478b44e3615102769dbf4bbe727003be3113139b1554d3c9bd46d9ef60323eb6

Analysis

max time kernel
149s
max time network
160s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
09-02-2024 09:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

478b44e3615102769dbf4bbe727003be3113139b1554d3c9bd46d9ef60323eb6.apk
Size

10.7MB
MD5

33f6f371f32b69b59cb949e0077511ed
SHA1

0c72cb9102071a9de16ede7701e567f8c64d7c2b
SHA256

478b44e3615102769dbf4bbe727003be3113139b1554d3c9bd46d9ef60323eb6
SHA512

a92bfd80f1a4256ea2334a91e3fe35680dc83304a867c7319b963059ed6d525754cdbea8a73bb6a22df9cfcfaf47110c42959b77343742819a3daf0faae25880
SSDEEP

196608:zh+5cu64PQvuEa1VGq6kvBNsOf3wR8RlO+7gfZ+lBjBGYXUxhnOpfFDHOM:zCL7oxhqlwo3wMlOSW+lhkpheFDt

Score

8^/10

evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service 2 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

Processes:

com.e_mining.cloud_miner.e_miner

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.e_mining.cloud_miner.e_miner
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	com.e_mining.cloud_miner.e_miner

Acquires the wake lock 1 IoCs

Processes:

com.e_mining.cloud_miner.e_miner

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.e_mining.cloud_miner.e_miner
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
evasion

Processes:

com.e_mining.cloud_miner.e_miner

description ioc process

Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS com.e_mining.cloud_miner.e_miner

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.e_mining.cloud_miner.e_miner

description	ioc	process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.e_mining.cloud_miner.e_miner

com.e_mining.cloud_miner.e_miner
1⤵
- Makes use of the framework's Accessibility service
- Acquires the wake lock
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4263

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.e_mining.cloud_miner.e_miner/databases/OneSignal.db-journal
Filesize
512B

MD5
9e085f423b02ac6a04aff9e78b0baf1e

SHA1
31cc4794b083969751a89c00c368be4b07357583

SHA256
3e973ea950f1d383100763dfe6c1a389a68070d3582b1d9c0c1f8b09643cc2d6

SHA512
a371035b63bf332549e6175f6554833fd70b56eade927f5096778782e34b0e90aa8acc0033cdad2416473cc62f13c9b3c77f4ba8b4f58cac2f3e0fbc42257f26

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/OneSignal.db-wal
Filesize
16KB

MD5
d9065b2a13a4f8e5aea6aa23c6f40af0

SHA1
624a29a14a20e0529934aa872df13d6f225fbc29

SHA256
5de7a23098d82941a0a113c17c3b3a95a368c8ec4e0d60bfebcda32088ef63b3

SHA512
daf46bac21528a5e19a294bd653fd744022cfb53988e684f39faf8e52a5a861f062e3b7185c4974b3abad02887458bafb21e29c173813fd3f3bca25fec91842d

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
303d256f9ecdd7c7835a7c1b5e73c756

SHA1
7422fe911d81230ce0c27448c7900b085a5c33b1

SHA256
347c41b6b7aac9b50ec1e99d2af22ec8e6b0b92c1ec1add0d9cbe8908cd623e9

SHA512
3bb06f5b5c8aee8b3de44ae40b2546d911463e146d9aaa5113bf569512fe90db20a9f4f1a119866e9a0de7d635eafc119af33b7720b945a8031f8609a35f128b

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/com.google.android.datatransport.events-wal
Filesize
16KB

MD5
5a0fbaa37fd0ab37e53cb903f2d20409

SHA1
b622e638d22d7f010c2f5fc2fa597db7540ff312

SHA256
89e9c2c9baed045ea52ebc41be6908b8db7fd3994b1882d5db71d4ab3e6ccbb7

SHA512
5e4265e57d56ac0546ffbdc6eaaeb74513c0d15e40b18d5f7ebac662e6540fb91b5ec0127f19f7d26fc636e251bb0239a0911e9b7e774784bf5cd9cb97de9791

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
1a424039222feb36eed070550aa4ebfe

SHA1
017fe742c72660ce70dc6737b8f9b92a6bdb6bf3

SHA256
1e2e57aec46e3f6eb34e3a5967de0acff6e47cee94ce3e8628bbb64c5906e5fc

SHA512
90d6383a0d8f7729fe5f01e7d5418c3b9c6cbc9c7e506ca20ad5448ecbffc360473b0838ce821bce33bdbeafe66dedcb576e6ea69966c303fff79365fb0cdc99

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
a4c1475004c33099bfd8e3852fc20933

SHA1
3088cea16812a036335a5d0f529cf0a47f5a65a6

SHA256
b12d0c7df9b6dfe6e94ff01dcf041a9357f9026c42718500ca76f27375ef4d44

SHA512
302b15475207b921d4301ff54b2e0217a01b08b0943358b6258ef5aeb44fc7cd9fdc9a11174b382b2a0b1ce1a251ad95f1d58207517d2444f51ab45388c1c772

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
7b78fccccecca07afa5801ba42bcebdd

SHA1
a24281be1d3381cae0aeb1b24bcf31966964e1f3

SHA256
6a8dee5c38332ce0cfeeaadfd619b5b66f477de7eba5958172b6f4e65a7b35d5

SHA512
641dc5b5d90c2465d2543794ad34f9a4e3590f7dba912de0664265282d4162c69e2f8af78f6c0e371109e0ae335bc9c1afa920d7d63b0d81913b290b9c3e0523

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d03671b348699a65d19fe78c718a4fcd

SHA1
02a8f9ee1db5ed82c25c02da150deea34c9c874d

SHA256
70b86502d716afcb649828502c47501e85cc105a9594a0b0a774ea736c50c47a

SHA512
68d72bf64802c445e0344d38e443604a2a9f70cc92d69f09cfe86e665e2b82cda2a1dbece33b1a0aa30787e073a5c6b51f7e27c0ade0ced0af0c1c5bf8209369

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db
Filesize
16KB

MD5
db12cb629a77ba7ec95c65b80e5c2158

SHA1
32f45dd026431cae9dbd85d7c6d529ee4887c0c7

SHA256
eb3495c5654d5f0bfface49afffdff7ce569b424458a5b74d551b7abb8e6064f

SHA512
ef90a8965d84d4514f01058361e60064f9927e41e47138ddb4b2ec5bdfe47494c13feac1931d4f6a32cf0f42e0620e9c2c7114f58ccff1c9f9df4305d4e9e9b9

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
9ff8c23cf97afae2e84854af4cc1ea2a

SHA1
4e6476c3ef47a197ea917a45f68c3776b1366342

SHA256
f41df0adfc3bea5a985159a05e9ddcb6b2da70cdf3e241ec53adca17ef962e33

SHA512
3d7e839bc7b558dd36c6dba2305277ed98367c20305d72befbf389a4f084b8a98167a2184289fd6ac4416b204e1cd1587470a430b6838352d5a22e7a7360dbe1

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
8ee1512bb78fcc45a36286f567862c36

SHA1
8b6a099e99b52119dd453a7457764aabdd5d2bea

SHA256
1c64b9e21e369188a589a6c8de3efe439983db1f1a509e63ac610353fdf1c853

SHA512
f8392fa4ccc050baee34051fe123a9e02f912ef4d9b3b13ff46cdd8a9b766a9123f6a34341507c439aeda4a8f08cd7588aeff7b2ccc2f9494a06442ab9d3c348

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
9141c22867c12bd6eae5202a6027b32f

SHA1
594a005b736c4ff3d9c207b73a99c521107cc57c

SHA256
687502d05547e6689cad5ee9850779c7d0d81ebccad1fcdccef8f4d89273c104

SHA512
3176021a09dd3e108a14005668436fba288ff795882a50c664babaa0b875e1d03581311bea567347fcd3b515bb436a94ecd61e6a34c68d2740c2855a4d58777d

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
f5ba6ae66d61ce6a6e60631ca68f82c6

SHA1
80df1762f532ba8206d584ebb4f9f190beb17fe8

SHA256
844865cd6773d16958ea543459df5eb3b41004b36eea8b53ceffd0537903e58e

SHA512
eb8beea18cc930db7f822051ac36a1ff4be550ebf024ce726d2e0741810177ffffcc106caa35ff9d05c23498202553ec611229be46cbcb0f969557b9c87ef378

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
4e707f2a55e4c6a1f5192698deaab4d6

SHA1
3c7d4525f20aeaa3767b57e27f5dc9da46640d20

SHA256
d852cfe03be0ea030db28661e2b308c1f5694e201470f462598c3a21e9487531

SHA512
62908d7fb783689ccecdb557b08cead91bcf041febf669f29a796dbc7753fa16dfff009749b081063563b3eab1a17d9d0b314cd2d1606c647348db864394448d

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
639550aa155f822eb45f81ba11b72123

SHA1
6985eef3c84de5f4bcc1df5ab17dac0cb62d7c07

SHA256
fb3e5d3cb93c1091fa063776c6c2d4d23cfe48b7c84fa99079dcd7f5841a1c82

SHA512
5db480ef0a1a63be5bb5863c7fd2f3f33805714333382b6def4bcb3e8ff1573e374228544048861825dc9191cf09af7f4da93716eb1c528f875d7117991c901b

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/files/PersistedInstallation5301590073418954792tmp
Filesize
90B

MD5
f6b6a8d704b1b62045de9bd9717d6638

SHA1
0e9062972560988bfb42df81c2c6ee9a6e9f925d

SHA256
135c0d800d1d61cd49704858baca1ac9f482c0ca9e085f95bbf4b093566220e4

SHA512
fb5efcd1d8800d9af2bef6a75a9b347c12c41821f8c482a8fc9e1d4ff0697b7296da683c626654bdbb081eda7e9a5457b355674e2229cc731df2d97f56cccb33

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
f2e2ce52207d27c6eac1af9c4cee029d

SHA1
7d99f83d06b6c81cf7d2474bbf7cfd30635673b3

SHA256
e804e36c29ca530a237af772525e678dd6ea08ac2822dba7f8c57a99f60af1be

SHA512
4e4bcf61aed300dcea546ec8cb7d09918fd5a3725d678a3f597de67d8a656d25c79a8011358170006516f845e4b657fee32fcb84bf74ff9ac6d65c708a57d90e

Download Submit
/data/data/com.e_mining.cloud_miner.e_miner/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
fb1273229406893134d6a5e1b9877df5

SHA1
5defbdb43086d88baeb35854640b41b8d4c5cfa5

SHA256
725b149a16a8d0f997467c538ef743813da445b9c2a576221f7cd282422270e2

SHA512
af141c586854542902cb6f23e984c4800e632ecc8c1c615af17d412e1dbab9b29df8aa1cad252240100b799bf81c0f7038c0e32d60c6040447db58a0f13ba607

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2024-02-09.txt
Filesize
24B

MD5
08b32050b05f06ac2733d8f1ff322ef3

SHA1
e0341f07be5b3d7c7fc80c749f7a23ff0d6a5a57

SHA256
55f4a7871adc87d9c8861f2e111c9c77231f48323bb231e1967644881e3f152b

SHA512
f697fd94a260f8e223f70d902e3812f1046129ed6a79b011cb4fb1caa75a8743802cb92f911a2c706bdd4d56969141e9ca6235a6ac8e22768152004d6915db80

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2024-02-09.txt
Filesize
24B

MD5
72608da9108faa8ac08989db671b3e46

SHA1
2120c7bb162c7c235a3d8eadc4f69af991ab5676

SHA256
c8334ed3175ca316ac9e076884f9581ba91b0fb4e3b508d1cf8b45caaf7ae70d

SHA512
72cacef6c650c39d4f5b3b753969a760f84db1fac953ae739ca6d778abc32b8041bd16d38e8b45840ca84282a103b88e3fa4d2e122f1603878af4f1aac9adb12

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2024-02-09.txt
Filesize
275B

MD5
e32c0e3f2a9254cad177d14aae9b8cfc

SHA1
5833fcae0d7dc0f175674fa051a38c77e6e2ddea

SHA256
835f40c6526ca4efa639b6f0441b7821fcb6e37de50683079dbf9c052f09b114

SHA512
953f265a1ea5f4b0c53bb48af684bf8f01dc849d117a66ba6e6f4eb95a8eed7a3eff52287cdcd9c7ad8de046b190e90995f356114fc074f58db6c376fc0d38cd

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2024-02-09.txt
Filesize
32B

MD5
3b7dc0da9197f4cf13a23e5430e3f6d6

SHA1
d5b4659ae5f44ede058ad3e5ff3c390fd9a5440a

SHA256
30d633a5ab44ee938247bd5f9f10c6718b9fcf76606fc2f5e07dc0a5db9a0506

SHA512
670728f2e1b5be1cfbfe81fac682dcf45227c3e8984af4a18b93b2835e38498424338550d336a52642a9c910e61df98316921780e5d493b105e1310d8b3857a0

Download Submit