Analysis Overview
SHA256
19b92b03ba1318d30c2888bf3b1677889bb5b6136928aad974927bc5e09e5bcf
Threat Level: Shows suspicious behavior
The file 19b92b03ba1318d30c2888bf3b1677889bb5b6136928aad974927bc5e09e5bcf was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Acquires the wake lock
Reads information about phone network operator.
Requests dangerous framework permissions
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 12:45
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to post notifications. | android.permission.POST_NOTIFICATIONS | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-23 12:45
Reported
2024-02-23 12:48
Platform
android-x64-20240221-en
Max time kernel
152s
Max time network
143s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.102:80 | g1.topprocompany.com | tcp |
| GB | 216.58.204.68:443 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 142.250.187.238:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex
| MD5 | 57706cfdd2ff4b375b0d6484c1424db8 |
| SHA1 | 0bee55a4a0330e06d1261b331ceb102c225272bc |
| SHA256 | 2fd9ed9978f17621d3f7fd6bb4c9187b6059c879d042753e5cc96d792dbb00fa |
| SHA512 | b2482722c74dc1242c46a825892a5c67a1083ea8f19887569135dc7942d523cc5553abf0e30a565e00fe5dda4e39c030b3cec81304ea526def3e90fdc1d455d1 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex
| MD5 | 06a77b865b893e89a8dd894d61b88295 |
| SHA1 | 06c48c3b4d2fc9520c6d25fe87a630cba571cc34 |
| SHA256 | 2115a487e37de063d314b17ef9b3bf01800b097adb69dbadc857c50aa564e547 |
| SHA512 | 31cb4e654459755cfc761dee9d46d1718666dc3f7fce2b85fbdbfc54fe429672da08312e1e9c2a5727b665988dbf531b36bd47c258f383273bba39d0c59a0046 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation538469467667007919tmp
| MD5 | ed0432a35a90617b5364578094ddb58e |
| SHA1 | cc92500a3f2266231acc5c5b062ce1fb13c099fa |
| SHA256 | 906ab12aab385d6ece003fc3909e13d3996e18377bd3c20ae9531b2e74c28919 |
| SHA512 | 21227218a5bcc87542292213c41780bbbe2759e21407365ceed52a17d60fbc3355316cdcea06789cd24de68e3a83f11421678475be8edf518f8c00d1dc9117d1 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/DMfQ
| MD5 | 2517dc7b6317f3261c0220f4237ce77b |
| SHA1 | 9db6f234ad2dc719e65b43acd5a10a99d44e3c7a |
| SHA256 | 29135e79f79875f13d880ab148f4d0645c940a61a072ce2661f2585843369364 |
| SHA512 | 771acd1584efb2f8284d1886cf5de0adc222c0e49ad7f1e5d914370c1962054390e3a10faeb36648f15cec11b9fef60b6548997ae3067d741039949d28a1392a |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/AOtHj
| MD5 | a592fe4971595baafcadb414b465ca8b |
| SHA1 | b2b600ecf7e6d27719b5adda6ab713f6bde9e25d |
| SHA256 | 52d0e5c6b5b909248dc991a6a2e37a2076d4edf5ffc07cc3af921064efa5b560 |
| SHA512 | 043ff38935a42f257e1fa5a64522a0aa8f377b434cae80062d2e8997d99d288e9eda8e7d346bc09e2bc345880b88505be47ade180961c93b28362996298acdfa |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/DMfQ
| MD5 | 2cf2458e1d527c9f7f59b101fba080ac |
| SHA1 | ca40bc39b7bf6bd9ccc45e7241d033d72fe23d06 |
| SHA256 | cff485b07abd61e6c5a185f6c9f32f6fe7e8cc6086cb2071d655cb419bf4fbf2 |
| SHA512 | 97398d712f388d924925eec50053d926de1c633b1efc0d4b8a28651126002cd8e521ad9d3c6050835de89c86dc168aa3feab2f880be219706748b3882f65518f |
Analysis: behavioral3
Detonation Overview
Submitted
2024-02-23 12:45
Reported
2024-02-23 12:48
Platform
android-x64-arm64-20240221-en
Max time kernel
152s
Max time network
146s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | udp | |
| GB | 142.250.187.234:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.102:80 | g1.topprocompany.com | tcp |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.200.36:443 | tcp | |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| GB | 142.250.187.226:443 | tcp |
Files
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex
| MD5 | 06a77b865b893e89a8dd894d61b88295 |
| SHA1 | 06c48c3b4d2fc9520c6d25fe87a630cba571cc34 |
| SHA256 | 2115a487e37de063d314b17ef9b3bf01800b097adb69dbadc857c50aa564e547 |
| SHA512 | 31cb4e654459755cfc761dee9d46d1718666dc3f7fce2b85fbdbfc54fe429672da08312e1e9c2a5727b665988dbf531b36bd47c258f383273bba39d0c59a0046 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation5359179909872516392tmp
| MD5 | 1d6d53ad072e51f8a7f849527adf2498 |
| SHA1 | 9f48fb1d88d1ceba8ada4a6256286c6d9b14731c |
| SHA256 | f8372a99f64fa6595f45d7519cd0fa6ba4ce66cce89eabfe81af0c2ea85109a3 |
| SHA512 | 867005af334dbeed45c8f865ee94b8779d0227c26262a1779f1f048dc062f2a001f3690e6e0052babe2a24c2da84d237e9309a50240a02e393fe4af4a4d73645 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/DMfQ
| MD5 | 19f8c4a2cabe8b9631c37f830eb75a6e |
| SHA1 | e35bfa6c0e0eef35a423ff9903665b9bec3bfb8c |
| SHA256 | a91144263fae317f55f715b9d3681e9f547519a847139e7e27a2b9302aaaa58d |
| SHA512 | 26d7b336cfaee93c748150f1a0b0fe68affd99b74103cb97a8de0943de50f4ed86f9e93ca4b4d849ad2717f7e970661ed3581cd5d0655e828348922ad1147dd9 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/AOtHj
| MD5 | 7bc62245c8d2847c1e5e5a4c5ac36de6 |
| SHA1 | bac14ee33beec634c559a038b65c8ebdee5ed120 |
| SHA256 | 92d7b35094e3e357ea4ac23a2fa499a9f91c372c8188ef0fe971e5a9c96eec34 |
| SHA512 | e6d1d6afd73f5afee035c687a0ab24f2fb85d390b2943135f480156be6ad48dc87a15fab5536ddf50d180cc9443c5675b29f32c4557e081454afea926be4d23d |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/DMfQ
| MD5 | 5836bc8e75e410a3cc887d498c99643f |
| SHA1 | 8c5ddef2bbcd2eb013c9ff6657269b0fed8fbc95 |
| SHA256 | 64903f9bdd27ce13deb9aa4bec2a3d433450adadf472a4ce60444cb237543614 |
| SHA512 | 6b9496aafb990dc1db4db474e0eeb388fab7a575df0c784d16ac315fabfb5b94cb9c6a875898551ed73ba089879e82695802b27126515d9661b21025e8911422 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 12:45
Reported
2024-02-23 12:48
Platform
android-x86-arm-20240221-en
Max time kernel
147s
Max time network
130s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.179.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | g1.topprocompany.com | udp |
| PL | 51.75.61.102:80 | g1.topprocompany.com | tcp |
Files
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex
| MD5 | 57706cfdd2ff4b375b0d6484c1424db8 |
| SHA1 | 0bee55a4a0330e06d1261b331ceb102c225272bc |
| SHA256 | 2fd9ed9978f17621d3f7fd6bb4c9187b6059c879d042753e5cc96d792dbb00fa |
| SHA512 | b2482722c74dc1242c46a825892a5c67a1083ea8f19887569135dc7942d523cc5553abf0e30a565e00fe5dda4e39c030b3cec81304ea526def3e90fdc1d455d1 |
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/bb50dea8.dex
| MD5 | 06a77b865b893e89a8dd894d61b88295 |
| SHA1 | 06c48c3b4d2fc9520c6d25fe87a630cba571cc34 |
| SHA256 | 2115a487e37de063d314b17ef9b3bf01800b097adb69dbadc857c50aa564e547 |
| SHA512 | 31cb4e654459755cfc761dee9d46d1718666dc3f7fce2b85fbdbfc54fe429672da08312e1e9c2a5727b665988dbf531b36bd47c258f383273bba39d0c59a0046 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/databases/com.google.android.datatransport.events-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation459150234611464109tmp
| MD5 | 45d8281f7dd8318f2df6b8b24ab4afbe |
| SHA1 | 806642f2f9957724c41cd189214c8e3536403deb |
| SHA256 | 98b68a29b6d21ef925461b01a3d13224310518ffba0f7a5b8885fc1223c98e2c |
| SHA512 | 33b6537cbef27655b615a62a8ae44b5eaf3a1e4cb06360a332f2cfc5dcaf9613dffa849774f21e835063fff4da893e4b8ae77d6b4c89150d9a561f40a82b826e |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/DMfQ
| MD5 | c8bfceb4881e0bde0ca347fc297a3eec |
| SHA1 | 1ce62e1e28a98bb9ced9b58c9d8c892daf5b8bc8 |
| SHA256 | a9ddfadc2d34dca45a3aad15321ee6aca07b7ff7c87dc91b7b2c3ee296b0ac72 |
| SHA512 | 21e4c8776980ed2f21698fee2b658506728e1f8c23cc06c02787cff80d24dfe670e207c1aadcb9d920aa607bd3420b6164b6580fad38b694d3fdd037e432a601 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/AOtHj
| MD5 | 7f95acbc0a43899439e8762c53a60e48 |
| SHA1 | 60428a18448cdc8f7f65af8842ca4e58990111d5 |
| SHA256 | b9dd111a4065555a98d62f430f9a0ddb684770554857d2af1ab84f3aaf18b163 |
| SHA512 | 7eb2f3ec6fdff9f45ecf3e4620dbe0f6395d50edbfa9fa539f755ba1b3679cac4bad3ab29f45546a5146592bc18ade1c5ccf522ac7a2f16598556cfd7a4ef3e5 |
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/DMfQ
| MD5 | 7a28c9dae63765d0a4c063fd245ee314 |
| SHA1 | 3dc7632c38c1647df56ce733a8b72fa077318795 |
| SHA256 | e694b1df787df7bf2e575fbc6a5e0dfb4f21763c58cc9a504d59646f9082c7d3 |
| SHA512 | 2d87a67987d0d92b34645d68edc6db12670d2268029e30a6321a17ba60be2c03bcdecce6d4498591cba18aa4c169f0bbc9e55f88425e681b7c9576b7565d3583 |