9b3b1475eb3bc302acb3946c047707bf561d8b75b27cb12bf76c499f09ea58da

Analysis

max time kernel
24s
max time network
35s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
23/02/2024, 16:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42bd23110fbfde71be924a9bdb5a8381.apk
Size

10.0MB
MD5

42bd23110fbfde71be924a9bdb5a8381
SHA1

4698b3aabae28ab66c8469853b4e2bbb28b52a8c
SHA256

345ec584960f85f0411b6756cca79607d1e90d77aa87819f2a95e61ad7043731
SHA512

612fddf62928d8cda96e05d8990f0c87cc1e809bc53298ea5361a63073ba4f74be30b37450e6c40fca5b9a5c55482ac98bf7db5330b6580cb16ee0453037f1de
SSDEEP

196608:uH8ej9ekpj0G54btQhB8ptxcF7BUxJHfcsJCqwD0/JMX9urOw:uH7jEPGWRKBUxBptwZX9u7

Score

7^/10

collection discovery

Malware Config

Signatures

Loads dropped Dex/Jar 4 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.sstars.walls/app_YGVL/dySCI.jar	5114	com.sstars.walls
/data/user/0/com.sstars.walls/app_YGVL/dySCI.jar	5114	com.sstars.walls
/data/user/0/com.sstars.walls/app_YGVL/dySCI.jar	5241	com.sstars.walls:sstk
/data/user/0/com.sstars.walls/app_YGVL/dySCI.jar	5241	com.sstars.walls:sstk

Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://media/external/images/media	com.sstars.walls

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.sstars.walls
1⤵
- Loads dropped Dex/Jar
- Reads the content of photos stored on the user's device.
PID:5114

com.sstars.walls:sstk
1⤵
- Loads dropped Dex/Jar
PID:5241

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Data from Local System

T1533

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sstars.walls/app_YGVL/dySCI.jar

Filesize
10KB

MD5
00888f0016804b039e2f45948a1639ff

SHA1
f19441e4bf0370612a7af5930bd55fb50a7f8034

SHA256
2c4a984298cc27e3eedc2ef223ea69348d913bc0985126093a171363c99a614b

SHA512
9314dfd6a6cefe6b5111135158ae5fefe637288918a0f1087ff3dfe2d38a8e4a03ce7a10f7e59a0d51824ecaf1cf3b4b509a5b7aab81d7aa7defcd579e5aead9

Download Submit
/data/data/com.sstars.walls/files/AppEventsLogger.persistedevents

Filesize
402B

MD5
39b62e8cc5df9105eefd596d2a09080a

SHA1
5271b41de18b429d34b3195ea5217e855bc6625a

SHA256
79ae2800cd41ed8711af4d62f037d8fc8fb81dcfdfd41281792acce093c414d6

SHA512
b0e4efcb426f4936acdf46bd2ed2c8d945887340dddf643beb37815653c40ab29676065c16b310550d8ba12f57057bae9305a43e1120cf3807b9f932c8924da9

Download Submit
/data/user/0/com.sstars.walls/app_YGVL/dySCI.jar

Filesize
20KB

MD5
8b303559ba899bf6d7ddd58cadedd903

SHA1
272c098c39d6114c635a63c042ebf6ad36df73e0

SHA256
fb3096b8899e96d286ce87086618e86709f83cdd2f1b6ffbe4e01f81791312f1

SHA512
e16d1e8d9e8cf44db53e6648b19a11b82afc8e575645ba9ce0c6f3d86cc941a1cbb7cbb4839c907addc25129f50f41b46252542f4888809296e7cb03aa3eecb6

Download Submit