Analysis Overview
SHA256
7aaa13161b53b60759c7237bcf7a8ec010d46254d4e4e21df9ad5ffffba43430
Threat Level: Shows suspicious behavior
The file 7aaa13161b53b60759c7237bcf7a8ec010d46254d4e4e21df9ad5ffffba43430 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Reads information about phone network operator.
Requests dangerous framework permissions
Acquires the wake lock
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 12:56
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
Analysis: behavioral3
Detonation Overview
Submitted
2024-02-23 12:56
Reported
2024-02-23 12:59
Platform
android-x64-arm64-20240221-en
Max time kernel
149s
Max time network
145s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.14:443 | tcp | |
| GB | 142.250.200.14:443 | tcp | |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.10:443 | udp | |
| GB | 216.58.213.14:443 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| SE | 185.117.88.15:80 | g1.topprocompany.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 172.217.16.226:443 | tcp |
Files
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 0843d6d209e52f9cda5da5ffaf01e90a |
| SHA1 | 62c9ff2421437f5ca61d7a4ab8592748bacc81c8 |
| SHA256 | 0e11758f38e351e0c9b8e09c31bf0db5b40faaba8d0a0a738bf66ca066169dc5 |
| SHA512 | 8aede81013bacb2e7ddb67b08536a33d225a315ab81b5634966fe12c3b53579baddb9d19971c5b9f69cddc7ec9d3447b388862dfe355f14ffbd33c49a8c18ab1 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 4641466f6bb85afe4e66b18b3145eb4b |
| SHA1 | 1c53d1d38c296c0d4c647d26a1aa22086915b861 |
| SHA256 | 1beb17b02d1639c2ae11f993259f2fd475eba848ad363317919fea9e9f91b8bf |
| SHA512 | f4fd3484715193042535536f2d78e6d0c370a9cdbfd09f91cf6dcb1f3f8cfecaf582c1d43bec8bcd6007fb921cfaee9e07f44504acae69d3e098597cb16cd0c2 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 04449da7cd6e1f3eabed341d160da437 |
| SHA1 | eaf40f9e5ae5a48d71ae2e563ad3737a7fd6fd59 |
| SHA256 | 7ad0d778e0d1e82164df98f1034144ebb0bbf9d9fa036eaebdaa7570606114c2 |
| SHA512 | 99d712b32a73a6b759583b3c4afdd41c7a60573f9bc4a840932cb7d356ac96cf965460fab57310047f07f0070cb32b2519db9c925a8436fd6ee9d2c91d23b013 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp
| MD5 | a25807da4477628fc7ce7eac3151c7b6 |
| SHA1 | a2b4216539dedd1d70cd9838584bcb583028073f |
| SHA256 | 517a0e40b86c366ec7963869d9b8daec6fe332b017edd431fcbc314c6869a90d |
| SHA512 | 709e9bad2e175965897b70aa9449d5566292ae1dfd7f5c83dbc4eb61082259b1783eaea4ebaf17f3309bfb985d0b1f2a2940428920eb3bcf7b192210f5f2c3b0 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 2249e1fbd5b1555a2047bf85f48375c1 |
| SHA1 | bca11a46e00a9b8604d3088cb8fb98d4595ffda1 |
| SHA256 | 6882a2d5293beeae9e5c0952ff86cf2e77b04b6662d594c77db99c67268a9998 |
| SHA512 | 673b9399002fa93011b19157a5ef6187b3d9a9a2237f737d23bcd1f53686dc4511b426958930fbe1a8579b2fa4e11c92c94a0735e2890035e4225857219e0131 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 12:56
Reported
2024-02-23 12:59
Platform
android-x86-arm-20240221-en
Max time kernel
149s
Max time network
82s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.103:80 | g1.topprocompany.com | tcp |
Files
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 7f07edbc148cd899091b62191e234295 |
| SHA1 | 01a79b79a36da81add4dfc0997bbe523bc7fc49f |
| SHA256 | b2a64f2b5f7d1358e14896af24979846a15090bb1038fe02d419e47a24472e5e |
| SHA512 | 5d73c9047be5797f08f432964c9e51ced5b2de8e88cbbf8bd8a171e7a34eb79cd07746421e518233c7578bc941b9ad5b8b36108f1b026c501fb543660d998a2b |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 4641466f6bb85afe4e66b18b3145eb4b |
| SHA1 | 1c53d1d38c296c0d4c647d26a1aa22086915b861 |
| SHA256 | 1beb17b02d1639c2ae11f993259f2fd475eba848ad363317919fea9e9f91b8bf |
| SHA512 | f4fd3484715193042535536f2d78e6d0c370a9cdbfd09f91cf6dcb1f3f8cfecaf582c1d43bec8bcd6007fb921cfaee9e07f44504acae69d3e098597cb16cd0c2 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/databases/com.google.android.datatransport.events-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation5520472231810515644tmp
| MD5 | ca39ab2bd65e2166feddd1096fa67738 |
| SHA1 | d35203e7dec25c2fabbac309ea8a31781576d157 |
| SHA256 | 14d51be46cf015316e5b79080dd994ecc026fd0201f508e9cf1e6fbb7be25b8f |
| SHA512 | 80b2333182e1555ed2bc8a3adc98190e926632ae6e8db428ed4df18354ea714b4f2f8d57b88cafe07ffb10d5f3b161d3b59e0620ff4578515027cea025c98ad6 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | fb102089752c15ea46fb8ec429fa24bd |
| SHA1 | 6af07fcfb2d208a3947eeaecd0ec424b0d29063d |
| SHA256 | aab3f1a3f51c735f2962f0f6c2d9a54cbdf8845a77c8141b0f1f276385634e60 |
| SHA512 | aa0c927419543cb38876b17826cd51d755c3bc8cafed70381fd143064742390a622eac5bb83501ce6ccb42f97eed4b731a454cd4983e9808706c4b1dad794072 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp
| MD5 | ba884baab8a54a24e6e322811772f498 |
| SHA1 | 605bfadd16c33ab2a8048692a51848234cd8c5e6 |
| SHA256 | f4f264db068147287ac5e8bec58148f716e51c574be0d91c5d059ad237ebd2d9 |
| SHA512 | df8acf4b9b85ef4bc14502c591523dec817b8f5cbc6bf6d49ed9936e1df42944552775a896fcbdfc7a61707b3af25012346fca53582b3f4131dc19a886680ebd |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 6461d1db8ce33aea4c7677d725791ccb |
| SHA1 | 13fa8a88630434eff68b2d39961eac891d46d3ab |
| SHA256 | f039dbb76c1079b52e450fc23067521cdf5def23d66d3a239430747ecf37cc21 |
| SHA512 | ef6582a46d5e47c485a705ceb0ed387676ba7049f51323f3a50ccbb147a0770fa4f6a3c4b6e89eaee10da7321fb860c48d3a0135c733de3f072d1beacb08234f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-23 12:56
Reported
2024-02-23 12:59
Platform
android-x64-20240221-en
Max time kernel
149s
Max time network
165s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.169.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.102:80 | g1.topprocompany.com | tcp |
| GB | 216.58.204.68:443 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 7f07edbc148cd899091b62191e234295 |
| SHA1 | 01a79b79a36da81add4dfc0997bbe523bc7fc49f |
| SHA256 | b2a64f2b5f7d1358e14896af24979846a15090bb1038fe02d419e47a24472e5e |
| SHA512 | 5d73c9047be5797f08f432964c9e51ced5b2de8e88cbbf8bd8a171e7a34eb79cd07746421e518233c7578bc941b9ad5b8b36108f1b026c501fb543660d998a2b |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 906a3d22fc7bbabf46103bc7f19e3cbf |
| SHA1 | 4df4edafef55c7dcd50e7867c7831b76fe5e463a |
| SHA256 | 3e22f53f911c904cd607f1fe7d3c4c151c56d86cf25f9b359f931633e818daea |
| SHA512 | 7a933f7081b4180ac02969dcbb460cae375edcf3584183a4cbf6629509867b6418b24dff4864c2b2b499a4cfe8dadc3cfd1a60e9a16d385f429293989fcbcedb |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation680346759838925797tmp
| MD5 | 412d7ca557749864f41f221885ebd1df |
| SHA1 | e76ab001fce083dc4bd09cd905d19ab23ef06eb0 |
| SHA256 | d5a6d2b37d7f40f873eb40d83c380eb3fe97a2e56e932af005fdb1413ebdf23b |
| SHA512 | a4714dd575c48371e7580d36b1432f15ec10a741c5f8bc69e89d9c4546720d0acd6f733620d12597fc5c8ea2be623d2345888b1904c349a7e21f6e156e41f9a7 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 7e81bd7b80b3d6fcd85aa6e06b1c0682 |
| SHA1 | 17b6a602abbe949e220b5444fea1302c3a619c33 |
| SHA256 | 9d4885991252593e52fa1c013937ad25c6f27107d52395ee4b6be6d639e1e3a3 |
| SHA512 | 78f66db0d683268856956b366246f074d24f2cf01a90cca77661572f235f1577a4770444e08f76488e8da2b07d1495f76ea0912cf5556787410f5654779cbba3 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp
| MD5 | f146289fbdb8c16fd31c9c45b995ad8e |
| SHA1 | 5466d6e32d5f4b81684f3713dcc427d9e3d4b07f |
| SHA256 | 707f8c5a384f1893e43b2304fbb58050bad770ce387469cb039cb25ba0fcf2ce |
| SHA512 | 088cf7be9b6be5c04d3f9b32deb55a6475815cf84d741bd8db109c18686e294a2827b0e4415662f08e8316a93cd23ef874c78f968ae4f9bd9b9f4b79bd5daec9 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 51d427939f89fd88070dbaec333fa88a |
| SHA1 | 56b288127dbf57b03da9c62f4275d161afd15b1d |
| SHA256 | 085d03a2fd6f457ed977caaf4bf52a4e6f5b6e029f87a0a4f3be1694388115f7 |
| SHA512 | 31e9357563fae3f812eb23741c2f672745d9a6c2771d0995c95719ad1bd1ca6f3fc84bdcce46befb8e07c7dc819ff768cf125d8a4d5480aab23eeb174136126b |