5c59b04b671f76222ae1c299bb21182463d9421d2c6671cbae119c6fcfbb3a5e

Analysis

max time kernel
7s
max time network
141s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
06-03-2024 00:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b608c9f7e32a34b76031a60fc0c6e703.apk
Size

16.0MB
MD5

b608c9f7e32a34b76031a60fc0c6e703
SHA1

1c70c9d65e02586d88045e89023f683e3310ea2a
SHA256

5c59b04b671f76222ae1c299bb21182463d9421d2c6671cbae119c6fcfbb3a5e
SHA512

24428e829f0196da63db18071fbd20903cbf3c68cc5ce1cf47902d6b0e350790135d419636acd712620143c2e4be4e383768a9e6326771930ed05765b41d08b5
SSDEEP

393216:R7k0+Om9f1jYdTG8s4Ng53pTNg5oW4k4+8roggx:Roh9j8LG5ZG5oW4k4+8Udx

Score

8^/10

collection discovery

Malware Config

Signatures

Requests cell location 1 TTPs 1 IoCs

Uses Android APIs to to get current cell location.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.gomejr.myfangagent

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.gomejr.myfangagent

com.gomejr.myfangagent
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data)
PID:4462

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Location Tracking

T1430

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.gomejr.myfangagent/databases/bugly_db_

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/user/0/com.gomejr.myfangagent/databases/bugly_db_-journal

Filesize
512B

MD5
d892b6f1c3f4794e6c7ab43d0372cd56

SHA1
a67dfb9419394acfbb8aa342e6494755f70ae70f

SHA256
0869aaee30aee727888b90343405ecdd593f3269a95d5b5af84beb093a3a7f7a

SHA512
3888d98ede8f2de198dc696830af7bbdc70b360ac8848d64088ec8c48e0d96f065a29d5aef463d4a21c69ec3c4ae5ba937f1ad6f622694d7c01b221c02d28fc3

Download Submit
/data/user/0/com.gomejr.myfangagent/databases/bugly_db_-journal

Filesize
8KB

MD5
8e12cd8c97194e51af8e07c3e48642d3

SHA1
66bd9ca88afd02965a99c04ea4220f78a42b1c94

SHA256
c182007e3cb6621427a1f3c51d53f2eae5d508984adb35f605b1967797627ede

SHA512
c056e035d61515847c28543b50ba5b330dade1a815ee257d55bc3da261f7bb5f219f7d7f6cc12ea5b69cc70cf548e561508c06593a8310ae2ef8c91ac2a847ee

Download Submit
/data/user/0/com.gomejr.myfangagent/databases/bugly_db_-journal

Filesize
12KB

MD5
58a2befebe35ea82f35d9a915cd1e73d

SHA1
88097643c88823b23368ceee3eb47bc50a3fe807

SHA256
eb5cc5b8c5425b44ae1d9680bf7145ba4ccd10648381f2ea4866c5ef303091e7

SHA512
309db277e1f0380402e911ec546dec1a7306d4f245bbc83ebb34d05e990c5fea0fffb05fd2fa6302f412caecc10d4d6940403065c974e2b7381c1b11582d1cf3

Download Submit
/data/user/0/com.gomejr.myfangagent/databases/bugly_db_-journal

Filesize
8KB

MD5
0d0bbf79a9f8c7d75ef641b2adeadcee

SHA1
c93c034726276c561df7a863440234ab59841acb

SHA256
7e6b5bb85589499a8a268ab49195b396541616021a1d531bedc4be668f34c42a

SHA512
bc0c3d9f4de7d3721e53f4da8d2d120b22c6b74be2cdb307b85742e3b0df1e0855468091a03ed9b420f9410dff5018ce20420d93cea21032c56130428487630b

Download Submit
/data/user/0/com.gomejr.myfangagent/files/cfg/a/ResPack.rs

Filesize
171KB

MD5
16e3780b2b6b579726c82b11ac403fe8

SHA1
f8ea3ca5943b62f4ed3bfb6961f371e8f7dd7637

SHA256
8bc8e52b3f11c5fe13a63604c0bf83b71728443d92d4da3fa4832066e10fdd00

SHA512
4361d55e46f9c4fa0bd01f13ad2fb3e947a234fc4915a419b3d02b4914583e5d7ba7759a519c202802a3946e887c90d06bf33a3b17156bc9647227734ee308da

Download Submit
/data/user/0/com.gomejr.myfangagent/files/ver.dat

Filesize
6B

MD5
8e31aa8d6b61e8b044ac3346e87098d6

SHA1
70e4050667039f00eb5231bd731b9f3cb5daf00b

SHA256
d2a616114953901b1bbbb79a9be694acc0aafdabc1df94f46002bcd6b75b3a4b

SHA512
2935b5e37639b7c631aac8d5073a200d56471b1a06858c0e3dac03e03a89758743b023cedd1ad703e8f775114b39ee0ca808165188c74359d6b1e47fa7e171d6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads