1fb3ea82f49e1dab1927ac39321b29d6c27c9686f4e540e9934a5100c779007d

Analysis

max time kernel
150s
max time network
156s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
27/02/2024, 21:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1fb3ea82f49e1dab1927ac39321b29d6c27c9686f4e540e9934a5100c779007d.apk
Size

1.7MB
MD5

f61d085f739bde32271fa076a2f1c974
SHA1

d42389ae3c8a9b68fe71d4ff687be8d36ec55870
SHA256

1fb3ea82f49e1dab1927ac39321b29d6c27c9686f4e540e9934a5100c779007d
SHA512

6cf79c667fadfd7179834ab8447012f6cd618f0860a57845c273e8b15bc6854970b1c0add97d893e5537cada8b8f313b76e78843055495f02ba2457d0c28b670
SSDEEP

24576:uE5LGAf1p4ta8LAO7p6jokTFFXW4q6v5l5oPPsnyhTbs16LqQc3H9QUDcEjd:uEEAu7ELfr6PPvTo16mv3eUgEjd

Score

7^/10

discovery

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex	5201	com.vsindiaapps.latestpunjabisongs.nearme.gamecenter

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.vsindiaapps.latestpunjabisongs.nearme.gamecenter

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.vsindiaapps.latestpunjabisongs.nearme.gamecenter
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:5201

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/E

Filesize
241B

MD5
5a59c72a862713398975e6a165ef5560

SHA1
a4248606579ae65789ec4f67d24fdbf6abf37cab

SHA256
3ea175ad7205f97633bf93205a81a64fe27515e507b8dd5f15fe783ee331ea0e

SHA512
7b67452731cf32ad1abfbfedd81207ec8052f731a632360be3a932248b3668387dbcf41c85f60ebd9b09899e6301ca4b65112be3cd876b8e7b2d5371e00cf226

Download Submit
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/KTp

Filesize
696B

MD5
c62d1d50f1b56d778516590b11f9e0c0

SHA1
ef7a67a63c8a6579a4e1acafbb26c0593031ed9f

SHA256
b290254018b2794802bdd97b440986913c1b86edcb2ababaa79dc4e6e169bcd1

SHA512
4e325c56f32f84c4953bf87f60f3becb44702f748ca62a2a2b062a65677cdc457793599f5ed8e54acedd6fa17aa2c347fb94b7b2b08541a650b94875f19d2036

Download Submit
/data/data/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/PersistedInstallation1703820810537181839tmp

Filesize
114B

MD5
98bbc47af966b28f798ebc5ba8a316e9

SHA1
714627842ad9da22a716c5784865b5778465004f

SHA256
d24528dac92c3e9a5872f2ac6cbf7232d42474bddd3b38d8b6fd9474f943cfc1

SHA512
673965ac475d4d6c9b9c6eb98c3081e1b092604233ac645afc609f2a0b7b88993560f215c015ca4e90e8fddd88a8f8875af37c606dbd53c9c5490fccb189615f

Download Submit
/data/user/0/com.vsindiaapps.latestpunjabisongs.nearme.gamecenter/files/f28b08db.dex

Filesize
2.7MB

MD5
4641466f6bb85afe4e66b18b3145eb4b

SHA1
1c53d1d38c296c0d4c647d26a1aa22086915b861

SHA256
1beb17b02d1639c2ae11f993259f2fd475eba848ad363317919fea9e9f91b8bf

SHA512
f4fd3484715193042535536f2d78e6d0c370a9cdbfd09f91cf6dcb1f3f8cfecaf582c1d43bec8bcd6007fb921cfaee9e07f44504acae69d3e098597cb16cd0c2

Download Submit