Overview

overview

10

Static

static

10

144778790d...8e.apk

android-9-x86

1

LenovoSafeBox455.apk

android-9-x86

1

LenovoSafeBox455.apk

android-10-x64

1

LenovoSafeBox455.apk

android-11-x64

1

LenovoSafe...15.apk

android-9-x86

1

LenovoSafe...15.apk

android-10-x64

1

LenovoSafe...15.apk

android-11-x64

1

nb.apk

android-9-x86

nb.apk

android-10-x64

nb.apk

android-11-x64

530b4f4d13...5f.apk

windows7-x64

3

530b4f4d13...5f.apk

windows10-2004-x64

3

bd8cda80aa...2a.apk

android-9-x86

1

bd8cda80aa...2a.apk

android-10-x64

1

bd8cda80aa...2a.apk

android-11-x64

1

cc9517aafb...c1.apk

android-9-x86

1

cc9517aafb...c1.apk

android-10-x64

1

cc9517aafb...c1.apk

android-11-x64

1

d257cfde75...20.apk

android-9-x86

8

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/03/2024, 01:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    530b4f4d139f3ef987d661b2a9f74f5f.apk

  • Size

    27KB

  • MD5

    530b4f4d139f3ef987d661b2a9f74f5f

  • SHA1

    cf1267119890c3b663fbffe5fbf4d8116316d88c

  • SHA256

    fa538fc20af8aa198db5e932b2afaf9710633a49cf3e19b7465175520e3e8b47

  • SHA512

    bc86a69e2a525bcd951d336b97e5ed99a75223f969b5ef4c77293b9a04f746263eaeb4f164e0c31389801c294776d30bee8df6584ac102196902d09d5f100eb4

  • SSDEEP

    768:20gSC730q3+QRzjuBR8zlZtkDd1BKgTeawda6I6X6l64vfiobQTbv3yHtAN8a1LY:2Be/c/ShUWaRW7

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\530b4f4d139f3ef987d661b2a9f74f5f.apk
    1⤵
    • Modifies registry class
    PID:4208
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads