a5186e5cd5e1638f0c5635cad4efd3b9c67e396335021a16b5ca133850adb8f4

Analysis

max time kernel
2906014s
max time network
134s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
24/12/2023, 00:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a5186e5cd5e1638f0c5635cad4efd3b9c67e396335021a16b5ca133850adb8f4.apk
Size

26.0MB
MD5

7e0f66794c2d299b5601b5d10da2f71a
SHA1

7e2a15115724f6d61483643337ef4c20f30c773d
SHA256

a5186e5cd5e1638f0c5635cad4efd3b9c67e396335021a16b5ca133850adb8f4
SHA512

af3752f4a5e079bd73091be2482c742ba6c4a0dcf86e3bec56c90404767001288284c4c86336f822cb6e305f3caa9e0c3fac80f3a968e4b11ce77ef6a9fc203c
SSDEEP

786432:1irneRp3B3xUtPwQYn3FAWDnhsZRMux8dc:4yRp3HqPGn1AWY2dc

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.canvassoft.Station.mg

com.canvassoft.Station.mg
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4505

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.canvassoft.Station.mg/app_mimo/mimo_asset.apk

Filesize
293KB

MD5
2878419a97a0ba893c8fcfcc63af1710

SHA1
9b0e4080e7ddda556b00cbab897ca325773f7d6d

SHA256
37b5b7b4efec4ce91eec09409f0689bed89051864fdb67e29013fc563efefaa2

SHA512
e2a6179083d5a425c8311f95cec54a956a3e116e08dce3c77244a955ef33d38930961b0698d7392a6b7596c1c99d03551f4e949ca85df63f51fd4eec11626fb8

Download Submit
/data/data/com.canvassoft.Station.mg/databases/cc/cc.db

Filesize
36KB

MD5
5d7ea1a23af19b4340cc8d90f28297d5

SHA1
4cfe95b23a9e98378d69c4290af81b51fbe76aea

SHA256
474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da

SHA512
33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

Download Submit
/data/data/com.canvassoft.Station.mg/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.canvassoft.Station.mg/databases/cc/cc.db-journal

Filesize
512B

MD5
8bc0c65f36c6e5db5c77160be546a89f

SHA1
75f8818531a9ed0b5ecee3933d46d37b92ebad78

SHA256
b486ca5b15e2c45a6d8313617c5b385c67d36d0556ea31d56a6a18bf5bf22c6b

SHA512
a12c674f82d6d9db61d4beb46a61b1e6a4cc6cd8071d6164516b11d2a71474f87088e44f4ba843bef48c44e9be4792b31c5608b4807a72ce16b8017cc5afd07f

Download Submit
/data/data/com.canvassoft.Station.mg/databases/cc/cc.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.canvassoft.Station.mg/databases/cc/cc.db-wal

Filesize
16KB

MD5
6afacde3092c098b3df650395639bae9

SHA1
1560fef7cdd7ce2abf0304352d3bf015ce1a5c27

SHA256
84d0a8d433e08123af93a1c14a2993020dd76ef2d85e44358ce478abee27ede9

SHA512
c17309eb005181db791bb655f2c464d4c9c00fbc445a36c8501523665b4a34d6956a5b290c5a8394f9caf73ed4858e371ed0773fb78bde7fd742ebb0747e8f91

Download Submit
/data/data/com.canvassoft.Station.mg/databases/cc/cc.db-wal

Filesize
48KB

MD5
795b18261c10369709e9d4a08794248a

SHA1
9925d8f6b8496b108ecf7996c15e841c0e9d87a0

SHA256
8e809f3b002d26cfcf33d851c8f9e65c044a88c2ef05bb172e12cde081ba05ec

SHA512
e265323a43814f13bc4a5c5f02239c41ced20ec83888e040959e17e674bec658df5ce8caa619993ddb658c800e7062f35ccf98b8621013563149b9b8a1da3515

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db

Filesize
16KB

MD5
308514cb63418b6a4cbd6146cf4a654a

SHA1
47f1f9d41ee5bde735ee9184dec91c4f6d926a6e

SHA256
4ce383e558a87ee096f78b0eb488f4e115505ea1e2a639adb43c286cd8f346d0

SHA512
8a2f378e3510fa36aa302b13178760dea3a51cd27f6fa71e5bd2f7a951ec9cf232105bfcb23fb44eef67b2b9f206a4c004261c41692eb1b3aa77c09f7c2fd2e5

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db

Filesize
16KB

MD5
604266040d93371b5c18573490924f9d

SHA1
2e0318ebdfde5873a2c37b0090bd01a16fc51e99

SHA256
574d92ee2dd4c0f49fb34d719629ba5846b8e83fa97e2da2eb728cb2f574a045

SHA512
73c384554ef3cec6ac16a95e5a7dd9259a4850b58819d47b4ff8665d10ec5219d5542ca93477cc0f9778c1ce44e1e1cf1da295d250683a839e0663e28e256669

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db-journal

Filesize
512B

MD5
15a98113f0a7f928c448df8918e6254f

SHA1
e82cdd5f5abe4bfd31b619614f024aafedfc4f07

SHA256
3aca166290f685eb889766c1a46c1d7ef2aa5a20460ec3de4e625c5770ee6e79

SHA512
4821492b237552fafd30332658505ba65c2640d5bbfa45df4e32e6cfa9dd28aa28b8e1ac99f97ce6b8c402c5ba32de2b83ca9e43fdb14b1f87e8ba3c8f51d9eb

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db-wal

Filesize
4KB

MD5
aaf0ffb9ef2bfb2590c4dae19b73b8de

SHA1
49dcc5d8794541fdda700a111b7efe55a935257b

SHA256
d31f0b272f8410290b5464d11e79c3eb57c9bf52c289ee7f2728d362e88c5945

SHA512
eb36092f638e52fdf506df295b600f5abe0306da632e734271b8a13cb88c9071783fa92017c121d83655edf4b20cc9b33d5ca58ac852aaee2d78ed4d27bb71ab

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db-wal

Filesize
4KB

MD5
86f72d87016d5e010cc4b5169283a777

SHA1
a55f2e38241a4c09f6d6fa5b61953c19729696d9

SHA256
1e9356cdf6801bd16b4b3b64a8c7be686f435f8b2498a0bb3808edfe65f4e77e

SHA512
373358989f9894928aa91e906335bca28b3ef0d5b66886cbe43d7998da59e09dfc84024bb8b5e15a0f28a73d100ac6ec94e2a10601d695c21788c3857f46ef4a

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db-wal

Filesize
8KB

MD5
b1ae8e67d5892fb957fd9c436a4027c6

SHA1
27a4595c2f1a3e5a184e90485c3949f4af68c27e

SHA256
425f316b2469fec695ae28aba6a3a86101a4821315d8eb99b97bd8357ebb19dd

SHA512
d6038701db65e7cc9584285ea56f97c0eabe19fa0246a857aa0619c9d31851ebc964504504613946c7eafa66992d7168944812c9ab4b4227b12ff827c588fc25

Download Submit
/data/data/com.canvassoft.Station.mg/databases/ua.db-wal

Filesize
44KB

MD5
8da8251dfdb8760812cfc2916e561dc1

SHA1
a9a8ca0d23896918d3527400b37dd204b29dbcfd

SHA256
e927f75ef64df8b759f9b7185cf8440e0e3fa2afe04ec08ce61cd5b855879b07

SHA512
06ebfd9fec1d922a5e7642ae97d35769f47d2f200f60b86c8f3fb9d542416c76025a896da3c588aaaf6759c17c4c7addfb8c192dc69a9a1c0520df4f3b08333b

Download Submit
/data/data/com.canvassoft.Station.mg/files/.um/um_cache_1703713063253.env

Filesize
1KB

MD5
0040e61daa6e2a0683c0c86767a1557d

SHA1
27b2c8331b522b38fc8fe6cf371ef05b77a3b120

SHA256
6b1f6114663a404889d6a68e48d74fce474d6544af69234833a783ac117c5a69

SHA512
7ac19321ecf714cff0296d1e841e7ffa6bba4db837c25fbc0fc8adeaf7247b62ad58ee98ba7c1b58e8dae18f41cc60f431663d9a48244c85b63a167fb633d9f4

Download Submit
/data/data/com.canvassoft.Station.mg/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
d4973d42ba268c4326c1024b1d55f911

SHA1
1bbbed3422bcce4f94e6f7d075d8d37d51844f10

SHA256
730c7a2aa96910b696b9a0d753a7ab0b8a2d327650dce05a541c7ae3299b6c97

SHA512
61c58cd1bb6e0663f25169145cbaecfa9be42b62ebf34ad4ac43d535764b1447315c83ae43c83adeff77ecf57319269bd20cf1b84f006611bcfb42c9dd1ef407

Download Submit
/data/data/com.canvassoft.Station.mg/files/exid.dat

Filesize
81B

MD5
1402cd822b20b6eb8d584b63f5472ebf

SHA1
b53f913c69c4f8154f2174540dd503af0e79ff50

SHA256
344d82173d71957d2764078e8ebc341bef616ff12d58efe7f15e347e926319c7

SHA512
8f13ec1a115412c6973d450ad9b37d70b360e57efecd7df75b8d6d413af037e7a0ffa4e87299c4e5ae2d3685007771d21c87cf8917e4a016ae4b681d8aa5204c

Download Submit
/data/data/com.canvassoft.Station.mg/files/umeng_it.cache

Filesize
415B

MD5
a6482c66aac262c6c2a79cb7c1fd67c9

SHA1
0974e81bf72da55a4aecb17a93f40d994c4caabd

SHA256
bc7219339f481c634ac126c7990068ec356ae6889e5dadfd0b663e88311fbad8

SHA512
79a0f39ccf1050ba4c2b643ea04199254f67bd53216f0b99f38b9a55a3e07626e131e8c73cea689fc83d1f919ada53d826f29632a8076353e8702a07d19a9407

Download Submit