4deaf9b563854ae9a724ae46ec714566064fe5fd607e2880d742b240b9952f79

Resubmissions

15/03/2024, 18:37

240315-w9rt9sfh6w 10

15/03/2024, 18:36

240315-w8z49afh4t 10

15/03/2024, 18:30

240315-w5nxtahg83 10

15/03/2024, 18:28

240315-w4s55sfg3z 10

Analysis

max time kernel
47s
max time network
157s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
15/03/2024, 18:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

rata.tvcreator_v1.1.apk
Size

13.4MB
MD5

aa725d2639cc248c60b018159dd753ff
SHA1

f46ea732a40b3de67283e8e43b24bb7e71e86380
SHA256

4deaf9b563854ae9a724ae46ec714566064fe5fd607e2880d742b240b9952f79
SHA512

6421936323db77cb50a51ffa79e3d45503fae1cb523c709f7ac155359ec8bf26dfc4dddf1f20c875689c95784b6a37c83688d03527b810d15a73ba877fa681aa
SSDEEP

393216:mT3XVpmsqRSeYhRux8uIFdzDYFk4rVnbbE5:mDXfmsVh46dMk4rVXm

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/product/framework/com.google.android.maps.jar	5098	rata.tvcreator
/product/framework/com.google.android.maps.jar	5098	rata.tvcreator
/data/user/0/rata.tvcreator/files/audience_network.dex	5098	rata.tvcreator
/data/user/0/rata.tvcreator/files/audience_network.dex	5098	rata.tvcreator

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	rata.tvcreator

rata.tvcreator
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:5098

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/rata.tvcreator/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f6f7f16cb21b9702765501234c8a376a

SHA1
26ef8a929f9fb05f3f4aaec9fc809776260a5dc4

SHA256
85cbf84df369573b57ab1b1f08a9e5fd65e922cd8210e331495d0b836447faaa

SHA512
84b8ef028366352662b401c303dba02d0ded34b6d1474f3a2a4e556667d9f6bdf26f7d41426575bcb96590a2dc2732d31010947eede26e730ef86fd1138489bb

Download Submit
/data/data/rata.tvcreator/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9a12ded5f32ec234b50ff0cb58a44dfe

SHA1
5163aff5689724838f05278d03e9eae5504ec371

SHA256
4c481242f6fc9ef5b430c95d4fbe3a2cc463ceb5aca324c3d47882dd0fdc274d

SHA512
5427f2155338d8113501ec35ce5ac0157bfe322ab212066052c74d6d8a6a867612f91eee955397d2d752aaf27664f22a8bf1550d4518c12187aa10de4cc47f4c

Download Submit
/data/data/rata.tvcreator/files/audience_network.dex

Filesize
244KB

MD5
c3f5091d2db8252caa1967726c6651d5

SHA1
bb90be8a67a4927304ed4e2790e097be2813464c

SHA256
f49321d9494237f6a7c9260f0c5ec3122f3b5a671dcb332fcd99f62febb01edc

SHA512
6d72efcc9db7ce6d11ff38abe683fb1b2f84ad0f54c932a8f2ccdde8c720a9a44665fec4c3e247ca885c168f52ab3571ede8b492eeb0c01197c67831da89f9c9

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
8df9662966e5dc3f354ef409f7168021

SHA1
427e93ad823f67aca85d2d889dd6aa42bf1d5dd5

SHA256
a5deccd5c26f2c126cc01b48ce9a1da715378c222513763226505f6750c3f27e

SHA512
2f291de17510241d270231a5af50af0756371a9827988d421fc1eaa4c2b7475f5f0d9f88acc3ed8d1df1dcc9286a204b608988d25c5c1a2a929b1b79e93c50e2

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/rata.tvcreator/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
6db1eaa7d7ab121f933732c487afed18

SHA1
96226658a3e2f718611baa69a0a69a7951b39f0e

SHA256
478bb5d13fb31516f436e6d8a76a1b67f6cb9daf2770e39cf18b3311c9343e46

SHA512
940a65d0dc6205e2369a0093d3df5d3cb3fbdb92bce64972c163f858b8c07051505d3e912da6d81958f6c069f53d22da686991ac747b480d1e616983dd86fd92

Download Submit
/data/data/rata.tvcreator/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
3158a438e5c5df17811b140e7f17bcfc

SHA1
fbdd23b64a639e5b3c44f0fbc3da097471102fa7

SHA256
7fc7385d78f90d8444d7490e99ff2ddd2f87a23772fe66c9bcc9a8c76e6b14b7

SHA512
1f7f4094be671f1377aa000ff6af88016a735af9d8067b6d06e05fdf45fc7428c7884ca2bd311b1efbaa67e4f73c7a4db5e81358169f87ab87cb60d970def547

Download Submit
/data/user/0/rata.tvcreator/files/audience_network.dex

Filesize
3.2MB

MD5
692c6b1b89702297c59bd34c4bd1fa53

SHA1
f38cac946f03d7e869018acbdfe0ed272e11b106

SHA256
920e465a87a2409fc8d7186ea4e319c613c04d156bec75e8b91cb4d07b1deb75

SHA512
927048402fb314ef2624776b27317a6f996ea6b3d697d66b8b213d5be9559f24ae0dca8d2f8a9350d32310b8cab071933936640641d297ba522b3af60424df63

Download Submit
/product/framework/com.google.android.maps.jar

Filesize
315KB

MD5
4899aca36d1ed747a447dcac0d101a62

SHA1
32e43edc0bf3e036683ea8639472e6cd31ab9929

SHA256
67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

SHA512
50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

Download Submit