8bfacf9b6066875278f30521be362fe21bb31a15eb14dacbdc38acf20b24d67c

Analysis

max time kernel
2648335s
max time network
169s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
23/12/2023, 20:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8bfacf9b6066875278f30521be362fe21bb31a15eb14dacbdc38acf20b24d67c.apk
Size

12.4MB
MD5

d43b4951087c10cc240134e6deb3579b
SHA1

1f976a022af3469481ae6b8f06ef2a85276e13cb
SHA256

8bfacf9b6066875278f30521be362fe21bb31a15eb14dacbdc38acf20b24d67c
SHA512

d56f240beffdc8cc75b547cd41b59f53009470e221b0e83d52752f2b949bdecced83935b11d8b2c90b23e7c38fcd902cf325d11dcc8c0b45d20ca32eb5bada63
SSDEEP

196608:o3SBMNY2dZxPuWGWt7QejA0MGL6sW12QDp+RSholyFPhhRyo9oj3cZQhSIr4494A:oCBGYYXuE7xAG6sw+ReoQ/Lu/F94A

Score

8^/10

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.mobiletool.appstore:channel

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.mobiletool.appstore/[email protected]	4595	com.mobiletool.appstore
/data/user/0/com.mobiletool.appstore/[email protected]	4983	com.mobiletool.appstore:channel

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 2 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mobiletool.appstore:channel
Framework API call	javax.crypto.Cipher.doFinal	com.mobiletool.appstore

com.mobiletool.appstore
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4595

com.mobiletool.appstore:channel
1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4983

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.mobiletool.appstore/.00000000000/39285EFA.dex

Filesize
69KB

MD5
75a8168e7080b90fc2956592c268371f

SHA1
3702da56d31f381525473364f031dc884e37076d

SHA256
0b9c032080788add7f5989d0ce145e66a4686ff3a43b0e48dec60bf18bf75701

SHA512
33536573c834fffab7236dd96c22cbc3d075ab70b622ff7787381e5c7c262ab62e0252f0d07313c9227ccc8308cd93cd96373e57fa55a066691d5b5cfb55f5d3

Download Submit
/data/user/0/com.mobiletool.appstore/.00000000000/39285EFA.dex

Filesize
69KB

MD5
02f69eb4fe05ebc6c9f736d83e5f7e26

SHA1
777d75e14a73f5721fc4ae34f49a9a4b82311373

SHA256
13502356b7d3f910107aeff131e9c4a2b892744a125a2d1a2a206b219dc36042

SHA512
7c1f5d68d40bf37aef2e59aa9a4f96d1ef642a8db7e53295953b0b5fa3a63cd7546c5cf8ad3fc17f6b84a795a08e13024d8dcb3db828ca3fad634964cba69bcc

Download Submit
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004

Filesize
235B

MD5
a1cd088931dd2407d542421715c69d45

SHA1
a5de39cd41651ec5496b48df7f7c32275ae1358c

SHA256
81d8d43721a02d5371e9b4abef741d1c5609bc56be43de09b8084fd061c75581

SHA512
64a4b8a4a3acfd3a22d2afb93f8d6f4020994b9ad821c6f81da26c9b52dcf9c517fae56c112ecc9733405e67c6d0d47d95cad8825460185d750a0ae94cf3299a

Download Submit
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004

Filesize
69KB

MD5
7774693e3680a450675714a1c0d5be60

SHA1
9b8a835619fa8d88246e165f776445c2d3b4ab9b

SHA256
4cf1052c2b7979a5222980ba1e5744a86d479007328069e83e228e89d54f1add

SHA512
6f7485f85a841a534a7483a4bc1a498e9fa23106e94b61c23df431ff26575035dad7039e4b1712c7a3199dc7d7c2ae6d832482286adc9cfad88c79083bca2df7

Download Submit
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004

Filesize
512B

MD5
134f6dd8efcf316c45399495e2b0e863

SHA1
6ee45eeb0715b1e0c04bebad6b53cc47bd1e1f75

SHA256
018505e691276bef676da65e75b8461c791c2dea0a41a15a78feb228f9a7c16d

SHA512
9244f526e63ae35522dd27a6fe6fdd296d895cc6ef3516d9ec09c25810a973897f139b4d973e29325bf4905194b611bb7fb353dbda1b37ece69d997e4b12aac9

Download Submit
/data/user/0/com.mobiletool.appstore/app_crashrecord/1004

Filesize
512B

MD5
4ff9feea07afa1dc503b081c2412bc67

SHA1
545d7b874500416cc7e7e705bbdb0881efc4780d

SHA256
62dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c

SHA512
ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db

Filesize
36KB

MD5
f1abc67cc72bf5fe66779fa5dd1dfeac

SHA1
660f6d1cffa2bf57ec29105e40d08ab103cf18ad

SHA256
a953ef381606a6d98d98f3278e94fc1d5b58a0778f8ea3e305111586b759c14a

SHA512
dfbe97f3c1f3a3ebd63fc5bcee1b1dd1b91dfe01ac95af8fe897f44079e852421fa0c4cf038da6e43264d50f3e612ddc2be9aa17bf47ef604ca428fafe0858de

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db-journal

Filesize
8KB

MD5
a5f48278dc6b91bb9def52b02669b304

SHA1
45cbe04b51faeb213b765564f4fe421bf06e0765

SHA256
33fc556952e4475bdd0ed7d00a8d38365d005e7e057ef92d2e336c96377c3313

SHA512
a86976c3b078c652ffc152ad1d3b1e37c61427555424d263966e0239fde4b1ebecbb90776c817553af538cb60db76ebeec40ea0b64f288ca71ed81d763686999

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db-journal

Filesize
512B

MD5
064d80ad95a29902328af1f8de2cc344

SHA1
0d6ca2dd4c49d947cd7386752e8bfe7c732c4309

SHA256
d66900ee2ef2e0f74495e33ab9291f46ba851b1c9c9833f34742b53b506ef6cf

SHA512
779838fe86a4e9bd3fbf8369b5a0450e920a7f7e156f163f4c45ffed9b7c9804e73df8e4a63a8b0f31b6d5d1faf7878554169e803ade2e114f9036413e5c1a15

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MessageStore.db-journal

Filesize
8KB

MD5
7a0467665789b2db87bda9204fc5ab85

SHA1
e751f900f061a449a7343706cdca95f88dc609dc

SHA256
301375333ed54af7e08f233939b5e9dbf93f490b92790cccbf94f6e642939789

SHA512
2388cf7ba397f88e8e7df0b70fb5aa4d1271766f62d528e2b718f0db1a6467099d11ce0e6d3ce20c9c1da919e1586fde79bbe3951e92784cacb88575c49ad803

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db-journal

Filesize
512B

MD5
aee954c92ad9573438c721a2e87c362b

SHA1
a190b6ff5902cf900fc90ab61ef36dec362887e5

SHA256
ca5b11024c1e659e5fd00b61f74649d7e1d5db92a544cb8f003a8c443fff8347

SHA512
dca63b0710d60ec13cd81d6798b35ea99fe1df16af34d27b4c41e845edd5771c325b0852ef06df0a8440f2763e3e68c86c59ac3b066d946f1a51a9887c0d6332

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
26bb27e09140d9c2f6ef91865f443977

SHA1
b6ff87cbdf7ff424e975cba48d8cfd60a1761025

SHA256
82a47b182d2204fecbe023e3d2415d37b7ddb8d3f91e93a75ca659e136aadba8

SHA512
d0e399c21e82d2ade250a9a52e192dd493caa71fdf20347ba105487845d654131bf0b0472fe9b571e6c455b1933c547e786a67d3706d3976c9c34618645f9ab6

Download Submit
/data/user/0/com.mobiletool.appstore/databases/MsgLogStore.db-journal

Filesize
8KB

MD5
d44ebc85d41489401dac06708b21b999

SHA1
d61626a64c366d16c2cca008d4ab2ec2d02fd419

SHA256
3af9459420bced64b578b5eb40769f08e2ccb2d8fd6059b2607caf450948743e

SHA512
e474c6868c5b0501e9de5dbf5a963c2843fc09b5df31958f459ba1bdbe3064b59709ae55dd7b400dea412461f859a86a62c0c0b8c89cbae89d61a9d81097f48d

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_

Filesize
69KB

MD5
41726ab1e8807a0c299866f51a42dcca

SHA1
e7c4baf0b639b568173785ba5342c36512991c14

SHA256
fbc1d14d88ce740a6594313f7b7742a59b6e2a588d848841575693785d4ac232

SHA512
24be26e4a222e48aac2e761f5d524a04a84470406a0bf3bd58fda4d48d532243baf2d9800139dbe8c74193fba5107e1a7299f4b165be86b27f69525dedba6fd0

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_

Filesize
52KB

MD5
4ffc92b87d219534f3e02ca46aaaa716

SHA1
c22e076c4319a7d1b3388c0131ece5dc9faba5a3

SHA256
a74f1102e31db574ce44150bd8aa5c5538ab36ea979ddd82631926e4a97effd9

SHA512
e7045786afb2bdc723b22ddc483cb8d8e584c1c70ce8be516f43c50e5bacc10c69b2ce635d2d2551cf843ce98642f3762a3aba0e0ac8fd7d90de9af41330cf1e

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
c735fde46a4ff61727949aa8dbb88ffe

SHA1
3887d7b395e92f8e9a389c445746fa78342b4e79

SHA256
f06a6b2d646e379509c5ba135ba6d4ec8c18724acd8d8ae58ca3782d221fb9e9

SHA512
ce643f5e7a2119f5c862e169ec0cab4f8e7ad9cf10c42e17198f21659d2e4897c1e704c6635a87446d9641a434a85fb399584ddbee0c3fcc5e7edd3951f0d8b3

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
512B

MD5
2bec432c5bdaec58a25b6ce29960de4f

SHA1
d3d048e51cb707a36b0ff17d371d1035fc3e86cb

SHA256
54f01cd72317ede86c0e99f36339c05fa6451999f3ee48390a22cd548a19bf18

SHA512
bd3c0013b72051ca8381801f8663a53bab4d968872aa2e676f0713738cadc7c915b56ea58e38133727e4d45a9a417b0e0589617b4dacd4be1f72f1cc74c84abc

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
56a08f25ee9e85b72184e4a2e88c4ed8

SHA1
e93557cc155e521fac8583c81937bc8e8323f7d4

SHA256
fd91a89fe3c226804f1206ecce8fa43136b271a22fa6d14da827259ddd3361aa

SHA512
b7ae423c4ac545fdc6796dc719ac98edf25130ea74c4bb1582338813c56f673f1cede9dbd9dbebc42bfe5c016122666d49a6d4af4cddbaa7a027aeedb49d83a7

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
3d10efb92ed109346e1284bfe1a9d1fa

SHA1
034e885cb1d9b42122771fa11fb8066c1bae9f77

SHA256
68e8036704568184c627dd720fa29e724c0d6fd259cac3786869d26727d83cbb

SHA512
82242d0f6cd59c447d616e0c3ad017b78837a8014c8e767c5286fc43c894890ff16c863439450e7fd28582ec3fab2c6b06a7853ce02253e9e970d66594b7137f

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
8KB

MD5
68c55b3174c6c6e4dec977ef33c6cc95

SHA1
f147188240f763d835a6056fdbae87ee22ec3f50

SHA256
0fca93fac2653f5af7b2b36b5642e26ff05d1338d58e6a8568592587fa166c17

SHA512
b42ab3ebd398b8520ae0d3a06863abda05df045440ffc6242b2ac3a5ef96e2e6483bed0065d2c8db0ca67512369044dbf2551ff50c803292b13bcfcd235f8e1f

Download Submit
/data/user/0/com.mobiletool.appstore/databases/bugly_db_-journal

Filesize
28KB

MD5
05aa35b962b34a101807e58bc0db03e5

SHA1
16e7b2e81e8a822fa555cdd245fbbd86f317b975

SHA256
d3233d713755d44762723408b08a180cc151d8753fb6b4815b6900c6b85364fb

SHA512
457417b6407b82327e5d0028124c1a3d342d32ddb9dca9d70c34bd1ba8bdd09a7f5541f773732236b8baf9d59f851511ce5697029413db0ed86c429501189457

Download Submit
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db

Filesize
28KB

MD5
2d572328c4c5566f8c867c3ef352d28e

SHA1
d3a7250afa0cae72ddf52bf6204632a59910abbc

SHA256
da2f435b4c4f110c3974ce7676538bb251adbe5f3110e300e4a9203155632015

SHA512
e6190f1c21afcaaeb3c19d6f7bfbbae977ffdbee558848ebc6d0fa1f300277be945898d23f9d75a42cb55e61728a35fc13ae7ecf01452cb6af816f7907c32ecb

Download Submit
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db-journal

Filesize
512B

MD5
313c8e319e65cf3c30caa7481178b02e

SHA1
7c50ba9ac0f687fccbde3ece7f11dcd2ddd28109

SHA256
e26a2a2aba86f0b9030c677b8707a8354fea16469b114bcceb90ddb633e34ece

SHA512
1b035b19c81dc431717e0c9e05ee6dd3e3b33a89bbfbaefa500dff7a5445d454ae5fa659bc585e0e3636b2904ee7374231c057b2650ecfb2319fbe7742717fc9

Download Submit
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db-journal

Filesize
8KB

MD5
23aa7e879c77f8b48c09f09809cfccab

SHA1
45385eafb37d558887bb4bd61f10b2231357d64d

SHA256
04f78f35e38e017e57b7008806b935cf0e1b1bd602379db3188390db8d242bfd

SHA512
4cc67fe5b6a65c6684e9c846f16f49cdd5e77cb872ed4e7b229bb0427bbc8d141e1d09ecec921417101bf4097e535cf60c825e133f726e1f70552b19fdd772a7

Download Submit
/data/user/0/com.mobiletool.appstore/databases/downloads_classic.db-journal

Filesize
8KB

MD5
d24abba52279a70d501d7df68d588bd8

SHA1
7ca86ec973cff5639122ab71e7285f19d9bd9e29

SHA256
c75bc1a1d1621f7153d0058cb3c682a4367f9c906fcff13f54d7e3d720d365a0

SHA512
0f645d856afba059d3159a2ae037823092e4e742d04c8f464d513d4cced3d2be3b4ffb51c357890c1b1b35117dbb5d98d3b623f58cd5647cf98eaaf68abf3a85

Download Submit
/data/user/0/com.mobiletool.appstore/databases/message_accs_db

Filesize
36KB

MD5
7c0b5c6d1120bf3635cb815eb5e29f28

SHA1
cbb58092e164d3d098e750a608f3833f85a06476

SHA256
f2434b69ad5ddbdeb3796b9e34fa428cf6fc31bf987dee42c12816e3632a128b

SHA512
151d69445e8311fc78f40b5781e2e1f1d631e879e87a08d1076ac69d7ad5bbb8ee017fa4d5be934f9eaf1cd3a0aea87c40be405c2a601a845820d73705ec7a36

Download Submit
/data/user/0/com.mobiletool.appstore/databases/message_accs_db-journal

Filesize
8KB

MD5
82cac9778f7a10d95d40c1c27aaa6154

SHA1
7f8ad318c25cb1191b98bd25b90fbe24a38a45eb

SHA256
efc320adc3bbda5b7137b0a06d82c0839babc8669f5012b5132c4fb9703fef0c

SHA512
77590dc096fcbfe2d8d97290801655e31becf5fc22bf897bb341b1a6d65561ea0006281445c499809079cbee02fcc4132ce711e8720ca1a54d79ed67af74a374

Download Submit
/data/user/0/com.mobiletool.appstore/databases/message_accs_db-journal

Filesize
8KB

MD5
b57b7b081d44a276487b0be4a1d963fe

SHA1
3c640abca07ebecf2f1445bcec87c2f174fa6964

SHA256
a896d98ac01d02048c9b5caec0d797aed9820ec04966712bb107abcd6e1dd92f

SHA512
cfcb88a216070f04ef5f4f3a12ec2f98dfe14de5f51fb867cc0a0caa1c4fab0a0f2d96eaeb9cecbab6076329d889af3f226906072a9fd93254495ef297f0ab6f

Download Submit
/data/user/0/com.mobiletool.appstore/databases/message_accs_db-journal

Filesize
52KB

MD5
8de1825ac0811e6ebbb3e13fc386b880

SHA1
64b9d174343526f2e838fe8d57b40f6cbf398326

SHA256
8e1a51acbaf0723e6860fdac52607a7fd7e0c5ff3dd88c384023910889898154

SHA512
6583bc67ee4d11bc30972c068a7cdb532d577dbf0c6df2ff30f53674d462dc49f943e132b78ab59834448f1ce61c805922f213101f3ccaeade51534db76d204e

Download Submit
/data/user/0/com.mobiletool.appstore/files/agoo.pid

Filesize
56KB

MD5
861548b036bdd64e75941aee7a67a9d2

SHA1
5a6be4b134083130123e103fc273e10da3453e65

SHA256
e5d263a94c79f77d4256fdbc1fae32dc25b61c577aa36fbebfe71e670077a769

SHA512
a96ba270ec077aa985d4a24fae666ec4e65d28ea04bdefbf42aedd1a257869707be31887bba9ef2bf636cd30dde78304bafd6608c4822360355e6a031f3e5cde

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
8KB

MD5
d5163dd91d75b120a431024394051fdf

SHA1
60f24dd4753435eb6eaf1fd4138ad44c3a6a827d

SHA256
98c138b04373ee13baa22812212064ab0542cd0ae4d5f548341a015681c8a762

SHA512
a62e4b007ac96c15dc7e13933a5030f0d29f6c2871284f39446380a9a7c3148ac0dfd03e2253a62f20169cc1518ae6b8045017f9d9f5fb30a3f79275f47ec685

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
8KB

MD5
c520820157c36640fbf15aa2d66d3acb

SHA1
464dc3eaf7fe92e81219dd0cea085bc3cfe3a011

SHA256
1a5a38509ffe63ccd9913e1afb09ecf4b5b74f7ba27bd41aff18c1ecbc9457df

SHA512
f63d10a10ace9864804915680a3b586d9c34c70696f4a169cb3e5245f4a2a7eadacbbff9643e792de7bec98413b4462ce3ca6c09f91cea3b2de9923374f542e2

Download Submit