Analysis
-
max time kernel
2548576s -
max time network
150s -
platform
android_x64 -
resource
android-x64-arm64-20231215-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system -
submitted
23-12-2023 18:17
Behavioral task
behavioral1
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
Resource
android-x64-arm64-20231215-en
General
-
Target
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823.apk
-
Size
9.5MB
-
MD5
790c5d08427133b278814a634a66b373
-
SHA1
ad04de30db0853f03d0481f3d9d7767b2ecce29d
-
SHA256
641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823
-
SHA512
6b074c3e676741ce8b5d7214fe620c5849f066f2bfeb6857f7674caecb43f04fde153f27ced60eeb5979feb5750c272ce49ba2a4bd95039bb3d3b8caa7ee81ef
-
SSDEEP
196608:Fdk710HuHigflHUXdBP2zsU3pAeaoQA6tDGDKHlexSKdhiU1rrsOMgXjF:nbHuHig+BPksU3pAeaoS42HYQKdhtrsy
Malware Config
Signatures
-
Requests cell location 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation ir.ziba.pankeik Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo ir.ziba.pankeik -
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/ir.ziba.pankeik/cache/1582435991586.jar 4476 ir.ziba.pankeik -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock ir.ziba.pankeik -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ir.ziba.pankeik
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/4f8a0ece-8dc7-40c0-b9fc-67100682a027.jobs
Filesize179B
MD5ac58f99a1b179d71e8621412ad31c6a1
SHA1b51fdad95876f5615735c2ab411031ff67d5e946
SHA2569537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb
SHA512faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b
-
/data/user/0/ir.ziba.pankeik/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7ea12f36-ab41-43d4-a9c4-35a846509482.jobs
Filesize176B
MD5f56f328eea1d5c96a1b96dbbf59488df
SHA1440c784cacff61932e2f61580b7cfdc3a4943c95
SHA25690949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918
SHA51236e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
12KB
MD53cd9e0f51794ba56c6b658620c4a776e
SHA11a4c8b4baebf348297d3ffad7dc164208c50243d
SHA256501b7371cfad19d926f53de991d54259fa0674618efcf344ccb0f2787d9a21b7
SHA51236191d3e6b6a1cc90a5bb8cb49eb4269a563fad34c1f523ebb3eecdc98b4783e067296beee01959b46188621c2ba5732ead240c70daecc52fb3bf577e6e4d6fd
-
Filesize
512B
MD570b7d6ce068a22d9bd31c80801c03724
SHA13cecbef6347391162edde48cfe23bfe811e43376
SHA25640892cbf4bb53ad2d565acd922b06e5fc5308872e5965091031736d55ab4b952
SHA512a61e57ffbec680309633997d3016e58c0e44fea16248ac23d1b2060468c8a53bebb70ec8eb74b869e346f6891bc380c814b745981814670bb2f3279eaa6fc0a6
-
Filesize
8KB
MD5056c6ba0095654f5912db9f0351e98bc
SHA17accccdaf4757a7386c0529965760bb8fa432b38
SHA25672da1e68660ff1a4b0744012b647fc57e8408ddba31f32ddc4148ece6e7b2842
SHA51208d7d6c062afc8f9e730fd9c93acabd6c65865125a141f55556421e9ef034f60feb5cf1175e3adecfa7186d3c560afc9881215e445cf2ee76f20ee5bf9ada7b4
-
Filesize
8KB
MD5a318fe70ad17895a70e5d504bd1e090e
SHA1893f82a945b0edf01464aa83ca512762f53ac0f1
SHA25622e3b8e22392c65e697dfeb5c92ba9e5db41fa863a4e45ad7b564cba614ab256
SHA5123917be53053a52efa787655aa59ff11cf76f8eb0cadff736b80d39e8b188947b94ac423147a7d4a903791b8baaef11fe617a24eb10bdd12094fe78ca67a448ac
-
Filesize
8KB
MD5a02a4788b8a9fcb8b90e8725e26827ae
SHA181bff4c85110e17897ce6b82cedb938aa75c54b5
SHA25679e182a4fb36e56e60486099d83e4d5d118ec739b093a2ebb9b65ffb39af7c2f
SHA51254af2e62e26562120995874f898e1401fe69717ec2845263f8121f03c5b46ededcd61bdd620b8a8cdd7b5e869e99f3ca7bd2532a641489d7344a11c8c2e93fc6
-
Filesize
8KB
MD52b187398b3c4d2841000326c2370d648
SHA19033b2fda60fc04c11e291dfa7c4a553898ce420
SHA256e57067463785111355d4479c7598ca1f081913f27dc86485eaeeab8db0e0f3bc
SHA5125dc60a6bb6c3e7b379665b41a330897e0f4919155f212f90b911f757a66645c06a0bc9b47fff7407c60b71216c9322d11ad74ece3e8c1c622f90554f5fc2d0ba
-
Filesize
24KB
MD50660d3ef5f0245096a9fa0f61d6a8666
SHA1282222362a5a05e3153b7f6b49ef35c667b19542
SHA2561091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2
SHA51218bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7
-
Filesize
20KB
MD553170b035463428f46dc9bf3c573cff2
SHA13f3e36c6fd1a657ce2956af3cd5e1829887b4e63
SHA2563d8459e64e9ff67d4113769e7df2bbf19abde06cece13ed7ba845d3c34e73968
SHA51277a241a6a0a33a2eeb9942f1d98a2c0d058a139fbd3ee2d1ffc7aa27555654b022ef63e25d24ab7b7020f2cdf23526842103f25039363dc07a986023c68af6c5
-
Filesize
20KB
MD58e5a009945cceb6376f21ca9b6f2804f
SHA169325788581216ef55b2ebe0cc93e8fd626b99c9
SHA2560f004072cd000f4a1b50b5a470297f2b3aff33162e8f62b11eba6700a15908d5
SHA5127c0c7e4f0da57deebb856f85ac42211f97a756a2df543ceceea3170ee28fab8744a289935771969108617f43e7beff6d6ee4b3d6a16f3efb9de6944d2c9e73b7
-
Filesize
512B
MD59f4a5e78b8942bf44378ad6116ff52fd
SHA1f5cda1a47d5a943540f5bb098b29d2a0b58e294b
SHA256424f5881c4809272d06c83877f8af550f650347a378b6f98c0b65ffd80d5eabe
SHA5120e0218af8f9342198b0701c36214eb0629c3f7a8550c345511e0f23680a61bedc94a276ef8507ec4f0a53d1856c8814ecf90f53e0d6eca78dcdf588c80cfa5f3
-
Filesize
8KB
MD525b5c41500a121712dca4d24a8bd8d83
SHA106a75d3ab29def39795efa3eb42875afb7c82c58
SHA256dfdd09da95c16a484f623c9024a0fff8182b37ef92816c590a8e1c1c03859984
SHA512f3564a37c7d76b3644d2831e73ea8f47514f50bffc9c63f822f1a1a19c99ef38afc3de9475e5ab2c1d1227da6b6cde214ab6cc4d1849eef8ce13f95ef8006025
-
Filesize
8KB
MD544f5f8702bb5c6783c97a83769bbcd6f
SHA1ea75b144691f3d6498b66ae03d13d2b988193349
SHA25690ff5220c213db8a00ea6c946392a0da05e0077f82a3b525c0a8e8a2e9b969a3
SHA51290fa0125e8aed84d5d5f495f893c1bf770cbac955a3462d0e1273b748b28ae6ee6a96862f28c5be8434c3fcf7d0c18094a21ae21921fbd6e6208309a889c4d6b
-
Filesize
8KB
MD580ef86b97e2c12900be2139e437fef05
SHA10274c69592e0f8efe44771086c22bab9618c4f69
SHA2568269f360b667ba8f148aca5d450d261acf80fc0edbe0f227bbd5dd912ceb49b6
SHA512ef2472590cd22d857aa22796e4798cc98cdcfb6f6750c9c6cf825dc414fe218dab2bc3a0503be21c3155e155cfdac73fc4497dce362e84e2e1842b115d149914
-
Filesize
12KB
MD58fda11da41309f0a5e41c302df212eda
SHA194b0c1385da51364b3acd85b051a64f8685004c2
SHA256b5e12afe35e25c35618c1a98ccbd473f5fe8f2c118dd5a6b51d44aad9d21e872
SHA51225412463fb7503d3bc0ee62b3a5ed9e3f6fc6c135285d78fb855d75242193bf8e6b4a70f3279503a3b2dc1832a06efd97565b6832aec51cd7d5b714d7e038f8a
-
Filesize
28KB
MD504e6a5b7244b8701dbdbad0d53187662
SHA1b7e3c666423f87c601966a454a9558c1cf209ca4
SHA256a734dd2c471cd8f4a8fe4ccd07bc792b0b8185072cba46b3e4396637facd4723
SHA512eb14b0199b40bbe48081fb89f0fa36812e63772d12c4a95fcfb0480483237875ac12bf21789b1bdb1e3e0c3d7f801d61a6e0875e86c8ff7416a529cdaeb95c9c
-
Filesize
20KB
MD5590949e623b80612606ab3c26f5da880
SHA1e4c8cb540b7d751585487f4112adf88630c5fc6c
SHA2564d8a54a6a4f41d698f4cb05e39c9c3f36cd9dfed315c25d48d36fb90f98f0a92
SHA512975345c22f34857919ad20f182cd1f2c7469bbc57548252aa0a9ea698d8eeb35887010c97c2d40cc69fa1261881f458afbf773086cf36daa9e4323e18c7f7798
-
Filesize
8KB
MD52368a17bc983b5c5284992b9166c89a3
SHA1eb0cf13e704deb802755f5e4c1515e808644c18b
SHA256af09635a356eacc202bb967b91b86a8552ca75dd4b488b148bb08eefb0fa1baa
SHA5126b8cac2bc6f48304d959c14183c10e88116b4271f9eefd3954e9608908b84d4411110bba8ea811f8d5511bc49ab6c3217618da1dc15a6107d04f608af804eba2
-
Filesize
512B
MD5aa9b12d638c9a04209c64f5a14dd289b
SHA1aacf8d4f4a09f450dc4562edae6e327ce13ba0cb
SHA256edbdf5afd68c586aa05be1cd51a13aa9cecc52ab797097e44bf3021c19b2b58a
SHA51275bb3685e565055dae9e7c9ea728a199445a9204823f0f9ea3e9c6c91c7774c9ed6cab52fe4bb2abc78ef923328fabd83584174d8b427f764caa1c0ffc657db4
-
Filesize
8KB
MD5748e2fd9fe13eed4c24b4ab96b2382a4
SHA11e976de69b446a3c170077a1baf6a877ddfc9ef0
SHA25622ba815891b5ed9b3cb9d08782f94430194874aed85e4d2a580aa07181188fe8
SHA512d41a3f5e2c20880911bf71ab259827781beb7ee5524b0b5d631b40e55f9f21ff1fc0844b6478b4e42cefdd044fbe7e570389e178a945574a09176caca8f1d468
-
Filesize
8KB
MD52927a94e4e22272888081d7975fd13fd
SHA1ca342766a228dfe1a453537591b23aaf47078495
SHA2568dfa4ae5fe7fca81d8a78d8525c055a21e43e2847d6ad567130fbff9d022092d
SHA512566a531847b6eb1aca12fc825361b1f49f3f953a5ca27644c88552c22ec48c41c6f3f752e6d85aa469af55728068e14d3d98c14c9e62275bedcc318356fd3896
-
Filesize
12KB
MD5d1a7899252079f281ca4fdd06de7eb6d
SHA1f406946d301c30e0c06e5099d597c7ba9fcf546d
SHA25667a4e02029cd86020f60716bf393570bf06ea71847b28b9ca8c812bce217a760
SHA51212c836d0a14667f7f5a7ca913790805e58f269aac83f6322a5dfe089f42bdecc65d9a7ea101eb3afbc356f4cafa0c040441c8cab5a84e35c0edc54001afa4015
-
Filesize
8KB
MD5e700a99793aa335e969a36d65b6036d3
SHA1329ed711c58ab378a287751f0065e9ed1fd8d2d9
SHA256ced24ed4ac312d9e553cd451ba0750fc87a3cc3043295b2d453753f298170542
SHA512b38103136adaad8f9deb0da80eb50cf80a6c0d34e655f9431c17baf214a9887a31187c7b7066d495f5fa05c5ab0d5f3fd198446a455d426c9fe17d09ec43405f
-
Filesize
8KB
MD5ac0abac3da4762ea0ebbdb067586de2f
SHA1de44fe11f258ed31e2d2aabb8a20f2f164885b4c
SHA2566b112dc821abf17f265c35bd877dc89f7bdf0892e2d5c223444d6c6a2f33ae1e
SHA512d622a50d64e287dd3b6ca8654df0b0fe6c40049c127ae942870f07157d78cec2b054cf88ea96737b7dc14de749dd1b3254817eb5fd16a55cbf258f387697e487
-
Filesize
12KB
MD52e8d2b7e3b1a8758ee427d301314b7ef
SHA132bcf7c03fd4934e1224feaf2114df2ae56d0551
SHA25667b1e827a498e60301f0b57d15e0e342027c49266e8be14c7441dc7f774c299d
SHA5122a7acd5dff858b159ad5ddd05f8392dda9a0d2185dd5b2b4b20ab660d8946bd3686cdaaaeff7317d717a23a2da1d86e5e42e0221e20e55cc020a2d9a16b0869f
-
Filesize
16KB
MD5d9abcc1a64fbafde24b5d0c395b7f62d
SHA1c344c27f848dfd442ec4e9ab37626a0a869e6f23
SHA256805160b37565eb7b036b822bcfd4d49218b757ad4270ae56b4aa1940b830ffca
SHA51240963d2ca7c7162bc72f88f58d47e0cdf8a0b1eba569f1c9b4401b9f63154ad0f9b55e3a4d39b334e69cf1ad3587326e3d8562e7c83b9f83a7ca2d6b88b27f06
-
Filesize
16KB
MD58b8bc89a31ca1faea6978894523ed5cb
SHA1f50aa0ba969d3105320d56674645d184a1ea4ed8
SHA256a88761750de6db2c4de1c98d1429ed0a127f815763e2a40194102fe79fd5d6b1
SHA51232389ed26a712d3560109b7890f211faaed7f0c710d684ce6fbd23155ed286ff378e236e5cf7f61902fef6b4e752f7dd610f731bf391ebbbbbc0656c5eefe1b3
-
Filesize
512B
MD590659ce0e6aeebc155c46d7ba3a53fba
SHA1717b29504b47b4fe1159e44b321b2eadaa755cf3
SHA256b788b2379d5b7c591b905d51b5840bc7f6d0cd37c061916f720b34086b63d4b0
SHA51257c11af905da5553fd04322b451a6e5a80117f573c00e2c689df225b246573a74e0ec8d25db3bb735d3aa1e48017df6b402558352cd91d1d89d872e834cf4121
-
Filesize
8KB
MD5c531933b91d3b39fe8700d25973075ba
SHA1bd494e4bf37d507ac159c7fc0c864f9be5a50fa7
SHA256a40286e751094cc564dcfac8baa5d6312943b0299185b94e53d34ac55af9bba6
SHA51268c5d0c29245a95dd8c882120862f70d4b672325579985b8d749e862417e7ea94bb1e0da925bdd77e1891c302619dc581cbed088d0788c6015a38954564c7cf2
-
Filesize
4KB
MD510380bdfd9b59a243b938d00173d1aff
SHA18803a254c55eda274720566526d96e3c601b7519
SHA25603c8775c87c210a8ee756b3b1fdd80c25ffbaf6f0679118d2ed6ae07692feec2
SHA5121f81e939d6b1a92b1e0a056525be6a08a42fa226bd7965132bc104301aaa0aafb0c7aabebeeb7d9861db1a5173730a385504e7cd96556d33a420f5f105934ef7
-
Filesize
8KB
MD5165940335b4460c53a19291a96276dc2
SHA1fa83d69f25dc58d553c1d127b37861fa8f70e706
SHA256e6cf463cdd36051190b523d806b5b8236465bbe6dd223ebc03d902e7b247bff5
SHA5122d6dba4e4237006f0bfaa38fed3183b69f8014378871bd80a4da9aafa350f51676d89b81acceeb07173f4e6990b7f084d438df5c580cae82bb395b2c98973ef9
-
Filesize
8KB
MD5ac6b3eda3aaf9f9b3ec8f92d119130c0
SHA1823d30b0f85b168e4751f208c2e4b789bafc963b
SHA256a230aa3a993814e846c6792c9415ccdd58a1e77ddb8c75c8b731fe5bcf737b88
SHA5127309d3317c68c698d8ff970b0a25150694bc1a6058a93ae122559e5998c3d2b08fd6bd1aae9de7c5af25357a4064b53209a3e954af09e909e83330a6e21e5c9f
-
Filesize
11.0MB
MD5d558deba7e272863a1d7eb446026866e
SHA168e4a073d09bf453f44a0dc3d14dfd43b0d4a8d6
SHA256765a4ec48748f1247f1806f31d2ed1f75f5c4b46dc1f10ab3ddb5e2a365067ea
SHA512de02777849e150157692e14b5bf570796328415dd93a73be5b6178dfeb355e3d98adcdc51ffc91ac33d428c67d89a40fe12a1ba2eebbbe9afbbcb98941d08b3d
-
Filesize
2KB
MD5310ba9eb0f3f27d30ae54ad38462118a
SHA1690bec2c84e77b6021ad4a4a7e8ca03ff2157616
SHA2565d2da9f94d916bccb320ca18ebedc52d497ac89462daf97010c58476bda0d20a
SHA512dfb13a0a2130074a0390239c7b0a375ca8e3dd2d179cbe6258457170cbe40c444cc1e2da1f6b3cbfb4aadab7f572e09431ad107ed9c236f05c00a6e938ae5361