cada4fc7c97ff0f3da057e253393e36345480051efb6ec1c448415ff908e3c21

Analysis

max time kernel
3767923s
max time network
156s
platform
android_x64
resource
android-33-x64-arm64-20231215-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20231215-enlocale:en-usos:android-13-x64system
submitted
06/01/2024, 20:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

telegramCN2_8922.apk
Size

56.4MB
MD5

8d6506356b700395547344a16262f3e0
SHA1

2af2e7fc80de579ca81a0a52692134d8d8b15c6b
SHA256

cada4fc7c97ff0f3da057e253393e36345480051efb6ec1c448415ff908e3c21
SHA512

cf07e35a848d46607d56b58bd6197ac3af8dcbcb7b83a7e5274cb76d482ef3cc343468aaf4991d035ffbdebb23ea7eb5bfdc657277a77620215969029a57e8b8
SSDEEP

1572864:FX0/WA+5kaekggg29kxoMhCMqbImu7930CrQxrl7Gk:FAWmaek8296o7bIbJ3XWrJH

Score

6^/10

evasion

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.tgcn2.messenger

Checks the presence of a debugger
evasion

com.tgcn2.messenger
1⤵
- Acquires the wake lock
PID:4367

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tgcn2.messenger/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
4c642e34d51457b2e381a4f8a4cdbe62

SHA1
7f80faff3466844bb190f67b4eb75f54b9e87c9b

SHA256
a50f30742b0206a2da84a3c416c7cb01194080d2a9b4ded2360ed2ed5b1c0493

SHA512
500239d781a6fbcae1634fee4c7d1dd45778080e9b97692f69caa933a216bdd3a386d22b7a6cd1481f94656a7cb467f5598762015576a78d32c3b7bb534cd9a3

Download Submit
/data/data/com.tgcn2.messenger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
81fee51baeb1ce989e28fa3f325d3ac1

SHA1
1865d147f8a371e891dc85f9649af0a48b134101

SHA256
6e33494f96739cf6e92d6551c9b7d5397f73aa7c7c7578743d6dc6755a35838f

SHA512
5cb839ff7d15308479ceb67ba2b38d9ba112ab4deaea353e1c2eec5f1f926ebfd106d86f33bb30086123e4389fa2952614304ec051223b7c3939dff2419babbd

Download Submit
/data/data/com.tgcn2.messenger/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
ee305d4ff43b0a385870a3dd16435c35

SHA1
d25ca2f0c87073a836eea5f564baf133a99a3c67

SHA256
3fab65b153e80d7ba4429009cf49eccabc8c6e4a0b444787336a3c879f61112a

SHA512
72ff7bfe50ce84e74c7942419f55cc95abe1d22ec76db79aef62587c9d10cac85e35a6f659d818172f71e04da3246e9f985489f40854f089f9c56e60f23b748e

Download Submit
/data/data/com.tgcn2.messenger/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
8b357f7a9d857778185aab9852a8f914

SHA1
a4d318ff04cae541e4d4f25762a69a70269c5c38

SHA256
a3a034ca1e1069f8df3eda6463941ff7573a70ea01b11798139eab72d7b17c1c

SHA512
6ca112ef911d10320f677489372abf9d3f775c230aa003760830cf810aea99c050bec7e4579c1325bf8f439d17121a5ad18968a31b808c4b8851e3f43c336f67

Download Submit
/data/data/com.tgcn2.messenger/files/.com.google.firebase.crashlytics/report-persistence/sessions/6599BFF8007D0001110F72F7970AF84C/event0000000000_

Filesize
19KB

MD5
fe13af50f2e3cfa344dd815a66b3202a

SHA1
bdad07eb346f64b42a0cf73d0cafec92af3c1e5c

SHA256
fcea540ecf497d1b5bad692386b33f5a9f8325f428b6442a7ac3bb60bcb40d74

SHA512
dd302181015b2cd47a348a92929a91b9ec94ca37d6cff5f0e834ea5193d173599159215589d599f131651f713157634a163cd9931a3ee43e4e9e70e10bffd4ce

Download Submit
/data/data/com.tgcn2.messenger/files/PersistedInstallation2342834876469656634tmp

Filesize
90B

MD5
4015d65effe7a3ca0c4e9c994f862ac9

SHA1
a6b3dc877db8f786aa275354e282ce4edbd1419f

SHA256
9ca6b73c1b16eadc7b97e9eab36518d5aa4add24344575259a208433fefa1630

SHA512
dd2a6b16fb56d33fb32dee372e79e88c2b93dd73d59ef7632be023f8f84df6a99d1635b416a439d6ade0401fce6a52425988553da436d962c2c64d260d9e6cc2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads