Analysis Overview
SHA256
eede8113fbaae0baae24db465a8878da749a05e4a6c45c3acdc6924eb8e39a7a
Threat Level: Shows suspicious behavior
The file eede8113fbaae0baae24db465a8878da749a05e4a6c45c3acdc6924eb8e39a7a was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Acquires the wake lock
Reads information about phone network operator.
Requests dangerous framework permissions
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 12:37
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-23 12:37
Reported
2024-02-23 12:40
Platform
android-x64-20240221-en
Max time kernel
153s
Max time network
146s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.102:80 | g1.topprocompany.com | tcp |
| GB | 216.58.212.228:443 | tcp | |
| GB | 216.58.212.228:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| GB | 172.217.169.14:443 | tcp |
Files
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 0b7611bc34e51c9c8f538b2453d835b6 |
| SHA1 | 7c53a2440528a5dc05a884482129cb3bd203ce97 |
| SHA256 | c4e2ba2599afb1582b93145ba1ac2770d2518fa9c5b1cf8cd11634857a17ac76 |
| SHA512 | 631febc3971a1f8cfde56d2cea50cea8d8a0de6c44a30a2e18568ae1db20509421796c1b2c68149965987c36cb5863d3a5daab3cedb73b615d4c01632d8ea5b6 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 00ecc57e450c873f131fb255fd4741dd |
| SHA1 | 150d4237ff4c3ec1a3e3acec3a8432b5b0374cad |
| SHA256 | 3fc760859346add5f2922c25346a3bc7e767553e7499f4ced5c025a2e9d26fc5 |
| SHA512 | 2a8a4101b89af467e497411192fd2628b7e42eac7810b9edf0f645abfe2e3fdbb3c03912567c05290857cc1d05ba3bcc7366af14909ae3f1aadb845140487bbc |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation4931196862924586321tmp
| MD5 | 50b4bf088643c8efc1063d4439f48d3f |
| SHA1 | a89257b4877a4756becc99fc09455148e2c42529 |
| SHA256 | eda0310d2b7b57e723184fbd5d7f6e41fd739db84ea14b6fbff35ef0d34b048c |
| SHA512 | 5a1f1181acc8906706e776bab7d109dc8343aa596deaf3fe8934d17c2c9c021d4735495297eb607a72847d337b979139f802fe5c78d1055eaa40c84adcec8783 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | ef838e25a81d1a214ae8bb96cc08e10d |
| SHA1 | 988ecfa99aa1b1303ca2bf7a7fc42d7062650202 |
| SHA256 | 4235967c09d98a2fa2d1e0b63c4906d968c16d11b60a19a8211c61c0d488b52d |
| SHA512 | fea72f6d3d6581b282f5c2bef7a55b564d2e3a302f3b98864411d2d4dec05b85db0a1eb7d834bfecbaf9f1dea07f0b06a774022b0d449c14ab5d888831880465 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp
| MD5 | cb4f283d8c85bdbcd5ea47b5c6c99c0a |
| SHA1 | 391c1db24e5aa9807b30a001ae7cbd479e65ffc7 |
| SHA256 | f3b53ab75aac01ecdf8e7da8c25793e6c47c906ed064decdfa8922158319dabb |
| SHA512 | 03d3cf16ede6cd70a672a69128c56b6cc4492f86c70cc8b39016a19b0627cf155aff0f79ef4c8b3715c3a4d781baf0baad19566f6f8fe979b89446da91b4e100 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 62447ec1645f6c717e6529e3535eddda |
| SHA1 | 2a92608a9d03cab40a7163c9c64f36c6ae3f2789 |
| SHA256 | e58e439ddafec5d881ccaebc1ce8652cab4dccda4b0dc419b34ddf05c50e877b |
| SHA512 | c3e03ff43fb94d92addda9f02a380652f71f03496b55edbb975a734ced9ba80b96868fdaf1bfd1bddb959df65ac627b920afa950bfc3d96abedb076ef3048e95 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-02-23 12:37
Reported
2024-02-23 12:40
Platform
android-x64-arm64-20240221-en
Max time kernel
148s
Max time network
142s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.234:443 | udp | |
| GB | 172.217.169.46:443 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| SE | 185.117.88.15:80 | g1.topprocompany.com | tcp |
| GB | 216.58.212.228:443 | tcp | |
| GB | 216.58.212.228:443 | tcp |
Files
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 1d885e72a7527640b31d9da14007d2de |
| SHA1 | abce18b53a4782f88f40f1de9a8f840af480ff90 |
| SHA256 | 6318b3b3913ed1dfa0f5d1d838f7c64c6478a9dc1ed933a2761ac1f4acf65bb5 |
| SHA512 | ad182104fb1403f261dfce6516304d8c0d334c66683ab6f69663b44afd24d1a0eac812e2b88b95e940c4eb2bb2228ba0b9739564a5569d53613e329c6240fba0 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 26f9b16352745ed05d1beedf00054634 |
| SHA1 | 5088779ed4e5490199f195b219549104258a4372 |
| SHA256 | 118d2b3d82e7502f569f168dc0c21aa4d7646342939455ccc1f63cc8de96a6b2 |
| SHA512 | b5b943ff57ae59912c4d431dc467adbc85fe0d331c13cc1747e1d73248d8d2a827109039023cd72d99185aa479544188961da5418d549bb60afa50a766b87b12 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation4856769271142654038tmp
| MD5 | 5da954968c983cd8b4f511720303c40e |
| SHA1 | 89a83013e282770428da5b9143e864faf0a4e415 |
| SHA256 | 23157791a536ddcef4bdaf562198fd9c53fdf58bae567728b6e7e77011f6bd5e |
| SHA512 | 15d7c813cca870b3908fa493ce767cba249b6ac054c1f282983258f10bb0615026e4785573c60e1e1587dc9667afcf588de09e01100dc14299c2314653e36eff |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 12:37
Reported
2024-02-23 12:40
Platform
android-x86-arm-20240221-en
Max time kernel
147s
Max time network
137s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.103:80 | g1.topprocompany.com | tcp |
Files
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 861a27833e3ececb85b18e7fc43c51e1 |
| SHA1 | b229c8a039073b523f8f9949ab430e910728d7bd |
| SHA256 | a3ec7748a5b1bb5b053a80e0276b85e1b1203be244151ec5c35be8f5e6beaf85 |
| SHA512 | da537df9ce8144a5d98342c802ab1b006aa1e61f1d251f214c1bb70fa25d7e5947594260206b5fb2ea1b6e261e017a2305ea12ec0ed8734ab87dc3387297658a |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex
| MD5 | 4641466f6bb85afe4e66b18b3145eb4b |
| SHA1 | 1c53d1d38c296c0d4c647d26a1aa22086915b861 |
| SHA256 | 1beb17b02d1639c2ae11f993259f2fd475eba848ad363317919fea9e9f91b8bf |
| SHA512 | f4fd3484715193042535536f2d78e6d0c370a9cdbfd09f91cf6dcb1f3f8cfecaf582c1d43bec8bcd6007fb921cfaee9e07f44504acae69d3e098597cb16cd0c2 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/databases/com.google.android.datatransport.events-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation4116522280617025629tmp
| MD5 | 47078ea6321c9f90e7d190bd5b5a12a8 |
| SHA1 | b32c87207e363207bad199b46d35804ce6a76737 |
| SHA256 | 4019b86ec8f938cbb3adeb86b177b16c9ad7c2211a099e11ef50a159022302c3 |
| SHA512 | a43ef43146d6c34709ffd45a0695366a09ffb4e25a2bd42531513a59d1c5fb486fcb09970282423b5d5083baf5589092b3672879b80c5d14289d77f7eb30795e |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp
| MD5 | 69208a12caa03c8b156e7dd374170746 |
| SHA1 | d02787c9af9eefff939e29e682d69e17d0322bc5 |
| SHA256 | 4fdb50a8fa95df80df5e81416b15e8ebd4cda152aab51c32a1a8de59de2b5972 |
| SHA512 | f5292f4f4715c935bd874d53d6d44cb90feb8ed4b0e6a0948632815c94119865d1c34b33af957d88ec87b803f0290bec166a3792a357587c5bba27f14e90070f |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 901eee076fc28b878c83425cd0ce89d4 |
| SHA1 | 2657d83bc4e3aa2662cf492793a4b03860a1f919 |
| SHA256 | 38354d58bba6daa8ba04503354117b95186268797045512c8ac98070dd7ea4bd |
| SHA512 | 2823f488ba3b1b8a699a3d438dfe12de93bf2e1b5dc14e2e296e6eeae4dad54c755409f6577af6635612606689230e2d44d7f88b01a9a4fbaa716468d5a2af16 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp
| MD5 | 381c9d43bf66dca14eadaa7062e1bb71 |
| SHA1 | bf37908f6bfd04b2afc6c8b7d1e95ab1a34b1388 |
| SHA256 | 70e0bf4663278d460fec2b6a24100288286a7d2e1eaec33a87f7d05900a9fed3 |
| SHA512 | 2e648daf96bb36e14f5b27adb10ecef60f0b0a525404af7234f480289a484c88f5cf434e169e788a651942edfb9fa4765cd62f36aab08df93365e18050a9537b |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E
| MD5 | 70ef9e4084d69a5e005bb66f970c8635 |
| SHA1 | 81f04acf8087fa6f64867c79598bb463bc698f4e |
| SHA256 | c751598e46f21932b2b353785d8459e7932d7104265b6cac13f6a816cb8ee0f9 |
| SHA512 | 19b5fc02ad5446bc23b0e8941c4cf23d711517070d5502a92faf04078cc179765e2b390a509f07bed4dc6abb710750443bf67f04c1824fb616aa4dbe14e11211 |