8a501a8c4e7a66fdea5d55973599df8f91944b292cb48b51c932bb4c13bf7a1a

Analysis

max time kernel
149s
max time network
139s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
02/02/2024, 19:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8a501a8c4e7a66fdea5d55973599df8f91944b292cb48b51c932bb4c13bf7a1a.apk
Size

11.4MB
MD5

6f06f35b4d268cab5d37556f5455fcc6
SHA1

3483b8e6c550aaccdee6aeee9188a80d11058ea7
SHA256

8a501a8c4e7a66fdea5d55973599df8f91944b292cb48b51c932bb4c13bf7a1a
SHA512

9274df15caf10a6563c7ded7a7bc022cb03e6aa14355b423282f9f0f2d9492f57a6d6a2ea5424cb97fedffedb7a0545bc9cded41a69af4c8ca0ade3f6a4925db
SSDEEP

196608:7ciklFNGz90BhyfItjZqY4/QdeCXtgd/pHG5GCy9eCl20cyPLS4qOFsFUT1Fi9Z4:oisCRmyEqrg9+d/pEu20ZL3FYUz22iq

Score

7^/10

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.arcai.netcut/cache/1582435991586.jar	4646	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.arcai.netcut/cache/1582435991586.jar --output-vdex-fd=120 --oat-fd=121 --oat-location=/data/user/0/com.arcai.netcut/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.arcai.netcut/cache/1582435991586.jar	4486	com.arcai.netcut

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.arcai.netcut

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.arcai.netcut

com.arcai.netcut
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4486
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.arcai.netcut/cache/1582435991586.jar --output-vdex-fd=120 --oat-fd=121 --oat-location=/data/user/0/com.arcai.netcut/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4646
- su
  2⤵
  PID:4791

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.arcai.netcut/cache/1582435991586.jar

Filesize
9KB

MD5
e8e0527a01aefdb89afd2c508f131da1

SHA1
f1103e6b260c657ceb3d95f1b023af3fda8b133a

SHA256
f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce

SHA512
fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34

Download Submit
/data/data/com.arcai.netcut/cache/oat/1582435991586.jar.cur.prof

Filesize
148B

MD5
a3b78d197d786c13687c3f0f89703bd8

SHA1
9967f0726b6b1ed3f198904547b81920f8329621

SHA256
c5e6754556dbe01b055066f23c28ddaaf5fe67cee4baed00d59dc993335b3d97

SHA512
9a47c9bb977edec9d29d22f280e0078ca931a722eaecc2b085c6b5aaf6246d17a6ad07c9faca45070bb5b89a3ee6cf896f5e2c7e73fb033e3ac57471df70a8b1

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ab3711650b8feb8631bd60893dcb0a86

SHA1
2112ee94990d7b933d48e6b60691b81c3d3c8e75

SHA256
71590c3039e7e8bc269c9cf434c84fd2158ff42b603906fd0e920d4ac12b941e

SHA512
2d0f0c1f119a401fa57f108548137ccfc3e42b96a5c565030675a843464c7e272b9ab4010f79d56080a104acd895e0ad77cc96667a5347906766e36facd35619

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db

Filesize
16KB

MD5
67d104862499a0e3374db6d4dc6f015b

SHA1
d2954ce8bdc2b263b4ede3ab65dfc493fd450347

SHA256
893fd7550e737b8f65e3ca0da5b8e505279bea114d98825e22a7e9725a1d62e5

SHA512
787356b2906b956be6af8a94cd305965b9d54db66e0def4c8930775fee8a97ef304809b198f17624bc0620b96f856d01eaf3ab174049ad21afff7fa396b9672d

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db

Filesize
16KB

MD5
700030cbdbfd113eb0360e01d3155366

SHA1
03b0008a5342c67fd3e6145005833d7ac928b187

SHA256
be24c858eff296e7c397fd72c0b17bd998102cc557d159882ecc9fbf50bcadaf

SHA512
8b5d6f9181aeaa657d23479476dd22522109ebce9285fdf403ad83051078f672457155536e3f8cd253000117f0e013a5191d332b0b543f4734a6cbcb59eef768

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db

Filesize
16KB

MD5
99a694db57c6ecea04a00fb0dcdc0710

SHA1
eece6150352d06e812e7c8c90782615d3b835dad

SHA256
91f0007324765633ea9ecae1843879ab54479f71bc6a4216250b934d612f6c81

SHA512
8477e08a6c786d9a752c9a13b35897aff07fda8c0103a656cbe20afc7ca672f489aa9fa8f686dfcecd8c690f32e16bf5ce01add13244eb5599fc4e14be874be4

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db

Filesize
16KB

MD5
31245700f9a8ac0400d3c8c446d4f06d

SHA1
5e6dc1e1a5d33c492630916242a5d9fe4f83ec69

SHA256
c67668ddc9210736470945ddf712d0665d2078e4bb8eb100b6a85418048c620f

SHA512
6d92f24d199ecf98de29eaeb6cd23a59aec8bfbfe96048d5a9837d0f6ddde2228d987ec5c69d9cc49c17dc03268b972909dce0ff154f78431af1862b04f96f3f

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db

Filesize
16KB

MD5
af2d62e74610d3b526889a0f6d117905

SHA1
5af24eff1e7d3664f1a72e50ff6090d88fafaca4

SHA256
f89931f5bc0c9bbf60aedf021588e77419ae247d8113a54e44b12fed3992a62f

SHA512
2b9c2527682ab145c54bf26fa67938a5dd451f7eb98243522924a0cc9eaa377c262ac83bc8a3775e65fb7bebb55c142e0822fc2be34e9b128eac379339196491

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
7a112186570a1b553154cc200892f72d

SHA1
f7e16b2c2afc6b89b6ac989e6c42e724d6495333

SHA256
b4839278d224babad658bae4a00036bb08ff3276c1da26101438cca853f95c0f

SHA512
2afca9987b2ecf1983eeae0cebce52886adf7263478a1aac10af8cf26a3d0b9a9cfbc6a749cfc92f2ca53e978da09dcd8dba7e1aac94070c715c8345b37ada71

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
37a1cd9209b102dd39ed5adf7d4466e9

SHA1
ce5102ffd05b095a8f1216437060409d7ccc5165

SHA256
900d1b64caaac98a0eef1f35b889c55bf79c6228e5900f587129c48f527f8247

SHA512
3b62b282e97a51bdfef0c8dffcde0d5418b7da00f9648c954f63c7548e03b50551a52b6740692fc823b8845d59bdf787706b152ab30dc131b44838e6489450a8

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e06225ffabdac49b25e94f2602b2bc46

SHA1
2bbba9736cad4f66ed221d5781c57dde23c87a7e

SHA256
82e0d29b8b24329679eaa9100644d0614279b67628d89a04d1ae622725f23c49

SHA512
8c2da99261caddedcd20ce2643202b5e6fe44d212c5e8313ae09b9019840afc6c1dd2625aaf7e52e1ee2bdb43899acba6aabc4601f5e4941402e3cd85bea1a69

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ed2143dce1c2e6995499614721d6ffb1

SHA1
44656060bae73f9e95f56973262254b55a44fefc

SHA256
8514d621e838a5774e06fea2026080865b6455518f81fe3c1403fc39a5954902

SHA512
03ee34e9aa50ac510368a59ec4dc5e36a6db8adc391f5dd8843225ebfe6c1ae09f566b2f6c1f62617211ea07f7fe9bca79173c088cf60b3c3d3d38f9e010840b

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
877f36ce6634800e97de0bcd9736a041

SHA1
d8cc42fab306eb4530a528b6d8bc19580271c347

SHA256
23a310c1d1bb958174e966c0e827749731a0687781dae7ef645379becc42377a

SHA512
069fa8cb49c98c0908fc822717842390bbf19c81ff107c2559c72ab7948ef87a4c0bd03c770464a631e85bc8fe8ff42c4e966415960bf0d3038baf32c23626d4

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e8c233a39ffbdf9cbfd30334cb1b96a4

SHA1
3ea7b54619cb753819878d8763192bf229306de3

SHA256
ad64328df693f930ec28a30f9601ba0050466ca15195343529c203557528ebdc

SHA512
222d6c9c39218a994683ccbafd6a704c1bbd977598e9a7c22619efdf9a1dd482ee77a4adfdb2f021ea2bd37a3357c20a50c39164eb15a635c0c45d8e39f72e18

Download Submit
/data/data/com.arcai.netcut/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f621f385d552ba66bac38f58f6f2ed2e

SHA1
2b65c75258e429cdcfb76acc1ac5a3111a2590db

SHA256
cec9044ae9c40b6cd22242ba7dbe5324372279ec8ff79383c2968775f8202a56

SHA512
b29e2f03d70786d74537bd3b2ade88841d3db04f2d4503a2f31b27cc342d246289feee70f4d7923ac42aa15acc27b1fc2dde1f6b9277c0f08ac132cf21908052

Download Submit
/data/data/com.arcai.netcut/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
0c98b343bc0a60522483756890429dca

SHA1
237d13e6105a41884c813f763ecdaf96bb80e7da

SHA256
fb5340a9e997be929f5dd4904ab3280e734d5a8b1745b45c6e41a39f2a604cf4

SHA512
d4d9d0ac4224eeb1e2b1f12e1f3bdc190b8a6db7bb939d688c5fd1ce26bf9924595dbb2915a8235886cf8ba78d74223e30a52fa5de91123cdb9fe83d213a2652

Download Submit
/data/user/0/com.arcai.netcut/cache/1582435991586.jar

Filesize
20KB

MD5
2048eb6124a452540ee51dae4145aadf

SHA1
d05005b2cd7fe4cd652b0d7fd1bdac2c19d51451

SHA256
105c54b6fe3f25350e92187467761598e4c21d62b1091b77d091f65f3bd98864

SHA512
bb6cb3853dd2a5d0701e20607d4e153ae201268dd2e5e2d06cc2df208b3b4dc50132a4ab428251b1644d2399fcc717662438d082ff14203387bab8794109d44d

Download Submit
/data/user/0/com.arcai.netcut/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads