Analysis
-
max time kernel
124s -
max time network
144s -
platform
android_x86 -
resource
android-x86-arm-20231215-en -
resource tags
-
submitted
15-02-2024 21:06
General
-
Target
d659be4ae2e65369ac6d5fc7e47d257f57f3057b6e335955593491aa1dcd6712.apk
-
Size
30.9MB
-
MD5
41a7c01981c361dd804160adedbb7117
-
SHA1
0ae7e43a5a2f9625bc556c164f8b84bfb888abcd
-
SHA256
d659be4ae2e65369ac6d5fc7e47d257f57f3057b6e335955593491aa1dcd6712
-
SHA512
e513af5f392fb25a59e0a84d075ee67005c9332034de3a099d4c29a9573e713af0d978b639e485dc6fd7ed570adcb946532731b1e450ea6033063275bfa7341e
-
SSDEEP
786432:X5IbkIIwjd1Zb+QZ92YEzfEZsWAvdhjucVQZR9kPpRCX+fi9gE:pIbgU9/aYEzT7vdhju3R9X+69l
Malware Config
Signatures
-
GravityRAT
GravityRAT family.
-
Reads the contacts stored on the device. 1 TTPs 1 IoCs
-
Reads the content of the call log. 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Reads information about phone network operator.
Processes
-
eu.siacs.conversations1⤵
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Acquires the wake lock
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/eu.siacs.conversations/databases/historyFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/eu.siacs.conversations/databases/history-journalFilesize
512B
MD5240ecdc8acdb92922df41133ca6b82ff
SHA1426605fd26e09b4047da7f9d6fb2b3d80abb1b56
SHA25628b032b1f59aa6e7c0ec553b62d04371c586065e938c30642748b059b9c0cb9d
SHA512bb46a7ec43041bf60ceb281dc95fd030d4683c28832ad8ce6ab5833d5e5cbb924dcd3335accd0a0c9019bd3e4e160f2aafad83ebd70d931b226059e81085e6de
-
/data/data/eu.siacs.conversations/databases/history-walFilesize
16KB
MD5dc0970199f6a67e420e80b4d26fa1a19
SHA122f9ff9c764d510f354dccfeb7763c83841e1875
SHA2564158262a270bff37e867e13294ae20dce56db237cd8f9b4bbf2b7ce8111e7ff0
SHA512148895a67b2c33db6e64464e16647bf0ea340ddd0844a9104aac744e4c4b2b69448d213e9b05a981a0b16cacad33314a4775f7b16f98c99d22ab04f429b6da9d
-
/storage/emulated/0/Android/rcl.txtFilesize
10B
MD57c2a3cab8ad4c31621fe279edb81eaf1
SHA14b1aa4e85a72cea923b03d416efbc2afcaff4a28
SHA256deb9808860ec49ecf1afa78131e0ae76633f7d08ac59b77390562ac0c4d543b7
SHA5129fa98e45164ce6b484ab034aa9fb10c0c944ada9c9484a5201b07e652e8529b33a9cff245f452e80b5dcdb0a0dfdf6e05a35276409d8b49bfaf80709f9c6786b
-
/storage/emulated/0/Android/rcn.txtFilesize
12B
MD534ee811ae758eea9793e72caa862b2e3
SHA1ff5cb7d26f3e97563724df377e72ac10c8f7977d
SHA2560df705f96b9378adea857c7a0e927671946a3d4b9b8a80336160fad5fd7a920d
SHA5123f51d3da2cdef45d3463d10a447c5a4331b8909cedb76ef70e8a42c32be143259ddb0185f9b1be79ac306522227f814aaba2408bb55eb3b109702bc317c349e4
-
/storage/emulated/0/Android/rsm.txtFilesize
9B
MD51e7de2d153566aadd8805ce45f4a7276
SHA111cf298bccbeddf4f28bdd1906b969af64f398c9
SHA256d05113facf29f65226276a41b33a4a11036b8951abff942d4105e034d1d3c62a
SHA51263fb2bd129045ae591747d5b9b67ac9a91b509efd30e6007c32a64da5e0a8655e6c871f149b0390cbd372219f42aa171cbedcf56194adbde793b1d0ab2da85b0
-
/storage/emulated/0/Android/scl.txtFilesize
108B
MD5dccdf597c047bafda843f99ee84ae5b1
SHA1abd5514bb9503bf2e0ef3c68ede01c763816b6a6
SHA256fb7c0f4875322b14566cf4c929062e977c8344c10d82b9ae9bf236886f92ff6d
SHA5124e6a3e2cf45dc938576a717458b9ed74accf8d19540bc6ced695b1346c9a7145baa9d4a4a3239b4e04779236d885945824632f25b90c6abd89eafb160c7d9ebd