Analysis Overview
SHA256
1773821368ba2d64667bbeecce5d6b42c943e6e93a7ba435cf420ae97d4c7b2c
Threat Level: Likely malicious
The file 1773821368ba2d64667bbeecce5d6b42c943e6e93a7ba435cf420ae97d4c7b2c was found to be: Likely malicious.
Malicious Activity Summary
Removes its main activity from the application launcher
Requests dangerous framework permissions
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-13 12:30
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral3
Detonation Overview
Submitted
2024-03-13 12:30
Reported
2024-03-13 12:32
Platform
android-x64-arm64-20240221-en
Max time kernel
155s
Max time network
164s
Command Line
Signatures
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Processes
com.tuneonn.healthtips
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.46:443 | tcp | |
| GB | 142.250.200.46:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.46:443 | udp | |
| US | 1.1.1.1:53 | w.gtrconf.info | udp |
| US | 3.141.96.53:80 | w.gtrconf.info | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.180.8:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.212.228:443 | tcp | |
| GB | 216.58.212.228:443 | tcp |
Files
/data/user/0/com.tuneonn.healthtips/files/Config
| MD5 | 266498062a5396207fdac7677f8c7ab4 |
| SHA1 | 291c49ed209258a11ea84048a7d7a43e82586f0a |
| SHA256 | 94686edd94606edcda44f97b53f1718046528de7dbcb7ce5c510daf022a8dede |
| SHA512 | 0fd6bb1970dd9e9b9e2c7f368402c9f3108e37eca8384967a7a4b3851f872adaf1ec415e51b70cf5f7b1dd06e6fc461b3d22105be982ca7c84ff2ccc32d536a1 |
/data/user/0/com.tuneonn.healthtips/files/Timer
| MD5 | 96572ae414fdb16367efeb21ddcc0469 |
| SHA1 | eab63c8d8c46288b479c61004b28f95288a0d907 |
| SHA256 | 6c7e9a1703eaa983e5a6066739aa5e1d5e6f39ee079129521152ca52d5abba6f |
| SHA512 | 89c7b092bb499a6abfa99745c020cbbe59e93451f3af0281bad387e7e7128434293e84c2d80b9d52cf2486562722e3a581788788c08c02de01b371f56acfc4aa |
/data/user/0/com.tuneonn.healthtips/files/Timer
| MD5 | 48342ac8e517b7434942c0573e105ec1 |
| SHA1 | b806f3134d3579ea0c2dd981e6383d8a6f510915 |
| SHA256 | 49206517f076ad2b53cce11e86c8680ab5a3a1a4424bd54d4ea7e03973538fd8 |
| SHA512 | 78bdb31e251b6d12aefe62b1e1a298d7c701999d12dd817c7254511480f46049e9ef11eab481aab09ade8b545c37d0b9270719459010abaca4649af2ea38b5b1 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-13 12:30
Reported
2024-03-13 12:32
Platform
android-x86-arm-20240221-en
Max time kernel
150s
Max time network
132s
Command Line
Signatures
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Processes
com.tuneonn.healthtips
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.212.195:443 | tcp | |
| GB | 216.58.212.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | w.gtrconf.info | udp |
| US | 3.20.137.44:80 | w.gtrconf.info | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
/data/data/com.tuneonn.healthtips/files/Config
| MD5 | 0d2c8c3ed1b3ab72e2df454f54598e7c |
| SHA1 | 7e505e1c6f80686de315bc22a06585f25915fbf2 |
| SHA256 | 94d5887ef857bd018a1606eafb20e61c319c38a63208bca1a9651aa4a132135e |
| SHA512 | d5962fe12b0a481f08cec17475e292d2a171b662d4e976aa3288a56d1727796254fb50b1673ed1c89be33843c8e1436ca6daf82d19b18d993b45e7c6e8f7c9dd |
/data/data/com.tuneonn.healthtips/files/Timer
| MD5 | 4304c7415ff67be90496ea1ef90e686e |
| SHA1 | 9e44aa7a8c5bfc45c04db5cf5e221dddb0e388e7 |
| SHA256 | a7d0dba3fd8dbb1fec54bc7c0709c5e4d6af377827df22cfdb0571ee97f02950 |
| SHA512 | 5ebeec34c93ffb873fd383275bf88b493490f193dfc565179eec7a00f92e88409242daefdafa6d06b87113ba6ab8aa22855bf0d2e9788deae07a6767a1ed0973 |
/data/data/com.tuneonn.healthtips/files/Timer
| MD5 | 93e967055c2ca0fd170677de3cb89402 |
| SHA1 | aef0ef1c104c6b9ca339b4f0a5ae2fd6d7f19daf |
| SHA256 | 71d971c42bd55babbadfa2fa340cd06afe641fac6b5c1ba461faf3ba0ce15d2d |
| SHA512 | ea0a8fa8f9a316ecd80b4ec11515a4f09c95ccb2c7c764f0c6aac1e69106f05ab0c5f80e01dcbfe7372bb0c0a5f259ce79bf30f29d12f9a3140dee9423391636 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-03-13 12:30
Reported
2024-03-13 12:32
Platform
android-x64-20240221-en
Max time kernel
150s
Max time network
154s
Command Line
Signatures
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Processes
com.tuneonn.healthtips
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | w.gtrconf.info | udp |
| US | 3.141.96.53:80 | w.gtrconf.info | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.169.40:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 216.58.212.228:443 | tcp | |
| GB | 216.58.212.228:443 | tcp | |
| GB | 172.217.169.66:443 | tcp | |
| GB | 172.217.169.14:443 | tcp |
Files
/data/data/com.tuneonn.healthtips/files/Config
| MD5 | 2170a82a918e3a83d09359e8713d3f97 |
| SHA1 | 9c39adab54d53e6586d0a272ee639bd0c747ab5a |
| SHA256 | 7085db88ae7bb390a23a2c52f3a58da0b10f8c5fc75c56d2dd1f938839e30f95 |
| SHA512 | 49e7c846a54c5eb16a5df767e8d9784f63da8de3fc66788bfe77c116a06032a516c4f8c2e6ff0b1aa86139687f38cb1ee9cc333b705327e28c4ce772b95dc3ed |
/data/data/com.tuneonn.healthtips/files/Timer
| MD5 | 52afe9b5e624c6f5bcb9fb043a0fb6f3 |
| SHA1 | c2c7b3a262f70577c6165d49890649283439b1c8 |
| SHA256 | 8ded5d996f7dbe3c48c739b70b685c31a573eee8cc01b8634c86914a934a8ede |
| SHA512 | 82a70a515045c3f53726b10466ecbfb9e865693cae6421fd20f808e7e40af39bcaf7f1a0a4699a4d70718e9f5ba16ac7c5078e95fc7f59a25cd3f8d1b3e19c62 |
/data/data/com.tuneonn.healthtips/files/Timer
| MD5 | 53a1b1e09680ae942edb44f2baa66d51 |
| SHA1 | 718fa79e6d70b625604820b37656b8592bd23e16 |
| SHA256 | 1af56607c65aec630f119a95a5ae5ca7f9f968ab53470c2b7012752f8adfe122 |
| SHA512 | 717ae18f19e037899921262fd70e5363a564c811154bb1917d99c74618ae525f7fd14bd57f54875eb45024c01f6a5618f5275e1491940e8824b4852e4338a93a |