e7094944836b24a76fd447f535f34c05c9f34ae8732e0d48b1d1a029ae23f0ac

Analysis

max time kernel
3092270s
max time network
142s
platform
android_x64
resource
android-x64-arm64-20231215-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
submitted
29/12/2023, 21:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

042f52c2e85f4f387ab2b7a802ef518d.apk
Size

29.6MB
MD5

042f52c2e85f4f387ab2b7a802ef518d
SHA1

f0a9ea2c7bd32cedfa598c84a14395cf9ad6b5ff
SHA256

e7094944836b24a76fd447f535f34c05c9f34ae8732e0d48b1d1a029ae23f0ac
SHA512

413f9e5b3604f4b71fc6b477ad9159326d5cd6820482d9e7e8c1ab04dc8ff1104d3f3a95d0a689bd8738fb036381e9b19838c5514076f1cc4b521b2d625efc91
SSDEEP

786432:GHn2NBEqSbnRZWWAPV86fNtnHm2SybqjbAnqYIhTynaeTTcHf4QtrxrGgO:i2NBEq4nDpA1VtngQqPAqeDgHf4QXrk

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 6 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.desirepk.mountain/[email protected]	4753	com.desirepk.mountain
/data/user/0/com.desirepk.mountain/[email protected]	4753	com.desirepk.mountain
/data/user/0/com.desirepk.mountain/files/ee.bb.hh.az.jar	4753	com.desirepk.mountain
/data/user/0/com.desirepk.mountain/app_mimo/mimo_asset.apk	4753	com.desirepk.mountain
/data/user/0/com.desirepk.mountain/app_analytics/analytics_asset.apk	4753	com.desirepk.mountain
/data/user/0/com.desirepk.mountain/app_analytics/analytics_asset.apk	4753	com.desirepk.mountain

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.desirepk.mountain

com.desirepk.mountain
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4753

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.desirepk.mountain/.1/.suuid

Filesize
72B

MD5
d4eff6fc90d64669bc2163c0bdcbf78a

SHA1
202aa9dc3288cf0a7740eed45708dc13302a8411

SHA256
a4288ecaf8f8147aab7bd81da150567c00befe9eada62b384be6105863eb1e38

SHA512
e299d68e6b62890e5bf6dd369f9fc2b7725c0d91920038c2697021e34231d649ce66a256c37173ee3d38eb6565160a3d9d8338668735e8c2a981fbed9df21562

Download Submit
/data/user/0/com.desirepk.mountain/[email protected]

Filesize
177KB

MD5
8f6af1190e999e3137588c8aa2c00f74

SHA1
253f9a6d609e168cd6f2665ed174a0d3aa8c97c7

SHA256
028fe456e3c7c198e8d1a3efc7fc078da9ea58d4951b7ec0552204fcbd714ecf

SHA512
460583c4edab14dc510d41999eaf9a21d6733523038940bb4ed84c10c30469e4c1691fb331ae131771ce2d86d31273cb0e4588cda94010da1c8ffea4d6e8ed06

Download Submit
/data/user/0/com.desirepk.mountain/[email protected]

Filesize
360KB

MD5
1c1683a76bc964905cfb038b3b6e0bec

SHA1
452b01977f90711e475b05936f8fd56dda92e82c

SHA256
19fa90985c505379181b025fd305b02fe60b4227a136af6722cad4e6c8b377be

SHA512
71590b7a1d77b2d4a4588d503180975432cdeaab0c40a84dd4af12aa4cada4218465829f40016a45f354df749645c2cea311e36eb3e3e1dbc07884b6b3699682

Download Submit
/data/user/0/com.desirepk.mountain/app_analytics/analytics_asset.apk

Filesize
159KB

MD5
d2e90bb505f20fc73baf25805b0273aa

SHA1
240fbbfda194a65761baed6f3546bc4c744a1850

SHA256
77060ad812f5e6e9e896c39bc548f8295238eaa9941e1986e8e024e7d2114309

SHA512
c2ef3f79b6cfb171b0904ff8138238cbf985344d91d6d9ec35472d14233d1b108cc0234259e8286cbb099747cc8d9d2f74c8c7394ab3a6dcfc2cc95e168c8c85

Download Submit
/data/user/0/com.desirepk.mountain/app_analytics/analytics_asset.apk

Filesize
132KB

MD5
6d363f8778efe0e54f37ccce23d16fbc

SHA1
11d186169520c633d09a1a775747ed0fe5181c55

SHA256
b1b9b928f020d1ecd232211f2733dd1fc640f5101db35794ef43dca96766aa55

SHA512
e375c9d975e4c44d7424c43f7c01cdb5db474a71c4658ca1a021a5cd3265a8e5027f671f3d04ddee962a34f65ae4eeba5c45c36c286a8016277993a1d6931cb9

Download Submit
/data/user/0/com.desirepk.mountain/app_analytics/asset_lib/libanalytics.so

Filesize
105KB

MD5
cd1cdef06a5e2a33c5c9e7d4a6cb915f

SHA1
8df09fd32c4fa6b821d9dee89a4fcbf7d32b9b02

SHA256
929c2b04d1495dd1a8b8b72552daedb5d8c385526fac224f5e3c466f748467bf

SHA512
8518002482356e5caad64d33f74172f13fdf3150a05d3dd20662bac8e3ff3e95986a5a7331fc60753d6db8eb5aa3e0779127946505d1fbd03e197359203f88f1

Download Submit
/data/user/0/com.desirepk.mountain/app_mimo/mimo_asset.apk

Filesize
300KB

MD5
bf0be21e40885f5f682349db415ba2f8

SHA1
823bcad773983ab798565f7b64b95783dce14d80

SHA256
aca4c8f0522c09a77bcc790b10c772611525456cc88da97b0240ffdfe1c4a2eb

SHA512
3c837718ddcc19885e00d54f9b7c336d83406571affdf64411e85a1ca317d67399e1cd56c5472a725568897dcd45bc5d94b87747be72b15e37e565034544be81

Download Submit
/data/user/0/com.desirepk.mountain/app_mimo/mimo_asset.apk

Filesize
504KB

MD5
5a15af670a78139158914e6c23a74dab

SHA1
86ebd3ce9d7b325aaf25daa601b79ef10bdc0ac4

SHA256
454d49ed08121de604effae547020357ca79798a558451b688481aea9c7383b2

SHA512
b8b6e18f68edeb80ddc14ccdac1ecc8e0523083f55da52da4baf86a75d255cab1b47e25265e5e5668c9ba583a18feddffcd41db1dc2fe0945e2c1b723421ce1d

Download Submit
/data/user/0/com.desirepk.mountain/databases/bxshieldh.db

Filesize
20KB

MD5
0026c77a4441834a7878e1af348d22b2

SHA1
d0febf411c30efd084a6d48dcfe7fe956ac9c4d0

SHA256
e69451a31e11dfbaa72f5b58ff84687c0ae857a42c944fac2dc7c5661c8f48b5

SHA512
f0bd472b5482ce923b2ba0dd0869a0f585c906dc8b28d0565087491bff45788c588c0dc445be0e22cd58e33fc13d31c74429c370d70c12247d633629198f2603

Download Submit
/data/user/0/com.desirepk.mountain/databases/bxshieldh.db-journal

Filesize
8KB

MD5
fe230f4aeb32d1e8ec08cfa003362f04

SHA1
8bf49915acf54a8ab26d9618bcc784096016a154

SHA256
059eb2b4f9a97e3135cd4a78780d595ae12ef81d27a46a0044e185da3c7d6b57

SHA512
ddcd9d2c487f62e529b309d975879e458d5934a8b7f101cbb486d6d3f29edbac1fb917e44ddbbd7226de8cb61d8922ed0285425b74951f0c60bc9221ddbedbe7

Download Submit
/data/user/0/com.desirepk.mountain/databases/bxshieldh.db-journal

Filesize
512B

MD5
ad14ec5a994da495f21b544bff54d230

SHA1
424e60536741888db7a84b8ec510007c78f6a596

SHA256
6b4526dd1505aa64164277e3b11b6e0330b1962bd8ebed38ec6a2fac24c6f4fb

SHA512
244250487a234721d88ca5fcfef5936474340f6ea4482842f39a9d1ecf50e63cf25de7e50464be0234599940c0b3d188cd8145a6ed30e4ac108ebbab0d05c2fa

Download Submit
/data/user/0/com.desirepk.mountain/databases/bxshieldh.db-journal

Filesize
8KB

MD5
c9f56296f1871d1e4a9d646b755fcc28

SHA1
0d2b4719c3563d13450f95d56f91f934b2e659fc

SHA256
c1e01f92180f88811bedf640b8aca2b0a19a30a8eb445175fc556dce2f29ab65

SHA512
5a2a08acdb593ac1585e3d545c829e5b8ee4d7bce7fc7bea2edec4802c76bb2e5c695daa4181b38a62ab0d344efa4f68d1c13484316fc4e1cb5d4ac2f3abc9c0

Download Submit
/data/user/0/com.desirepk.mountain/files/ee.bb.hh.az.jar

Filesize
371KB

MD5
491e0b4792bfa37d8a62d74aed3d3094

SHA1
0c33eddd2aaabd17515cc55df6ed3cd770360177

SHA256
2398427507496d0b64b05df4c75f8d445f94452635c4c88bc59bd00405b32837

SHA512
db25cb33dd9e4de2f3f724226699c349189252dd56d207568bf3a6d2e99f345acc4395aa0df972c74f2eae0842535cb9d0822c4186a1135c016b29313f9845c0

Download Submit