7c0cfd3f567d4c897b18b861e9fbb9251b979e67899d4b0f877878b3a74b60d1

Analysis

max time kernel
2722674s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
23-12-2023 19:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c0cfd3f567d4c897b18b861e9fbb9251b979e67899d4b0f877878b3a74b60d1.apk
Size

15.5MB
MD5

0854fa676c4a280f8b87a2069c543b0d
SHA1

32d82f5f274abae4dfa7e78bf6faa12b8fff1446
SHA256

7c0cfd3f567d4c897b18b861e9fbb9251b979e67899d4b0f877878b3a74b60d1
SHA512

abb130aeb6ccd2a5e2ea21db53257623f2d58f4aa68d158c479aa0a34d5f4be3b4f632de2819ead9baf770f08846f02403fecc4d6cd2e0c61c5686181a730ee4
SSDEEP

393216:S+v4w7BY6BOuYzMBPol+clxeYjQ/w21T6sZUoRh7cynPS:S+QaBYkSAql+clxxiw2dyHyn6

Score

6^/10

Malware Config

Signatures

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	air.com.RustyLake.CubeEscapeArles.xx

air.com.RustyLake.CubeEscapeArles.xx
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4253

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/air.com.RustyLake.CubeEscapeArles.xx/files/.imprint

Filesize
926B

MD5
07587d5ee255d064db91c521b8e2a70a

SHA1
12b70b1dede4406b9fa09876d720deb2948b9084

SHA256
b2042fba3c79ae250b36e24f96c75a93c4e6e99f86731a477794974e43aa88ab

SHA512
c3eabe342266d36961b60a4066f9a4fbb769ae0a448dcd19c7c3e71a376c736bd173a8e43754f755b028440c2aa87921b6078c8a6e9b3eeaa1234dda0a4a2ed4

Download Submit
/data/data/air.com.RustyLake.CubeEscapeArles.xx/files/mobclick_agent_cached_air.com.RustyLake.CubeEscapeArles.xx1000000

Filesize
2KB

MD5
c14912f928d7d225dea2f54ca9db37af

SHA1
496920f2d187cb373ccaafdee852092ff33e5696

SHA256
fa3a932dac09f21d3fc204673f24e4ddfa3676615ee37b33f1757f5abe6f0e0c

SHA512
673cd5e34feca6c04d62cae947e8811479627a6d179bf0c0f4c6697bbc0e17019983203ee7f4e4871096fbdc0d0ebcce465b2217afd7b7b50da0164798f2c336

Download Submit
/data/data/air.com.RustyLake.CubeEscapeArles.xx/files/umeng_it.cache

Filesize
310B

MD5
4fe27523d9c68134eae81f17198524b6

SHA1
613d46293c9d6b94da54f2cf101f0f8870b42bcf

SHA256
8574104538db9e3e8835f16d8ff13ca1eb341850a1d98894a48dc3544ba55979

SHA512
d30d5dab55d1940f0660cbb1eff71742b76e96bd304452ca2496306c8092e0e4d9fb2da189054202205cbfb948cd401c82a8ecae3aa04abf303f07c85f2b202a

Download Submit
/data/data/air.com.RustyLake.CubeEscapeArles.xx/files/umeng_it.cache

Filesize
158B

MD5
8b6570f6963d3cdb49bc717c894323c9

SHA1
3910bb18922fdfe14c4a51103d6a647973d4bdb9

SHA256
8f3747fcc73355f7188c7e97e8dc6b7bfd0afe98a25d4826d48a2b114d879a8f

SHA512
222049fb818bc984e5b9170b463724d25de202f27fc734571c81bd949a12f7a7545b110023526bba9e57a4efd4a6a720d36aee86d1629863f89ae93066bf67b6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads