89117fa84a826f03f86968eb61a3be41e074a57a70a721d4345c8af2a60da431

Analysis

max time kernel
3272322s
max time network
131s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
30-12-2023 05:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

10819b1f275f54788799d78ee5e3b3bd.apk
Size

11.1MB
MD5

10819b1f275f54788799d78ee5e3b3bd
SHA1

a7ae0f4b92fac4b6c03a3f34177a26670cc3dbb6
SHA256

89117fa84a826f03f86968eb61a3be41e074a57a70a721d4345c8af2a60da431
SHA512

b1d80d92e318c97b045ef6e30fbe4113903908ab1cf50becd9ee0a2f9ddf3def61f15a7f9339c31076c49091309c9421edc0462c0ad3e7deabe9c3057058849d
SSDEEP

196608:jpRRHq6AVmT54OPGA1NrMQLXIZoRsW2rV2HjzKBXiz18McRqkcQG9ag2WAWLg8AY:t1zT54+GA1/hoEPc4+MUqafAAaD

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.ketchapp.elevator.mg/app_mimo/mimo_asset.apk	4517	com.ketchapp.elevator.mg
/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk	4630	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk --output-vdex-fd=90 --oat-fd=91 --oat-location=/data/user/0/com.ketchapp.elevator.mg/app_analytics/oat/x86/analytics.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk	4517	com.ketchapp.elevator.mg
/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk	4517	com.ketchapp.elevator.mg

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ketchapp.elevator.mg

com.ketchapp.elevator.mg
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data)
PID:4517
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk --output-vdex-fd=90 --oat-fd=91 --oat-location=/data/user/0/com.ketchapp.elevator.mg/app_analytics/oat/x86/analytics.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4630

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ketchapp.elevator.mg/app_analytics/analytics.apk.tmp

Filesize
333KB

MD5
ca3181d4b46198a350caa06164174d95

SHA1
757c9c47775c5f746e85c89a217b4899d92456a6

SHA256
dd2f890f7fa8b4ae1a62cad8f477affec9c5f631c11263f9640b3051e341fb9e

SHA512
f61523902d25b3d8e01436ff35252f613e7329c5eb581c30df41dbb13e8ca03b84e273907b32cd601f10ebf7c0f98f4b26c293f97fe9dfb5fcefc47fb79701d2

Download Submit
/data/data/com.ketchapp.elevator.mg/app_mimo/mimo_asset.apk

Filesize
59KB

MD5
bfdaf70816ef3db19ba13a2bbd711d2b

SHA1
259e71f52cbfb7313b3883783ac78f57b5cba974

SHA256
f9619a1825d242aee3ab0a764344b1faa5b5cf287a9da6ddde73ada02a8ad8a6

SHA512
b0eadf2827ca93f40deccae958e6218548335cd16638d22b61f919d882317958feae44fb14570c9e5d1d1da38397aaad83d92047fdf7e04669ec57b33e51cb4c

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/analytics.db-journal

Filesize
512B

MD5
6fd2fab1cf2c16819f01806bc9cc8dc5

SHA1
a300a4a0efc0cc4fdd87f760a238621b8e13bb79

SHA256
496a76d2f240568397a0eb8e811b144923dea518c4f6a1f46d419aedffc4051d

SHA512
30a3c013f5fd6bdaf0a77cfe3edda38e17b73bef03040339417e8d8e5e6a6a83df001c608e33c05051b10d549de922be617aa62d6764bbcb9f152b48cff0bb69

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/analytics.db-wal

Filesize
28KB

MD5
f459ae77923ca0118c19908f73a2e06e

SHA1
9cdbfdcb5a0d7b252c4ca453d8e3ac02a0c46adb

SHA256
d9c9f1896f0958a2e4e8887ee61e29ce145889e89a033b7b9d287f8abb55eecb

SHA512
0f47ab1a0f2b3ba0962bec4fa627cd9ebfde7a0478be1566a95ff75ba8c12f55a0fced46a83c2e9f7e70daf674ed8be5e750788b6a34b787722cb5042e5dc126

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/analyticsv2.db-journal

Filesize
512B

MD5
347a00597f7e3c5e8a16b880dc5d7edd

SHA1
3eb94d23508e2d5f69d40c21815aba8278263a19

SHA256
2f447dede53c766118f14423f18c0ec960bcf9ff458d608e700456294d512891

SHA512
4b65eee24da64faedd0749e24e1d3e28e547875754611294e4e8e70e3a7048d86bbca397e7991394fde969686a69de9b570603f50ae377ae2ba103807701f5c7

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/analyticsv2.db-wal

Filesize
28KB

MD5
04e05c918bd94076e3a44f3047c85a75

SHA1
e4018ddc0a8f34154614d26f4447cdd3ac43fb2e

SHA256
1306d7317727518c3ab7b65af25f4d2d1dbcf8100ad4a7cb81db25b6308da8e5

SHA512
88c3276994cbb976d13d0fee2ff71ad7f580e113cd0cb3ff0cc93f2bb26717b9b3618a2d52866f4fc6755c6bb0be35eec8dcbb8d4c54feafa113e36a2cba5c66

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/cc/cc.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/cc/cc.db

Filesize
36KB

MD5
ce6135aa1b1fe4f2c2db2a546d2a5558

SHA1
79b59582154017aadab783dc266fcb158c252940

SHA256
7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c

SHA512
2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/cc/cc.db-journal

Filesize
512B

MD5
4dbe6b6c04a18ba8d25413c8efd78f0b

SHA1
b482659355e1ebbb9b2bfb380adb836b5a04e96e

SHA256
85c736a66e8e6515a77dd87ab18a90225057dd283810ecf1d4b39411384aa5af

SHA512
1f49ea6bd0d6dda2861e39c4838b46d5215eb87b1300b72f6e9c4b20abcfc9825671c3b60bbbfcb637ff33ab464f3941f5ab59e7c76d153286a63612ab7b4090

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/cc/cc.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/cc/cc.db-wal

Filesize
16KB

MD5
9c19b16f4b543b7f1bc78cead28e289b

SHA1
a805c50f44b4028e5da71be79a32d99dbba4a67f

SHA256
cfcc1e97e028b597725c6919835701e3c4543c0e29d55156ed4cd285658d5e10

SHA512
562169244f23bc164312466cd271c3683d131b2f1aa6d999a2b68759f80cded667aa2362b5435bffce9cd8005e36943d2d55a6f103af0636f040856224102665

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/cc/cc.db-wal

Filesize
48KB

MD5
0dbca68db1914049b68ec69378e95475

SHA1
bd459971d206295dca44dbbf25140d098aca90a1

SHA256
a6fd41633823edf42720d2222a93ffe54e60086c43fcf9199d0c9eb4d1ef99b8

SHA512
a39dd49ce4b2edb3e746ed44954318f74a1dc4795781935f8ee1037feb2eefb30b7b8f297677d9ea3fc84c26260850db223e1830ca905cd2dd456ac3e7216670

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/reportServiceDB.db-journal

Filesize
512B

MD5
ff226e1995d1519829e82f16227c1dad

SHA1
8cb3fe0e772d65d491ffcb580bae58601e373a7a

SHA256
c337371ab742eebabc161c5e21039c53127212955e60c57f3f1020c639b51d26

SHA512
de67c34c899dbb5e7e77225e3ec3792a4a9be4aeaa269922a5767dd6c10457e53aabaf2fba81de0374c99b700daaa113ba6b5a725124502565a7435d77317373

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/reportServiceDB.db-wal

Filesize
48KB

MD5
5c332ae2e2b543bcf60b3a24790e9d6f

SHA1
a060dedea56a905ece59a3671207c8bc4d8bf392

SHA256
20dc323cd25c8badffa99e63bfd092f08f3011fc6aba12b2d6ce427bc2379843

SHA512
ec3cee5ecfc94d6b544a69b2f436bd5b9cfd41c29616d9704df929159be89621895a722b68ae2347db769b8195e4e994730d0d65590418cde9bf4e88df146cf9

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/requests.db-journal

Filesize
512B

MD5
892c76bdb300bea3ca4e4f27ae467544

SHA1
b28b5bbfd7f1e3958fed2b2a4a392b3252e6e334

SHA256
05dc5a1fe82fba8e0a289ddaa6d15246415c75085d5cddd89189d378de989da3

SHA512
3448670b9ae2c687d3c3e8b5cac61653523ce2aaf276fd8833c5db66ec1a7719e863388b6c477426d5dbac32f371a478df66d1d1936680f2941a7ad0c70c9a29

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/requests.db-wal

Filesize
28KB

MD5
4b10e20e6150dff7558cf7523fe18c23

SHA1
2b234a523742e922d1c9e695c58b0ce8bd85ca4f

SHA256
748291e634a255e3347db6f148b4eaefeed43a7e8391b55a3dc0d38cce16328f

SHA512
2f567a8ebbbd0377d9e56824c5b1332b673a27d773ad69ca3931190399a8aa6656ddf4a2924ec80aeb0e3cd7a807d0ddf1c99674d6bb4f7361976840be206b38

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db

Filesize
16KB

MD5
6e5bf28adb526bd6e9fa58ca2738557e

SHA1
1aacfa3d3bbdcc9a509b648771b8ca100cc9d0c9

SHA256
886034cfb2e3da9b64b48fa7974ac567be4d101bf3eae3605e68071e5b63550d

SHA512
c396601e006db46b090e396080cd42482a243f97874ed315a6e75a4e146c044235270bd605933c0ba48afd7f23042baa0f3cd290e572adc7e3cc6e5cfdce9ef4

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db

Filesize
16KB

MD5
1ad224c676fbd4847cff19315cf6038a

SHA1
4bf6210b49dae3da18d6a1241f1a86a77c313d1b

SHA256
7203bb34f7d0fc652d8c85eb8cf409add11ee8a9a56d49c8c1ee84ec52a3d151

SHA512
76d52a93e45a0dba157eeb1cd25b82a668582d444a261e4a9ba96fab6c2d5535d20af554071116d4fbc5aa3d6435f0766b9c190efe45a5be38a744f6cffde0a4

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db

Filesize
32KB

MD5
d604a3bf1f8d992cc320ea5b1f7609bd

SHA1
247f88df0b55c7d523ea5398637711a0e4a483a4

SHA256
329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17

SHA512
67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db

Filesize
32KB

MD5
c971c1f9f7898e4c46842f3258969ca9

SHA1
afb39828ff70caa9291155fc9f777745f4bba3ea

SHA256
a53abc0671a55aad9f7ed1dbc2e286c61c98e84e52f3b59cb9a9a384a4113e0b

SHA512
a96a1d3d547866ffb8057f67e48f9e7233e184b644075e1b6406ef4923b68c78360849e4bf39e2115223983947e84c7dcabb005691405cc8cab92f3cab59d10b

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db-journal

Filesize
512B

MD5
d8168fa7676703ab1654d105aacf8f67

SHA1
ed0331bed50183da4abeb7fedee796f4e32f0da7

SHA256
c8dbc19ed1ae4f06bf2bdcb5969b1db1879aece4056fd88935e7c01f701ea952

SHA512
2b3281aa3ea774eedaf8e3a4e7e71969f17e5bede64a1fee2a385685f9104414f1dd7cdb4ebcc2d69b2148a32857d8c0275cddf71e88381db188f2770792bdc4

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db-wal

Filesize
4KB

MD5
d590c582c2a0455da08be6b040f5b551

SHA1
4a1720900f8b42ecd4c498a596fc1a2a0583ddc9

SHA256
7edcb7b05444cc946754fa0aa1097f4a27b21f62bd34a8d93377c4795118e098

SHA512
fb4f030e79115f28ca9b532d8a49c6be05c95c7c73bd9a3a5e4ec679787f96cb3a78c3a4b9797a3dbd62af76410d9cc0184e6d87423200fe17ca9e5d911f4e67

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db-wal

Filesize
4KB

MD5
2047d3e956f0a7e5bd3b78daa229dd01

SHA1
f9ec943ce1f616461c27dd1899defdfee9a78e72

SHA256
46f2f7d0f26722da768072fa4ffe66126b4e7c65b88274a82e61c6ae07770b38

SHA512
0e7db80bb4593f2a8e4e39e16bf7d9ef24b4bad1772a6ddd3e5b29bd244a65779ee1ee060752273108427e952f98c437dffc3b2585774c5b0473ee7ece3bd448

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db-wal

Filesize
8KB

MD5
8cf5480027f1fedb0fe1f75f65554932

SHA1
0b157b521c95f8b2750aee8c9b70f116f60be29d

SHA256
f6c6ef6a1f7bf1e11366e4d87cc2d88abe2848ba3fa7dd3e307a7a6b239560af

SHA512
23cde74ace21b427b98e91b7733a7ff83998002ef23dbb32f817f8df2fd1282cedadc60f49b3bd4d7002e6e0078b280e906ee09b9b99ae9ee05d2443d36dd5f7

Download Submit
/data/data/com.ketchapp.elevator.mg/databases/ua.db-wal

Filesize
56KB

MD5
ee93b7c158a87b0a08402ef0b5c7afa8

SHA1
c3bfb020e1a38ba84906bc759beff3b07173aa76

SHA256
a2d606f412d9bf8c695ce86d8ecdf745caac3f4e5e6e4e1b49c87b6d95e23812

SHA512
27574e1648182ba7c322b2042fe0215c84eee97f39daac9ca14618875f1b1a962b1f2234d2e6ca10a7417a4febdc1843dd35f446750198cacb675db35f92e978

Download Submit
/data/data/com.ketchapp.elevator.mg/files/.um/um_cache_1704079371340.env

Filesize
1KB

MD5
4fe824893f8a757b758620c0b360607d

SHA1
1bb7cddb7713e4aa0a336253fef8d24e1bb8c73a

SHA256
4e94fbc69d4136e3741f8e396b088bf29ab98ad7afdd9d3da70921c464f9fc98

SHA512
c9c5e0c6f2a6723ce028a01f5f2200d7d2ccacfe8749a3bcf9613e8c5c001df48488f87c25d79226381614932ef54637a7c46b23dfe8a5b3403c82432c71c74d

Download Submit
/data/data/com.ketchapp.elevator.mg/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
e28a81a701cd5adf68f5509d200e87e4

SHA1
f3539df00a2e563238abe1b01e71a81c8f023340

SHA256
e41171feea294a21f1deef87ba377c58ef1858f90e46d50bed13ea01fb0ffa43

SHA512
faadaeafe5dc63e5306ef2e9dbbbf4cfee4dfef134a5e8f2005ca6347144b2c9c398e056c257e18c73e44fe7c3ca5cc8dbddc7fc7ed44c5e76c0b92f892e2f69

Download Submit
/data/data/com.ketchapp.elevator.mg/files/54db829f09424caad69f7fb9350fa48d/policy.cache

Filesize
12KB

MD5
f0326dac3bd2b30f8d216ca46622eb2e

SHA1
e34cdf9529a96288d206b07c5078afb012be5b7e

SHA256
c59de2f2197323aae35f444e18f7f5d7ae2967cc486b0297bceaf329ef8dfcb7

SHA512
b91250a4e5cc4c2464657d7d625a3d19144b321fbc091041bae340dd8f7a27712dbc0c5961d50bc039471014c568fb06df9b8305f20e4ad08c65894e56b4c49b

Download Submit
/data/data/com.ketchapp.elevator.mg/files/a194a0a7214f6cbda0672045c51505d1/policy.cache

Filesize
13KB

MD5
04ecedd182ec514d1a60d8d2ac199148

SHA1
3cc41071881e11ef4a5e8500ba83eb91e0502aed

SHA256
690fff1587a5f29c71dd12bb95f7c8d0d25518679ef90c9a9adf8c69ff5f18bf

SHA512
27a2e1ea979a0c3568064028558da583b72cdb5133442cbd5434c497ba0d2ba7a0a0445dee5657c4ec277af119b820371e03ac4c799eee93731b12379c491837

Download Submit
/data/data/com.ketchapp.elevator.mg/files/exid.dat

Filesize
80B

MD5
f1ad34c81c14266d0ca3465413dc3514

SHA1
758f3ed0509f45762c197d26fca08eee67d547e9

SHA256
41fa61455fb040409a5c2b253194afd2de9f77d7e1523324b7ff9bd3d02d397e

SHA512
fd206d7a499611e3ada7fba97243eb275b19fc6ee8acffe21546f9480a5b9dcf21fe923573632d8aa21f0d27e20330e9166c01c3d9dd4df730abc96107264ffd

Download Submit
/data/data/com.ketchapp.elevator.mg/files/umeng_it.cache

Filesize
415B

MD5
31c84954fe330ab8e061c222cef25ad0

SHA1
5b742b99d5784168532a4b6b762e36dc98c4cce8

SHA256
2ace640b6940fcda9f722f6d4eb6c13460ac4e1512f0006b2f29fef898729577

SHA512
58f10dfde17f461592e1e78966615c2177be4b2ad875133d4e17e440857404e31998ed04788c2c0331fd46d0641293ae41dfe94729a74c7a4be89767d7383f89

Download Submit
/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk

Filesize
754KB

MD5
2dc33a61f32c03ab8e72a94e353fddb7

SHA1
26f6afa4a496e8d6e87338024d8d9aa95d143f4c

SHA256
8cf83b2fd556172b0751dd214a1d1553b8ccac2b679e7c2d5e01d8f3fe7126f4

SHA512
b9e69335ad64b4b1509fac513f7ae3569ae849649e0125badd7605590008c12d2b32785c3bf7ad7f0f63b187d3c3cacbac1be2f8f789f71b348c13309bc3cae5

Download Submit
/data/user/0/com.ketchapp.elevator.mg/app_analytics/analytics.apk

Filesize
754KB

MD5
45be0e37f579f0a81367279b974ef598

SHA1
ada6d4af54dab22b5ed915397f129d2cda3c4cb2

SHA256
359b79715a88dcc0ad31ab4f8c3a30c95bce3f9eb7377527c24f763619865c02

SHA512
4446825385c1da26b54de1638081b2d21a88fdc873c1a4dacfae23e380e48d1ecb2e9e2b5a8ae2d49beb331d7cbe3b762c80cfe42f08e2e2b3c1be45b312ea8d

Download Submit
/data/user/0/com.ketchapp.elevator.mg/app_mimo/mimo_asset.apk

Filesize
491KB

MD5
125960ff6760ac511b7b84b40d7cee77

SHA1
34406b1db2e0e14a147ebb2b57d888befa2a66be

SHA256
7033faf2e195a2b8200f570f54db3bc7b25f790cd422766d9b1f34117b140e75

SHA512
2a7912b90220c8d5eb65a1854ef38a2bbfb669b85093e70130506c4cbff3f1f63c47e0ff24a04dfbeed473928d3407fce11524a0e9086b61242914fbcbd985ca

Download Submit