Analysis Overview
SHA256
89a3c9dd0303d75e0918f576afd3deb257cb23fe3f88373250f7f23689d92d87
Threat Level: Shows suspicious behavior
The file 89a3c9dd0303d75e0918f576afd3deb257cb23fe3f88373250f7f23689d92d87 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Requests dangerous framework permissions
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 12:42
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 12:42
Reported
2024-02-23 12:45
Platform
android-x86-arm-20240221-en
Max time kernel
50s
Max time network
136s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/eJFtCuTpF.dex | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/eJFtCuTpF.dex | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar | N/A | N/A |
| N/A | /data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar | N/A | N/A |
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/x86/launcher.ext.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/x86/launcher.dat.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/x86/launcher.uni.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/x86/launcher.irs.odex --compiler-filter=quicken --class-loader-context=&
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/eJFtCuTpF.dex --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/x86/eJFtCuTpF.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | freebay.in | udp |
| US | 104.21.69.154:80 | freebay.in | tcp |
| US | 104.21.69.154:443 | freebay.in | tcp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 1.1.1.1:53 | vozito.net | udp |
| NL | 5.45.75.40:443 | vozito.net | tcp |
Files
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/databases/a-journal
| MD5 | 59cc3697622932f9bf7a5ab786ace123 |
| SHA1 | 8b79e352880bf04fd302002a4c0bf0d1e47c523d |
| SHA256 | f48f71bf82b39518873c1765eefc037af96d580b5a2be052f7a1c634c1dd3622 |
| SHA512 | cf900d6740e8250c54e3db7ba12b819f80e38e38220fc9880a1dd996b08ff47c2a934c35c3b57b3b76cc476cd73c149a6e2185f49c35e226a5f389f65eae72d7 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/databases/a
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/databases/a-wal
| MD5 | 5033a8c3ec270429733eb8f171b8f7bc |
| SHA1 | 8c78ec592b35b06fcbcb177623fc7ff2c884bbaf |
| SHA256 | 9a9733345c31b916095bfdeea01a9bbb8c515c076708d96a292337a5fca0a874 |
| SHA512 | 789c1d59235ebad249d133f687717e1824891a28988e9fdf6f73d256deeac106f123e8e9895dc9decbb564900fbd06246a12e0d169b47ec9339dcaef67018e3d |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/databases/launcher.db
| MD5 | f462d789e14f072dfdab2531b89b2b98 |
| SHA1 | f46d41701ac08c18335a9f90aad519a309c3b232 |
| SHA256 | 4c9e88ceada3f8095ee68a388444b6a93588248c8560b6b6f3bcd8763ad5f40c |
| SHA512 | 3565e4d633abc8d9072cfe6e29d0824ac088616fb4c486040283edb036e0be682054326f28083cfff16da9231dbe0f53c00101fcc223cb70aed4af31bd60db05 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar
| MD5 | d16b0bb3c1029f2d8c1e2dbcbfb21773 |
| SHA1 | f139fc6a0fe735c362bf64eb649addd3c6787203 |
| SHA256 | c8ff8d85579da19542c3afe119e75c92beae8d394ffc13f9b61e3a0f8a3321c6 |
| SHA512 | a3ba18b4e6284353ecbbd32157a1422b4667f62f417e42ad3257b72acbb58f95f18423e99397c11487ff73b0391d636d97b07a2ef2d8990d5c4fa00451ff5549 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar
| MD5 | 3dce3c509bed279f61f59e1e31f771a0 |
| SHA1 | 7d620219565c0b3c417485b94e7180e1a4e2ebdc |
| SHA256 | c22374ec07b699cc044489b3acd9ee0f668790bc544f2e93afbf7cd02df5c1ae |
| SHA512 | 40fdeb39c751c0bc6b05cbe9d7d8c31f5b2d94efe1d942fc689fa86d5ac8a852e4c036066b2711f1840f80efae001b209e972de80be91fbf04d7b2d8d6b9fe55 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar
| MD5 | eeaafbbd7fab84c3a46d5ed8df1e0d2f |
| SHA1 | f84795586cbfcc1aae13556a582d4c4d5cd8e539 |
| SHA256 | a140ba053de66a8ee04a0cc83cf778939c6570449d05a880b7c7284688df9241 |
| SHA512 | 8940dd391c007ce2a71c4499d03d0c90151d3bb84f0777c4b2ee9cfac9df5e1698e594ff278cade691a200e66e6ac09909c7c980b618f5245ae63fd9d3a5e7fa |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar
| MD5 | 471f5bd1430f00abbbb5cec7bd19a670 |
| SHA1 | 5e629a78e1675db86c130cfc14852da3bfc45949 |
| SHA256 | 921efa6595c76e7016f0144a11568cd8a57f69329eea27edfec49ceee9d3987c |
| SHA512 | d01ce47dca480128e4edfa6953a61789a24bc54a335db9b591db05098f153d87084d446540d21282d0fa04c34a695303619a497f00b0bb5c596becae7d9c323e |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.dat.jar
| MD5 | 4bb9ba35c86e587d61dc3363447681e4 |
| SHA1 | 5a532558fefc93d8ccc1a836d549011dfefe3cde |
| SHA256 | 27b5a58782ff67d2d7a8d52b7082330f67b1a4c06d2c2be38a5744f6e3210e41 |
| SHA512 | 83e5efdef2c01e955b478e7699fe2f6b1862c24e9a0621b76f4cbf9ac9d143cc1bbbcccd02c0aa31b7945f0b684abd07a0e3ed468734bcd0b43eaff53379d0f5 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar
| MD5 | 23c33d08ebde4a290c7c873d51c66f22 |
| SHA1 | b47a4dd2cb451b1b8948e5cf7b79a27592b11b68 |
| SHA256 | 8d91ceb801f3a38a1072e3f3c0f873e42982593da9f8bd98ae318afcd984a73e |
| SHA512 | e2c744864a0722b58c39636d4b0a229fd93a13cf6883ed6c11cdd803f8ec8b1a4b45aecf0da2f31fed3ca3fe6cac0d90c8d44b999d85016b39b3f944b07a30a7 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar
| MD5 | 3f5d5ab5cc80ae55dca1719549dc3627 |
| SHA1 | fc1a5e8b43ddd46c4d301127f9c2e07a613809f5 |
| SHA256 | adde7822a6f4b22b80e8348fe09d9d716e2f8519b8be926598a53463f43b569f |
| SHA512 | 885988fb4fb5b0a0b4c9b5f067c5b36a7fb7b731def6bbd3860832da215f19911b9a064973f74180461bace2bd04a2735142bb770783cb46e1b1d87c728497dc |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.uni.jar
| MD5 | 5281c31bc937e0486df57682e61c5c86 |
| SHA1 | ce34b2893d203c76bf90cb67d5a1d56e957fa315 |
| SHA256 | 2f6654f61f0ab758f6825a38f078cf4a1bb1cbed1a99819ea18ae96634171401 |
| SHA512 | 6219e0f2a04232ae6aec1736eefd00f696d1badbbaeb68dbff5254370281b2b82fbaf10c256e982004bca2fa3f4259106bc1fe6562850d420bcf283c1c8c80a9 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar
| MD5 | 2694bcf3a992344c8173b9bb5e22d922 |
| SHA1 | 4fb53a2b03d39e8dfefbd7aaf90314592f92fe15 |
| SHA256 | 02f6e2c4fff3f804e3ed80656bb6d9737ea28aa8b3edb7152a1f3d2d19d6c1b1 |
| SHA512 | b83326362b23bca306b98c79bd45589a740ff690c20e023ca4bc498b3701f4b00046fb87319ad8a28ca709e83b3503153afd55a57d5c96646b9bea747a48ce68 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar
| MD5 | 6263092a4066cc703fba3c43d7ccaaee |
| SHA1 | dd29ff70f4a0c4efadf810b605ccf3217dd02c6b |
| SHA256 | 60db470efa19a143065f88eb485ad31ee9afb169b852b42a7d87a790eb051758 |
| SHA512 | 122f8819c0268f5bf6dadacdc6586b7509c0ece6155e8d2eccc897afea84ec246a7f193ce2975ddc134107b64fd51ecf56ed0f14dc443823759d6b76d61fae4f |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar
| MD5 | c7405d03f169b980f10cea6f717cb6a9 |
| SHA1 | 8847b0550640d8cadd2325d19f10c60f232f1166 |
| SHA256 | c8ae0ce4f329bb0cd55672aaa5f8410bd27684aaac1b96085ed9bf54ebea3567 |
| SHA512 | 8e8dfe8e23bfa882fef6882fac5c60618c5f8bedfc13f42f3a34354f2874d379e4a6cdf1c80ff9c0063898c64371ebacc89888bcec29c69e5dc8990160633d22 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/eJFtCuTpF.dex
| MD5 | fac0b7dc92164aa1b001176bf154652e |
| SHA1 | 1eabc45ec8a8fd152d453ee485522516f9411035 |
| SHA256 | e15e95775c1be159af647ae91a3b1f6e9e0e9e765a3785d8795fba4dd8e2e5b4 |
| SHA512 | 73bed8630b0b64d35cfe47a3d2f93b2fa4a05fe71659dcbd4db0bab18e578e5a4faa2f3c006bdf213f684fbff37a683a65bb91bef3315cccda95f665e5b0d6e2 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/eJFtCuTpF.dex
| MD5 | 32e61306beb8d8cc836bca36144124cd |
| SHA1 | b288a80605bd0c8705c8da6c39069bd9bd49d1be |
| SHA256 | 83e5ac76c1bd18521a842ffb8b1a1c7adc9fb199bf2e4fbb0573e4488f15716c |
| SHA512 | 35ec09863b6030b936d04ec702a3aa9c5fdaab0f33f553082a621c39789bd725cce079db0a8b0ace0f44934011dd8c86bb8ea6120abb198b50f70941414781b5 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/eJFtCuTpF.dex
| MD5 | 7f1cba04256885e1a3ed63712285c1e0 |
| SHA1 | fbc5a75600bae6419c0f719ba4d8147e2c71e03a |
| SHA256 | b4275c3714cf0e5c1892d8d9a8178653b55562e83fe071d123e50cb1bcd1f190 |
| SHA512 | 470cbbde87586a038443f96369e36ef34d2858ae5b60a2649467760973811bcd99519149be5763cebb5717679fbc810f008960f1bb8b605fd8bac43dc9c27d8b |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.ext.jar
| MD5 | 4c58d67fe8dc0c9e3b5f044aa32da907 |
| SHA1 | 76141b78bc1d0ceefd216668d421e240cc7c95dd |
| SHA256 | 92af85c7883531b7c01c96c531f6899dfc05cb8a83d1a554c472ab1db699f68d |
| SHA512 | 425a24cbd4b243d9a0a6a6b6ad34405dd9c9edd901c6d35b18b59e958c00ea0a74f7eeb6b2343f92449c7eb78b92e1be9ccbb83aeeb69a28e478d1c021acde50 |
/data/user/0/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/launcher.irs.jar
| MD5 | bb37c6088a9c43dc9c058a658b2c00fd |
| SHA1 | 1301cddc99555517b7b8c67c9953c6c9533f8d06 |
| SHA256 | baa7f00c748eba91717d68d43d8fbdbd5f15411c1a4eba5a1f3182495911c9d5 |
| SHA512 | 4d027101cead1d516a8b285b216824d88dcff4f83b2fdb126a5c7acfde1392b65438fb2b00879d24a91026696ff46ddd9ccefeb7ac4a73a55bc37707b3d6b020 |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/launcher.dat.jar.cur.prof
| MD5 | 1ed146a5f8ff44862e7499319368736a |
| SHA1 | d86435024a1a6b8de9125e1f4f9db2f205da5172 |
| SHA256 | d93c4deaf4a8cf45e46c575e2b0732d8e9d008b8823c9639efedec54b0987e9e |
| SHA512 | 796589bb29dcb0ebde5aeff6ccaf9ed93045646107a02ddd97ee0b08c15531f2a5e5645509030bfd902d2f32f100a9a679861dc51822888e4236db3f4933e03f |
/data/data/com.apppills.huawei.honor.psmart.theme.latesttheme.android.launcher/app_ftlgfvlyxb767btn8kt9/oat/launcher.ext.jar.cur.prof
| MD5 | 821077167424879e6a487341fc17e105 |
| SHA1 | 9ee4ab5e22a869e543d15bb050b167c8a4389bcf |
| SHA256 | 840f0207c9556f5db3c9c3d47d64f0e7c4a84d946ed35a410f7f611cacf4c061 |
| SHA512 | 412c6cb2cd645fc24a8d73291afa94e426693aa15251dedc96ba5c341fd12337863c6ab89b6fb9a74a96e18919ae81319701195c334a4d7966f03ba5073af6d7 |