Analysis Overview
SHA256
63824e4ff79177079f0d7e0fa20afa6dfe7e95609b5b9e6313e86a8f00930744
Threat Level: Shows suspicious behavior
The file 63824e4ff79177079f0d7e0fa20afa6dfe7e95609b5b9e6313e86a8f00930744 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Requests dangerous framework permissions
Acquires the wake lock
Reads information about phone network operator.
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 12:41
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 12:41
Reported
2024-02-23 12:44
Platform
android-x86-arm-20240221-en
Max time kernel
148s
Max time network
130s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.boomrocket.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | g1.crunchstation.com | udp |
| NL | 217.12.201.177:80 | g1.crunchstation.com | tcp |
Files
/data/data/com.boomrocket.nearme.gamecenter/files/d47e8544.dex
| MD5 | 471495ef091ab846c109cfd774fb8185 |
| SHA1 | 67c075d3a5c9181d8be975c4bb0f8fe0efe9f525 |
| SHA256 | e41b8ab44c3b73371ad0c0c4765c341191dbad01effffaa4076949df91409014 |
| SHA512 | f49c15e9931215e4fbbf148fd7afcd40d94f492154e606ae40b495954988cd92c07a3f08bd5324fd0d0256f56b290422360eceacfeeed85872909953fbc59947 |
/data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex
| MD5 | 474a809a7378ca10ca901339cd56e3d2 |
| SHA1 | 04d2109be3fe76cb6d00653b7c1d5ffed0718c64 |
| SHA256 | 37da0406f9545b91044b9822949b970372ec1cb27fd3764728daee3f9c318b36 |
| SHA512 | 9b8229df9fd1befd5f8f78c1d17899da9fb103152538168c57ef064db3f8ad5796c699c1bf01ff8631bf000a2708e3513cf74f93fbb2ab8765093f603887d9de |
/data/data/com.boomrocket.nearme.gamecenter/databases/com.google.android.datatransport.events-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.boomrocket.nearme.gamecenter/files/PersistedInstallation2400669876476970272tmp
| MD5 | 5a3bbcac50dcf9d532ad609483373a26 |
| SHA1 | 2a9201769a6edf13e06455e68ee2a160940cd614 |
| SHA256 | ef3ae24f899b5f88d5dbcbdee8d6b56d241b0e371c13d7c806a795e0c1245bc0 |
| SHA512 | bb4c3ebfca513a83506a318b29ebe05d92c2d39600ded7e329ae906ff3c20cadc6d0be4e789fd93cc983f6ce1edccb7881344fd95327fa1118bfefef1dacfbe9 |
/data/data/com.boomrocket.nearme.gamecenter/files/I
| MD5 | 46746e2f616de808cdc573b5ab3ec5e4 |
| SHA1 | 3eceed80acc46323dab6ad0df0ff68e04cac4c2f |
| SHA256 | 9b9a33c6cb07b45fafc0ff578db9ed9a1021ee77c62abb434fd37baee8bd49b4 |
| SHA512 | 24346124b7fd0a3f6fdbeb6de009b2ad061c1709c7fe978a683a3b636be5ccca80e0cca8a53c5d17c95651a19655993f54682113b6d9c9690482cbc1b531b006 |
/data/data/com.boomrocket.nearme.gamecenter/files/Hg
| MD5 | 28d5e02fa8cc8293a9418690b9899207 |
| SHA1 | e4e8e1dbbba0d2cc83c2d6314244ed0f6a5bd765 |
| SHA256 | 2197179d86a767debf90ff97e5b3e62775334bee7c08c12f5f90f38779936171 |
| SHA512 | 79f409ac2fcc3b691dca12c57c537268ad728f1dab4e363d1f200b59f2f8b4ac85f0eefc465ba7faadc21f8a9b3321f137df9fc9ea8a4783e9158f319af940fd |
/data/data/com.boomrocket.nearme.gamecenter/files/Hg
| MD5 | 70fc6293004f8bd82e2101ac3956c6ef |
| SHA1 | 71938164b3f7f956176ea178aa03b50a24a65306 |
| SHA256 | 1cfa2049974c73c39d8c6155006b02aaed365b4022ef1a047386c25f52c67ebd |
| SHA512 | 3222dd9bca64477846fc1d688cee05d6eb806cf2604f56558e10437118a554ca7d806e9638529b7c1583dc20fb1e85efefe6c24d14567c74cb119f5884759284 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-23 12:41
Reported
2024-02-23 12:44
Platform
android-x64-20240221-en
Max time kernel
154s
Max time network
141s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.boomrocket.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.178.8:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.180.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | g1.crunchstation.com | udp |
| PL | 51.75.61.102:80 | g1.crunchstation.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| GB | 142.250.179.238:443 | tcp |
Files
/data/data/com.boomrocket.nearme.gamecenter/files/d47e8544.dex
| MD5 | 6dd2f4e86176fc532da46fde140def29 |
| SHA1 | 67d20d1dcb6317a07d1aa5cd48348c6b04406ca8 |
| SHA256 | 2648d2c926ff66f96de2613c7eceb43ca6264c6de11a8c5920d5b43d0a081d67 |
| SHA512 | f183088b314d24ea976e44cd48cd105611961471aedd9ef96e8eca1e591322bb931bbae05bd4e4ecef419c522901465b2fd1d893cb19741b664fe63ea117a087 |
/data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex
| MD5 | 19261deba0661bec838eabba1ae48c25 |
| SHA1 | 855ddc33da1ad42f433d0103c6a4140e733709de |
| SHA256 | d9095066e5e005b43a03f71c55751523693c92f92b411de54931486722febc89 |
| SHA512 | 0ea4ac09de7184b679b6d6c6830dcbb6652fcc47b81a8882dae3c7ed4947571758867040130d2e6dc56a3c283b656994b039cf851dae69e1f38d476161c19716 |
/data/data/com.boomrocket.nearme.gamecenter/files/PersistedInstallation2850145513278516011tmp
| MD5 | b0de2c51776357a6167f13d08cbe271e |
| SHA1 | f4133ca3065543e0f52ade136c48b32fa20b8b19 |
| SHA256 | 3282acb5c7f168e0284d5860a52325a340c74cc6d560763326ca6f4d14d7d695 |
| SHA512 | 39d0f5020471c4603f12884b1a71ca7292b5b11b70b687f275fad8d56ab368610589092ec9318fdd6488dcd39050b396cccd651c210047097c6fac5190ba3465 |
/data/data/com.boomrocket.nearme.gamecenter/files/I
| MD5 | f7b9f9d0a194091cd976f9c939a4e708 |
| SHA1 | c022712366512e2e44e477463122cec9b1923165 |
| SHA256 | 6995975c6337c0f5f77b95bcaac787f177bb2cba8e989f123cbd0f87e38a27ed |
| SHA512 | 5aac7362d938697c00cd6414c6bbbced7e20a7b7b77a427db0fc7686d6873adaed75f6d93b39faa950954348e349b141cc335f36f58eec1cc8081357621a3d92 |
/data/data/com.boomrocket.nearme.gamecenter/files/Hg
| MD5 | 206d486e57eca539f29717ab2731a920 |
| SHA1 | cd81a5f97ba6959178bfa6e7d18cb40209ed3a2b |
| SHA256 | 128800eba805584f221778eb29f5cf03b5a9d33b67fd90d7b552cb412b4103fe |
| SHA512 | 12d14a1ce749e63e3beefb37d067f1fa44310fc85b90b437c2c59d9cd9f7d0afd6fa66ec5ce8d872d479e9e1c0d12025c7da6d94b9d1de61057e0ce418807718 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-02-23 12:41
Reported
2024-02-23 12:44
Platform
android-x64-arm64-20240221-en
Max time kernel
148s
Max time network
158s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex | N/A | N/A |
Reads information about phone network operator.
Processes
com.boomrocket.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.42:443 | udp | |
| GB | 142.250.178.14:443 | udp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.crunchstation.com | udp |
| NL | 217.12.201.177:80 | g1.crunchstation.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| GB | 142.250.187.226:443 | tcp |
Files
/data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex
| MD5 | 7769a0f1422b316ab71c4ca85c2de18c |
| SHA1 | 3c6e9f225068f5a69fb0f3fcc65a2c133a4798c9 |
| SHA256 | a4df234e149ae8f065af855c25fe752114318aeaf0ce2827f13072b0a5c36a16 |
| SHA512 | be7ca5c77b29adfebd16bf22b92f7c08a36b92f3b1b56d55591a84d167c3680afb656623254c00e41844f19f4aa0d0766ce58b7a173323b2ffc5f6c2778ced76 |
/data/user/0/com.boomrocket.nearme.gamecenter/files/d47e8544.dex
| MD5 | 2b4d123971940af087bc4934bf8fa06c |
| SHA1 | bfb296289862368cd8c60379bab8237de5970f07 |
| SHA256 | 56b6fd70d638ac119c49d8566cc5f13dfee3000ed64fff7fbecbd1aadc5e1de7 |
| SHA512 | b17722de805803fc6f513838a24922c8800c68474f235aedc3c9a5a67c37842c24dce139b6c3b4aa59aa4dd5deee29fd5e86995c6312204a8712df9444cc65d0 |
/data/user/0/com.boomrocket.nearme.gamecenter/files/Hg
| MD5 | 1578dd774edbf6ec15db966d8361b96f |
| SHA1 | 7802a1f7df7b313837cbcec26b2bd38bed3edd34 |
| SHA256 | 85b2fc8fdfb4ff59c3de2726b936c197300420fb7f909763d2f67cf2130ddd99 |
| SHA512 | 4743b4759393b6c3b6510f48a413d03e9621ca868d6d09da904d618b1b04cb121b24c9cc7cc3afef820d3eb994706421fbe7bdecc621c69bcc6be09279fa04dc |
/data/user/0/com.boomrocket.nearme.gamecenter/files/I
| MD5 | f1d1777c58e5346e118e5b0e37aafd76 |
| SHA1 | 06497d4f74b22bdca44d8d8562cc14d5a3780c24 |
| SHA256 | 18ae1c4d3b358c28cd68312364d24f1b39ce3aee9e4b2e74bf1ecdcea076ce7c |
| SHA512 | e208015e2b6019f3f4b1e9dc395ae3320922d4b738d0f3a16de2205559f841720c5ade49858d0c5df66bc219d523e1342012553c733073db753c2e22f7ea9c14 |
/data/user/0/com.boomrocket.nearme.gamecenter/files/Hg
| MD5 | 14205bb6c7095a6193382f9674b1623c |
| SHA1 | a7b565fc99d67b7c7734a68212ba7f19b52a5894 |
| SHA256 | bf84c23ac46f29e605697d0c33f1727f3ffd5e0b8256997f787ddd4e4e5134b6 |
| SHA512 | 51619e616c2f4858ffc3cdf3e197bcedee949635c317d0bd98c0edd18163f9eb2be668512cf4654d0275d95a3d4c96496c7468dd97a8ded648d94c3a9266e082 |