0cc18aa0a58ac84d39ea0d681caa378f0c85e39fff230b85239fec5960068870

Analysis

max time kernel
134s
max time network
160s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
12/03/2024, 17:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c3fd36103f617324d4d2fa833989096c.apk
Size

4.9MB
MD5

c3fd36103f617324d4d2fa833989096c
SHA1

f12b9d0c224e0130e33af012b883c6405bb32503
SHA256

0cc18aa0a58ac84d39ea0d681caa378f0c85e39fff230b85239fec5960068870
SHA512

8d4b97982f18c67d90f074c518ea496ce2ba3add85529903108acfe266de02c9aa4c93b93e1fbba99a08658a78fb788450760a2d9c7983e65ed9a9eb195ea00e
SSDEEP

98304:U7pojb8O89LBkmUVyt1CXzTAy6ndf8GDLPGNw9PSqflLO0iX:U7pTO89K/VOCXfm98GPuq5PS0iX

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 2 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.contextlogic.wish.hack
Framework service call	android.os.IPowerManager.acquireWakeLock	com.contextlogic.wish.hack:Metrica

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.contextlogic.wish.hack:Metrica

com.contextlogic.wish.hack
1⤵
- Acquires the wake lock
PID:4313
- /system/bin/cat /proc/meminfo
  2⤵
  PID:4565

com.contextlogic.wish.hack:Metrica
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4348

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.contextlogic.wish.hack/databases/OneSignal.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.contextlogic.wish.hack/databases/OneSignal.db-journal

Filesize
512B

MD5
280d8aef0629602511272aa62f993e40

SHA1
115c5f5dfb7f8637959c475aa590ca158d350df4

SHA256
565e373678c21f34ccad615083c22730f379d64f25520af9550509c0b214e7bf

SHA512
0865bb52bbd62c485b5baf45bf298208ffb13582f63a76af9932db73b044757da9b0cd8e4cb4805449797310d6bbcd7f018c5454860335e9f7ecd3ced786ada9

Download Submit
/data/data/com.contextlogic.wish.hack/databases/OneSignal.db-wal

Filesize
44KB

MD5
fb5d248b8781395404eef8b38b04221f

SHA1
fb020eb433bcb570526141ecea612c49ae4ed30b

SHA256
b7cc0ee24aa38827a352e2b2cffb9968e943c844a3ede5df1f578e9e66d0da42

SHA512
5335f213a2667b17e4142a9ad613a16ef4034bc3fae055d32fbb1cc62a2b7df73bc17d85877cacb5d633d141f769fcf103152dea5ed91ac33fbf887d763e6ae9

Download Submit
/data/data/com.contextlogic.wish.hack/files/Mint-lastsavedfile

Filesize
34B

MD5
c2f59b190a9e4eb9614155a9947f40dd

SHA1
a53a0898b2720974fc151e4af4748e4bbe84221b

SHA256
d8d89aa97b0c8d4b716eaea6715ba4f1c226bcd6b20c059a08220a5fb2ed8917

SHA512
737fa19b7c1f89ea06bd907f174d7fc7c6443e081a7b45748c6acd6a2e9b545c3e5b10ed2d4b4814f913237af2ae16616055f4cb0e64cf41bc80ffea43f0e81b

Download Submit
/data/data/com.contextlogic.wish.hack/files/MintSavedData-1-1710266125417.json

Filesize
3KB

MD5
fae790ffb64521d5267acc5ee291725c

SHA1
def6eff40fba055d0f5daedac0500b37be203c3a

SHA256
34595d03e1b80210f1c945d2d7489d5b16f303011d9ecec7dcfcb090b567507c

SHA512
99b1662533c6eb8ced7c05e6bbc2d2eeb8c74260fbcbcdc972bd3aea348c5f6ba8a55991760a1c589ae1ef408158cd3eefeaf21ddff40cedb00237fe68454040

Download Submit
/data/data/com.contextlogic.wish.hack/files/crashCounter

Filesize
2B

MD5
b026324c6904b2a9cb4b88d6d61c81d1

SHA1
e5fa44f2b31c1fb553b6021e7360d07d5d91ff5e

SHA256
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

SHA512
3abb6677af34ac57c0ca5828fd94f9d886c26ce59a8ce60ecf6778079423dccff1d6f19cb655805d56098e6d38a1a710dee59523eed7511e5a9e4b8ccb3a4686

Download Submit
/data/data/com.contextlogic.wish.hack/files/lastCrashID

Filesize
33B

MD5
743168f4b98e9836a85299bd3a394293

SHA1
edc36b306a8ac731454bb901a601327ac1ff1d67

SHA256
95285d7c90069c19a86882857774f7d3e9082ccdac7dc4ed9225d5496a459d73

SHA512
8e5b0116753b86eca6bb651f5074a1e2e3a385fd6c536c1f737d4cc70b3715a43eff828e6da105130fed49903476e0ee4abe75388a6b88e7ad917d8e483e015f

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/androidx.work.workdb

Filesize
4KB

MD5
6d3ab4d2958278760f3121859442a89f

SHA1
3eaae8bdc16b64d662c215014cd13feb34a52f52

SHA256
e27df07c3e3a64846100c74043256a38e61325c91b28443cbe1dc834a28d4b83

SHA512
a0ec08fdee0953f3faa9638782f011ecae932887bbbd0c434a4230c0a7809cb249b009d8af1868ef297c03cb22e2a1f9e30b2f4dd5b01cc7af8e24e9a7746990

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/androidx.work.workdb-journal

Filesize
56KB

MD5
84a66d9dc746654e3bc12dc9f1b620a6

SHA1
9da38af356cecf01b11e130374bc850045742627

SHA256
b53566ac57aba87de1ccf52ced42df7dfa2d6d68fd48a00c72edcfacc6cdc5f6

SHA512
a7e3e60e15a8fac1e48516994269b30167b8003bb05c1b749605d87510e66a2d7a0ecac9c13e0e3af255672179db5d3de880b83ada97165e829d232516baf4f4

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/androidx.work.workdb-wal

Filesize
28KB

MD5
0159421fdc2301848c7d439e7f9294c0

SHA1
52b9bde83ad20f332b528a7d6028956797ae1879

SHA256
b4e031ecb9477f0800e3e2fb493136c39d4385c6f91c474d551b31c21c0baa52

SHA512
5c16c749b335ee5dad91562e4d00882285793a3aeb90b6a1e09db9d20f4a8950c135c42605c6bc1dd6df56901863c842e62231f541355c906e9d70576fcdd669

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
0065b25fa81a00419f5ffed60ff2fc8b

SHA1
6d0fe73d7e7425d527aa428d09b0b6435af771e6

SHA256
2cdacb45742d0581e02bb3c33886954550ea3b999f49f1edc8ff5046fcc4672c

SHA512
7fd587a07690e3cc3a7682964a80dd8a18612639b2c5c3f59ca1f5d565ed5bf78e30879ca9f9bb5be71c0ad6bd162d74f05962534a7607cd5a0712781cea058a

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/androidx.work.workdb-wal

Filesize
116KB

MD5
5183fca019c433f1b1e5723d86e6292f

SHA1
b5212c42ce05bd4321d08ba4142089d3d883aa18

SHA256
941e3dbbad8a119a81126643024aca18783122602a052b6396774d9eab6e97fa

SHA512
4e3dd33292249a22423a55cb06d5ec944029df58ef4216975240aebdd54067068f0774edada8e3e8a10c258ab013a818f55a746c167bfb45c3296907b7366054

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/androidx.work.workdb-wal

Filesize
188KB

MD5
fee13c8d23c709c26c92a3804b57410f

SHA1
08da8cfbf2c1cb8e52ee6da989058288e11ef296

SHA256
40254c3eaff6927a6ce70910da27919f2edc8be6c9ac1bd7f9df09128422bcdd

SHA512
73ed4243f6d9b39bd0f149e5fde7752e3f1f6f23baf4243e3374d1bcf932fcaafcacc7917993c4501c416f11ff06d557c85c7bee9a87db93d87c1b1f4232a3af

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/db_metrica_com.contextlogic.wish.hack-journal

Filesize
108KB

MD5
f6518120f093fb29c8eedd37bed835e2

SHA1
3baa7e189ac3848e8f5498a61b8cedc85c868ccd

SHA256
eb4c8e689f74e0bf9239fddfcb6f4e4ccce41ba1703d5a8ec5c88522b06ab3d1

SHA512
5b2258026eb3d613797ef3151f38451719257261a3ed2c9409214a5b7076b52b0dc4866e73aeba6faf539d016325980e940232151cef8def1e42aeb832dc05b3

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/db_metrica_com.contextlogic.wish.hack-shm

Filesize
28KB

MD5
ea87b0dcf2cb24be07bb7552e51ca6f4

SHA1
3c7483b2a881e3a5156493d050fb6a8a6ef42aa9

SHA256
d92b1b04554f78e4038b1b2c2f47c889c8a2272df08a1b02a5484ea93b9807b1

SHA512
0ae12a5b89498cdbeb3242bdbb08b69dfaf24c1377a67716fc5b73240f6ff8a2573de6ff7fa3e3c405f9f500f2885c46764bc35907258912731b733c6263b10d

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/db_metrica_com.contextlogic.wish.hack-wal

Filesize
16KB

MD5
7cac2b73e01649a764e9b46c283cb940

SHA1
dc83c00d2f90a8bc8d91892b06a7f1ea536c999c

SHA256
8f8666174b85e578ac5097a6302d2aeaa5ff33770ed6e884ab1ca15f04c0f6f7

SHA512
2fd8ec953ccacc93df4a8e6a3add2d7afadb8dde5ca392be18c34d8d2e77fdc6508c6c6ba397529c17381c20d14e03107919049e940de893d325b723181766a1

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/db_metrica_com.contextlogic.wish.hack_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
668B

MD5
5776ffa37c001d9007374429ea41e8c1

SHA1
703fb620f148ef2e307e474d16c99883416cb73f

SHA256
240fa99680ac4b9817c5f202715816597f83726e28cd90f6c45a868769a6fd62

SHA512
3bbf8f1d1958c6ba2912a6c1e7a505961ea35f2e6f993fdf292699c4868e336ec54c72dd1239c2b3f9f6f9825c7c0c91f998781f22e5130852792746ffc94012

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
bc674b9822dc0f63d98be73a3a054190

SHA1
982b88416915dfaa63e14912fd013a22fb0824e7

SHA256
8fcb25b11f4c5a59afb448ccc116ea3268d84d1a862d7ff13832b08877c28891

SHA512
f05a125595ce6cad96875e5b06d65f04d904df976feeccaef7cb17b439047a278a6606fdb7aa9f203c8560ee8a2efd55b64feb2c1fd5df58dce01099315643a7

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
ac26a375d5d673c2a7b39bbe42efacaa

SHA1
a7384db83f153cce2cdd67a97a20df068f6ecd67

SHA256
001ea8b38280af72e70a8168524cfb2b07a711040948397d36fcace03b593716

SHA512
45e1842b55ebab067e53fb3c6ab880c0a652a951f26c1cae5363f429207db5f1aa56c821e89973612b73f9c0d186561221b6129db22e447ccd421b40342dd6bf

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
9deaea7b0391429af4986107df7d1cc9

SHA1
ebccd7780ca5033f1837041d3fdbb65b3fcc69f6

SHA256
c3d456e05f429ee6eab221de0a9150036484b4294ed4784b4ce144382ee95e5e

SHA512
bfe64cd416ec73d552c22c9df3b6152c97288857c26c5644da1499c7d56da9688dfa4d57d2a95948e249a787a62ccfc2c52624d882f438b01408447f3c912e7e

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
f8245320fcb01da479b4c7c430a51e23

SHA1
084cbec91a5498754cf87d3adf4dcee59e8d3e4f

SHA256
65978cddc1520a1a27d60321cc4552647f59ef665f539022ed8b5270197e5e9a

SHA512
35717af08a2bec68f90f9cc53a3e21ecc9f27a3f51ad06b913940472573fab5f14c67431613ca29d62d2418e80de6e8d223c706541d75bb7c6f6395c7e78c77f

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db

Filesize
20KB

MD5
5ae1dae9eb36649faeb07a94ca96e7f8

SHA1
9056cb35b999726d6576ef6ced55ca9228cb97c3

SHA256
62eafa0fe191047857cbfdbd6909930487f2216d260b4be27fd52e3cff6086d3

SHA512
e33d2cec8122673da3c8ffc788bf2984eac878f7dada265485d960a886ebfb00e17b12a30b546c959bc04c62a31d5646fda748df693e0bdafbb974abbbe77c1a

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-journal

Filesize
512B

MD5
430e6cabadace4f79ef2611a18c432c6

SHA1
633a7640ee8ce97ccd80c67f65e9d54c33cde3b1

SHA256
e61f156111b967f19a4a4d3903fd3924a48c8538f2d26809cbddddeec2045337

SHA512
ba478277578d0b9af7774e900ab698755e9ff1d462200ea0b23b3dcd71a32ad90ef6113d03147359b31c253fdfe39d5355ce8fe6d3ef1e903267334a3ea46d9f

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-shm

Filesize
32KB

MD5
b8e98bcdf954d1f238154e228b92ed46

SHA1
6330ce7250bf7479a22d23356d8944775ceee707

SHA256
4233968decef72b0d334880910afbaa3f33ec380688ff77a7052b4fc5924395f

SHA512
8e82a7eed46a48259e30384a33be717c6d56c9980c19574cf63fc41abff352fab5b5491cec05eff5a666dc5907353e29e064b9dad25285266bc8d219662a7061

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
19282924b85ac7869fdca9d9e0782082

SHA1
7aa591620d624b60b5e45e0a2408b1f7bb82ddbb

SHA256
12b6ba368e727b79920f1139853f8e8ec64c9761538370dad68cd0149dbd9052

SHA512
f8f089139e57c2ca4385c0241db6d4a324ae7ab9ce1e46398ba8c5fc8f8d666b843726403c99bedcc4674518c8cea9f3d8138d0fe11a3cba858330a7eba421de

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
34198ef779ccf0f6f02b981d24436d20

SHA1
5952ae4906058c8fd926caec20a230f18f1dd0f1

SHA256
574f13595886643ceada90db3f6f7932e96438cc38869c8380e7257bb17ad943

SHA512
8075b88f2c442797d5476d56a9be2f3d06f8220000e01919e50a8f5e047908f42d01ce43a754317c418007466d5132b2bf3373857f9db4b190f4f637ece9bb83

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-wal

Filesize
32KB

MD5
9279909b0124757084a18ed979614959

SHA1
02b2b1f8605cd3bec3709de42547ee2a518aacd3

SHA256
1a0e32e08b1114e9c19451ae37d457879a5a01aa0b86b73fcd58255590973083

SHA512
1b98363e0d42084314eb97dac4e74bf9b1f433d9f3adf9cdb85b32960b3e0396e82d03ad3e2e26c02965be6f854336aa1e6775282cfb2d4f6e5448c4458c8ba9

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
9ff4f809a1b63ee3bc7ad0513c283694

SHA1
342bda1109401ba115b3377b5806db1c884c5119

SHA256
ce3ecd063b17bffedb353e6af2e9f3a90db959749e3e8911360a359cf5a61227

SHA512
50bec024f6514d62d32f27ce21001f4be4e00313c43a4d1bb15e73955b4216786817699485938f0dbedda62817375f06bfbe6a31802759f31baa39c3ee4734b8

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_client_data.db-wal

Filesize
8KB

MD5
e4579ec5c9dfb7fa6799d42e370a693d

SHA1
565590b2e5b8e0b98d179873b7e0df240e157ff8

SHA256
b462bee5bf6899295718918620d9e9f594686c1ff46eab0a66434fe46421a983

SHA512
09774bde24a5533014c5dc03ec8e0d1d61e86ebefa27e2088b789043cd3c51d3083192bf0923950304143580211e885691a4f1620d8fe5b973d163fc0a9c9611

Download Submit
/data/data/com.contextlogic.wish.hack/no_backup/metrica_data.db

Filesize
20KB

MD5
adb7b33eac8f43c27d36c8d9a939a3b6

SHA1
73ff5abeffbb10c20260081292432bfdfe608dbf

SHA256
62137d440010fde40907dba3bd095a5ae4a731369963e4acb5891ad826da3ee8

SHA512
e878b502cadf41df3a5c106a79a94d4d1d1a8d044abf3ac425a5142ca3eb5ad7f306ae25c32fc87443c0723a7e114d2930e3d3ae62f89c5972dd9d7984b20149

Download Submit