Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    06-03-2024 10:18

General

  • Target

    b72d2fc730fd7eaf0b922624adcfa91f.apk

  • Size

    1.0MB

  • MD5

    b72d2fc730fd7eaf0b922624adcfa91f

  • SHA1

    45a4134c51fd8ae4893c6d2afe335f1fd0e6fa9a

  • SHA256

    4b20bf30e3f1a2acca6d5f1afdf4775eab72da7e1c9ba58d551b91fac4fd3aa6

  • SHA512

    4082f4bdcf60ebee863175d9579df20ef00ada4f21134e9b2b27a17cc897ac4a2a5cb4f29632242787fd00b7a47f1e56beda2261e10bc2f6e18eb43dd88603f1

  • SSDEEP

    24576:X+iZDzinC0nWoFpV90TX7gcqKSIopRvaKxXJOhz:1XinCeWUV90z7gcqKnevalz

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 2 IoCs
  • Acquires the wake lock 1 IoCs

Processes

  • com.tencent.system
    1⤵
    • Removes its main activity from the application launcher
    PID:4180
    • chmod 777 /data/data/com.tencent.system/files/xtech_app
      2⤵
        PID:4232
      • chmod 777 /data/data/com.tencent.system/files/daemon
        2⤵
          PID:4252
      • com.tencent.system:process1
        1⤵
        • Acquires the wake lock
        PID:4273
      • com.tencent.system:checkroot
        1⤵
          PID:4311
          • su -c id
            2⤵
              PID:4369
          • com.tencent.system:checkroot
            1⤵
              PID:4393
              • su -c id
                2⤵
                  PID:4420
              • com.tencent.system:checkroot
                1⤵
                  PID:4451
                  • su -c id
                    2⤵
                      PID:4477
                  • com.tencent.system:checkroot
                    1⤵
                      PID:4532
                      • su -c id
                        2⤵
                          PID:4558
                      • com.tencent.system:checkroot
                        1⤵
                          PID:4641
                          • su -c id
                            2⤵
                              PID:4667

                          Network

                          MITRE ATT&CK Mobile v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • /data/data/com.tencent.system/files/busybox

                            Filesize

                            582KB

                            MD5

                            38051de1af7c11f138c3014fc5b4bbbf

                            SHA1

                            3975ff218a207c0dc603d7847ae19d277426ee61

                            SHA256

                            ce9ac842dda26190135c0e0b193772aafdd8f9c160055bed8f5853496a20a7fb

                            SHA512

                            f8ffac05ead41e939b064b2df5f24f8f5e5ed27064a6a743e0a8b021f8d1cb2b402f715cecfc987f6c923002a23303701470af031a99dc43376f23f0ec030f4a

                          • /data/data/com.tencent.system/files/daemon

                            Filesize

                            13KB

                            MD5

                            552e94069a5730b29e719e47a12d5403

                            SHA1

                            16d27fb95dc75bd1ac08dee18b68cfce9375b90c

                            SHA256

                            04164d2327a06ab507200cc3f8be9f4ad4fa93557c17606525eb046d0dd2c89e

                            SHA512

                            0020f6d31b056f4790ef818123d700a63e2389d1bf4593f717c4ffbab5d3d00f3f28b3fdb014072807c08b52b9f77e0b07479be3cf399cae221480ef47a2f5f4

                          • /data/data/com.tencent.system/files/xtech

                            Filesize

                            13KB

                            MD5

                            dab02e406ca86a984267e6466a27e5a1

                            SHA1

                            137eb11ec78e34cd2c530d54bd406d44a679d29b

                            SHA256

                            5ec1c3dd8638a3f41500b859854c89641658237bdd93cd9b51e3fd0fad2e4cb7

                            SHA512

                            0c10df727d14cf1d6ec16123a170f9271a8886abe259b0566385d30e4c0f0a38daf9e7f62a52365b2001e4ca9e0876fe965a9be7d5f751bf126419521a108d2d

                          • /data/data/com.tencent.system/files/xtech_app

                            Filesize

                            10KB

                            MD5

                            9c2bca7aed931c7be95210b22de655c5

                            SHA1

                            f543579faeb05c5141659a2f2ac8825107d8cc18

                            SHA256

                            4dad9f19a430bc6a9a02a1fa55132b39fdd91899c3b493407ff9104bd250919b

                            SHA512

                            bbf418aba9a97f8ffa0d4c2d96cb854add1dc33d1c32a7de38e67a16551d166295fc906c2eb0b56ddf023f1a36b35a970fef54d11c7b9def218f029b523777ff