Overview

overview

10

Static

static

6

d659be4ae2...12.apk

android-9-x86

10

d659be4ae2...12.apk

android-11-x64

10

Analysis

  • max time kernel
    124s
  • max time network
    144s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    15-02-2024 21:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d659be4ae2e65369ac6d5fc7e47d257f57f3057b6e335955593491aa1dcd6712.apk

  • Size

    30.9MB

  • MD5

    41a7c01981c361dd804160adedbb7117

  • SHA1

    0ae7e43a5a2f9625bc556c164f8b84bfb888abcd

  • SHA256

    d659be4ae2e65369ac6d5fc7e47d257f57f3057b6e335955593491aa1dcd6712

  • SHA512

    e513af5f392fb25a59e0a84d075ee67005c9332034de3a099d4c29a9573e713af0d978b639e485dc6fd7ed570adcb946532731b1e450ea6033063275bfa7341e

  • SSDEEP

    786432:X5IbkIIwjd1Zb+QZ92YEzfEZsWAvdhjucVQZR9kPpRCX+fi9gE:pIbgU9/aYEzT7vdhju3R9X+69l

Score
10/10
gravityratbackdoorcollection

Malware Config

Signatures

  • GravityRAT

    GravityRAT family.

    backdoorgravityrat
  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
    collection
  • Reads the content of the call log. 1 TTPs 1 IoCs
    collection
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.

Processes

  • eu.siacs.conversations
    1⤵
    • Reads the contacts stored on the device.
    • Reads the content of the call log.
    • Acquires the wake lock
    PID:4480

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/eu.siacs.conversations/databases/history
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/eu.siacs.conversations/databases/history-journal
    Filesize

    512B

    MD5

    240ecdc8acdb92922df41133ca6b82ff

    SHA1

    426605fd26e09b4047da7f9d6fb2b3d80abb1b56

    SHA256

    28b032b1f59aa6e7c0ec553b62d04371c586065e938c30642748b059b9c0cb9d

    SHA512

    bb46a7ec43041bf60ceb281dc95fd030d4683c28832ad8ce6ab5833d5e5cbb924dcd3335accd0a0c9019bd3e4e160f2aafad83ebd70d931b226059e81085e6de

    Download Submit

  • /data/data/eu.siacs.conversations/databases/history-wal
    Filesize

    16KB

    MD5

    dc0970199f6a67e420e80b4d26fa1a19

    SHA1

    22f9ff9c764d510f354dccfeb7763c83841e1875

    SHA256

    4158262a270bff37e867e13294ae20dce56db237cd8f9b4bbf2b7ce8111e7ff0

    SHA512

    148895a67b2c33db6e64464e16647bf0ea340ddd0844a9104aac744e4c4b2b69448d213e9b05a981a0b16cacad33314a4775f7b16f98c99d22ab04f429b6da9d

    Download Submit

  • /storage/emulated/0/Android/rcl.txt
    Filesize

    10B

    MD5

    7c2a3cab8ad4c31621fe279edb81eaf1

    SHA1

    4b1aa4e85a72cea923b03d416efbc2afcaff4a28

    SHA256

    deb9808860ec49ecf1afa78131e0ae76633f7d08ac59b77390562ac0c4d543b7

    SHA512

    9fa98e45164ce6b484ab034aa9fb10c0c944ada9c9484a5201b07e652e8529b33a9cff245f452e80b5dcdb0a0dfdf6e05a35276409d8b49bfaf80709f9c6786b

    Download Submit

  • /storage/emulated/0/Android/rcn.txt
    Filesize

    12B

    MD5

    34ee811ae758eea9793e72caa862b2e3

    SHA1

    ff5cb7d26f3e97563724df377e72ac10c8f7977d

    SHA256

    0df705f96b9378adea857c7a0e927671946a3d4b9b8a80336160fad5fd7a920d

    SHA512

    3f51d3da2cdef45d3463d10a447c5a4331b8909cedb76ef70e8a42c32be143259ddb0185f9b1be79ac306522227f814aaba2408bb55eb3b109702bc317c349e4

    Download Submit

  • /storage/emulated/0/Android/rsm.txt
    Filesize

    9B

    MD5

    1e7de2d153566aadd8805ce45f4a7276

    SHA1

    11cf298bccbeddf4f28bdd1906b969af64f398c9

    SHA256

    d05113facf29f65226276a41b33a4a11036b8951abff942d4105e034d1d3c62a

    SHA512

    63fb2bd129045ae591747d5b9b67ac9a91b509efd30e6007c32a64da5e0a8655e6c871f149b0390cbd372219f42aa171cbedcf56194adbde793b1d0ab2da85b0

    Download Submit

  • /storage/emulated/0/Android/scl.txt
    Filesize

    108B

    MD5

    dccdf597c047bafda843f99ee84ae5b1

    SHA1

    abd5514bb9503bf2e0ef3c68ede01c763816b6a6

    SHA256

    fb7c0f4875322b14566cf4c929062e977c8344c10d82b9ae9bf236886f92ff6d

    SHA512

    4e6a3e2cf45dc938576a717458b9ed74accf8d19540bc6ced695b1346c9a7145baa9d4a4a3239b4e04779236d885945824632f25b90c6abd89eafb160c7d9ebd

    Download Submit