4deaf9b563854ae9a724ae46ec714566064fe5fd607e2880d742b240b9952f79

Resubmissions

15/03/2024, 18:37

240315-w9rt9sfh6w 10

15/03/2024, 18:36

240315-w8z49afh4t 10

15/03/2024, 18:30

240315-w5nxtahg83 10

15/03/2024, 18:28

240315-w4s55sfg3z 10

Analysis

max time kernel
47s
max time network
60s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
15/03/2024, 18:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

rata.tvcreator_v1.1.apk
Size

13.4MB
MD5

aa725d2639cc248c60b018159dd753ff
SHA1

f46ea732a40b3de67283e8e43b24bb7e71e86380
SHA256

4deaf9b563854ae9a724ae46ec714566064fe5fd607e2880d742b240b9952f79
SHA512

6421936323db77cb50a51ffa79e3d45503fae1cb523c709f7ac155359ec8bf26dfc4dddf1f20c875689c95784b6a37c83688d03527b810d15a73ba877fa681aa
SSDEEP

393216:mT3XVpmsqRSeYhRux8uIFdzDYFk4rVnbbE5:mDXfmsVh46dMk4rVXm

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/rata.tvcreator/files/audience_network.dex	4466	rata.tvcreator
/data/user/0/rata.tvcreator/files/audience_network.dex	4614	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/rata.tvcreator/files/audience_network.dex --output-vdex-fd=89 --oat-fd=93 --oat-location=/data/user/0/rata.tvcreator/files/oat/x86/audience_network.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/rata.tvcreator/files/audience_network.dex	4466	rata.tvcreator

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	rata.tvcreator

rata.tvcreator
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:4466
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/rata.tvcreator/files/audience_network.dex --output-vdex-fd=89 --oat-fd=93 --oat-location=/data/user/0/rata.tvcreator/files/oat/x86/audience_network.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4614

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/rata.tvcreator/databases/google_app_measurement_local.db

Filesize
16KB

MD5
154582d0677a15ff43f037f3fd296326

SHA1
f81e00f9f7f31e5a086c0b9522dbdc498e25ebbc

SHA256
157ddcad0c0107b879f4b7d1380b9ae5a3fb9e62ab3e35a593eb930f93a8cc31

SHA512
0fbbec053122e8ba009555026dd96d76eeef76f1ff136ac7b61775feaaaef11a7ac4e4e36ffce1b9b41d96f8fe66bb5821935771fb34fcb20c981cc82e9060ff

Download Submit
/data/data/rata.tvcreator/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
56d5a5274d437db7c800aff497bfad3b

SHA1
56087cac95016d8fe4344a2ab97625197515e4ce

SHA256
5529b72f0d24c0bd2fc1695ee81df8818bde58cd68d9d8fcb3c6adcedd5e42d8

SHA512
ad9f3a8c0cf8562035f09f1fe8b5c41842c8a038d45f8d8d07171a50ff189364987e9e7c7570409102ff85cce2a58d55b275d10ce82b21df8d2f4650dadb4ec0

Download Submit
/data/data/rata.tvcreator/files/audience_network.dex

Filesize
138KB

MD5
258f6aa1796da924da183c0bbd124534

SHA1
2d651e77742c6acc1b90a64ef2154a1d2d59cfa4

SHA256
245f10c004373369f08059a3d1ce5f26eabd26603b715affa8cc7b5e5d9dfeba

SHA512
6a67cc6a166890680dad8ba8ca391d583b01c8974dad4f8aaf140d26ab627d0aa52c4f7aa665a489f0fd3e26c8b7e5e50339f830513bcf7ed9448009a209a800

Download Submit
/data/data/rata.tvcreator/files/oat/audience_network.dex.cur.prof

Filesize
345B

MD5
c5d0021da764cd51346983b322fa4fd4

SHA1
d20c264f53038dc3ff81f3907c283f5f179011c6

SHA256
4585265f02c3b02f18960c1f65413d83666f5416fd0488e6999eb75dd300c9fb

SHA512
b5bf81fa461bd3ad25a12a5b134f5a57232bd7aa40afb9b1e03831f28da0589f0c5ca4f08a75bf870ae62a44930287af990d054bcd2259f66f5ffdf847907b24

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
c1f01684b56395f50f7639f3754c2554

SHA1
470d701c56785ea34bf68d4d972a15576f92ecce

SHA256
30bf2927a607e2538fa1ac492a5a2a0f8e6c56de21f0dac052a08f14241b99ec

SHA512
fc1a4bf2aa6b1d4f80e7a29bf681598caaaae533161daa287a5a60ce2a9587d1d9797dee0b02cbc1208ea83214a4e756e723847c41615c5700756fc851467950

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
e12ee3655925afd4cea97d14a20ec82a

SHA1
25beecf7c8f88f2161cb68194d74005d2db7d09b

SHA256
0d21f6b78ef6dc4ce3510592d42fbba641ea583bb151a4ffb3c0d33c903df7ea

SHA512
e2dd3642d25420699fdafb9f7ec205a5b690bcb891ab846665626864e37370f7b73d9cd1ea26b7d38b81e94d3f273062f88d689ec68e6af63a4d20766aa977eb

Download Submit
/data/data/rata.tvcreator/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
c4cdd71a3213d092a6b3cc0a451e3ff2

SHA1
bd8a09a871c9795bd13ca12e6e5bbf3ae8fbc714

SHA256
6d700a507e15353dc7e8f25c794d82119bcb43d69bf79bd9376a8c0fa9bad0cb

SHA512
1da670f7c95573ca90421984ef240d62742eecbd7001e70bac2c109d8c30f40d788504ead70ae31da62600a4520b8c8fa358fe5ca5b35c0b72abe2fe63f99e5d

Download Submit
/data/user/0/rata.tvcreator/files/audience_network.dex

Filesize
3.2MB

MD5
692c6b1b89702297c59bd34c4bd1fa53

SHA1
f38cac946f03d7e869018acbdfe0ed272e11b106

SHA256
920e465a87a2409fc8d7186ea4e319c613c04d156bec75e8b91cb4d07b1deb75

SHA512
927048402fb314ef2624776b27317a6f996ea6b3d697d66b8b213d5be9559f24ae0dca8d2f8a9350d32310b8cab071933936640641d297ba522b3af60424df63

Download Submit
/data/user/0/rata.tvcreator/files/audience_network.dex

Filesize
3.2MB

MD5
dbefc015f722b31d41e6ce0dec958f3f

SHA1
64b526a96766345c346f226935b612a2e203d1c2

SHA256
2c5a36ebc9ff0ff5bb2e1e53949f0ee6c08b368bfc0ec4bf9f6b8d9175cbd8b0

SHA512
94b410d1db8bbaac796078fd7e83933c3db6b38fdf26cf5ab1b5bee9d0612455a17d264f5fd0570181beb16d78b6d69be0b8a798c45ad4dfd99d4e1eb9ac9767

Download Submit