3598d53e4b8596f4d6c99ece2e10fa506ae32268063590e0962208076a1004d2

Analysis

max time kernel
147s
max time network
148s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
24/02/2024, 10:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3598d53e4b8596f4d6c99ece2e10fa506ae32268063590e0962208076a1004d2.apk
Size

1.7MB
MD5

0697147de4e0981b4088e43e85f92892
SHA1

e7cd69986fc41a1be5fcd899d541e54ee25104cb
SHA256

3598d53e4b8596f4d6c99ece2e10fa506ae32268063590e0962208076a1004d2
SHA512

0471243f806ebfb8759779b91e2ce2c65ad76a8e7d67c3b93be1f70cf7a004c912818d06265ea10e2565261da1c491ad68f529d422bf2cf233cf0222bc8522a1
SSDEEP

24576:jdMYVRcsDRsFtWq2x4uNCn49Z9T9eXLO5zT+5u1dBcs4cXMgDx/GQc3Hecmu4Ejc:jd/RYFtkk49Z9TEOnzBc0Dxev3dmnEjc

Score

7^/10

discovery

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.ballhop.nearme.gamecenter/files/5e3152b0.dex	4302	com.ballhop.nearme.gamecenter

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.ballhop.nearme.gamecenter

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.ballhop.nearme.gamecenter
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:4302

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ballhop.nearme.gamecenter/databases/com.google.android.datatransport.events-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.ballhop.nearme.gamecenter/files/5e3152b0.dex

Filesize
1.1MB

MD5
17cae2f821fb945efe23385548ca568e

SHA1
466038ff2e5f8420709941c7d031d0af77661881

SHA256
dd46fdcbaf588efcd380e6e317b0bca3b85b2893d130e0ff58ec5fb5f46672c9

SHA512
997fa3f1c3ffc6ba93f4c5da825da447d30c9d994f477c3d91409d83f183c34385d1c5ea3d5b90225ab9d817b0f13186b14577d7832106f0dc5086847fbef43c

Download Submit
/data/data/com.ballhop.nearme.gamecenter/files/tBLH

Filesize
251B

MD5
9eee694912ab4bb50e9c8496e835764d

SHA1
c93b6dfdd3b739fad931f324544c5c1f008c8471

SHA256
9c9642861d931d8993c015055538e094aad2dab4399f2e9929636ce034c22063

SHA512
2be9237b01a684ab0df8f4aa1d32389122b0422e6bb4bd10309b9705defff4dc66008ad28ed653674a7c7113003f5de698119d030534b0ba92b92689c04eff72

Download Submit
/data/user/0/com.ballhop.nearme.gamecenter/files/5e3152b0.dex

Filesize
2.7MB

MD5
f33396c4568c86eb4899349f91183012

SHA1
63a6b820483c1bbf8ef8b4eb2ba56745f3e8cca7

SHA256
2555b8c8821ddf763a05387a6053810cb6d0fbd5da65bdefcab8e34e2420a01d

SHA512
46014a9a8c3ae0bb2c13ade7e699b9ee44cd271323a3259ea920ca8852ff2769bd2f231e5e3658d6b2eb0124dbfb04e9d0ea9bc60fa99fb24618156e758df388

Download Submit