c7ab1d5fbe0baa123a69dc07daa3b1f5e083993745fa190547601ef4109853f6476efc9ce00cb6d5ee60f1a204157be5081cd312b93caef3dc97574fbadd
-
Filesize
8KB
MD5e6dbe7ded939b901366b156fb45e1362
SHA1fa22c45d43dff042cbe8e4c44a248abcf6164470
SHA256b698455d21c550c6e3ffde76dd8caf571e7a44357d78c6c12d9b790e7928659b
SHA512144b701095616d06b62bcc867acd1f00e915b2b264394ce4acdefc66b9c88db26833ccd0266c0ce0e5b1df57b05b12200c249000b56f123478d33da4e839f777
-
Filesize
11.0MB
MD5d558deba7e272863a1d7eb446026866e
SHA168e4a073d09bf453f44a0dc3d14dfd43b0d4a8d6
SHA256765a4ec48748f1247f1806f31d2ed1f75f5c4b46dc1f10ab3ddb5e2a365067ea
SHA512de02777849e150157692e14b5bf570796328415dd93a73be5b6178dfeb355e3d98adcdc51ffc91ac33d428c67d89a40fe12a1ba2eebbbe9afbbcb98941d08b3d
-
Filesize
2KB
MD5277a7e5fd7f7f98f85466c49b62fcc79
SHA1f1c1b51536d8e080abba74ce04b82a99a7cc14c4
SHA2564ac68271842b0422cf7f7f3f58fb3b424818340ae874a28a183d0bc14bd2d501
SHA512acdc735f753dfb78bbac0b55990edcf53d48c7d0f806dc78e3e091cec2f2d3da2d08ec5f85cdcd2f0222d15f2aa0f41c787bc5c2bdd419bc7e5c0fe3d1def37f
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56