d0fbb58cdac0764cc9f68e5cb8f4fba828eb556deae4a12194f088a2d7393c14

Analysis

max time kernel
49s
max time network
68s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
19-03-2024 22:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Multi Brawl V33.apk
Size

278.0MB
MD5

0f57aa442aab37f959b763128a810330
SHA1

ed39b20706b2ea9f195c46a331aba37115c85e0a
SHA256

d0fbb58cdac0764cc9f68e5cb8f4fba828eb556deae4a12194f088a2d7393c14
SHA512

e94f6f27572b880ef24e1a154facf1c65a60f265c1a9742ffdf7c09bd0bb2459003fe8f3da036b7241490f00b57aef04e03408618f9d77dddd0b8f76a915697c
SSDEEP

6291456:wGmT0UlXiynXKMqbeVh2U3Nb5lW+eJq0SbPn3uWk/iRvGh7vHuNw1KRXOCEsi:wGmTbXZXPhR3NbC+eJpq+WkoYuO+Ex

Score

7^/10

evasion

Malware Config

Signatures

Checks known Qemu pipes. 1 TTPs 2 IoCs

Checks for known pipes used by the Android emulator to communicate with the host.

evasion

System Checks

T1633.001

ioc	Process
/dev/socket/qemud	com.multibrawl.zap
/dev/qemu_pipe	com.multibrawl.zap

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.multibrawl.zap

com.multibrawl.zap
1⤵
- Checks known Qemu pipes.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4493

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.multibrawl.zap/databases/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.multibrawl.zap/databases/androidx.work.workdb-journal

Filesize
512B

MD5
7f9780771262cdeafeba3b9e393fd93e

SHA1
77c929bfda4ef1adcd2d1caaaeeca66b410108f1

SHA256
1236ff24ddeccb28ee576c768ac8ba7dc96072689bbe69d9915455e10bb372c0

SHA512
c2ee0230c607a0a29f12a9eb5a0b444690c517e2388d4b1e61d9c366eaf4af5f2d81b772bfe5d297fe2cc703ba0270f023d58954170e1e075a23c1c549cc3a55

Download Submit
/data/data/com.multibrawl.zap/databases/androidx.work.workdb-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.multibrawl.zap/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
9e935f1cf69401dcc08648b7c4ec82d4

SHA1
2f98327d8a18a7ae8c9badd069a1378c0e7a10cc

SHA256
43116adf72bb9990a60f6c12473d9808d872c03996ef8e956964c1e4cb862f9d

SHA512
89a0765099abf3746d78ceaf808817068849d8cbc3e967ac31c0698168446f216f50e592bbbb8083d792565d77c52e442ee6e9c3540b01c172d2ed8650000c48

Download Submit
/data/data/com.multibrawl.zap/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
0b6f1ee83bca6db088ed194406d6bb43

SHA1
518315c73874a52ffe0faffc54a8c950f28cc1ba

SHA256
2f13c8f250d7f7304afa1408347255341bddbbb99b2f33a992bbd85b036d56c5

SHA512
808382a3971dc9e074dfd52888eae3235a1c602af0de3d221cbc1774d89363fe83804f7922a1dc3ed3aeaebac2280c9c84247d2f4357af6be1d21c814cbd6f7f

Download Submit
/data/data/com.multibrawl.zap/databases/androidx.work.workdb-wal

Filesize
124KB

MD5
0af1ce8ca6837ab104e11f474a166753

SHA1
0ff5665409255bb15d75b589f3f6a54371aff22d

SHA256
875621cbf64c7fcc4b2fcf695eeb2fd91e5268e863f9f0030c738a16613081b7

SHA512
4c86152012f4488a314f8fc2f1dc6ff2aeea2e013fda4ef9d2884d41c0750e1351d719ecbf6831746b7486cd4897ea1281c51b73664d659eaede15c1cda2c11d

Download Submit
/data/data/com.multibrawl.zap/databases/com.microsoft.appcenter.persistence-journal

Filesize
512B

MD5
5b45bf51a3323dce9235a18744635102

SHA1
614df59f8da06814229c8fd294a6e81dc0eeaa08

SHA256
47f57085cc8a627ef2d880b55f87cf88497094dadc503b3d9095db6d0e8eb9a2

SHA512
7e84feff45209bb701207ad0d81957635eb14a452dbcd13ba1936bdf7f2636f144d33e9d0865698a5c6fe9ca0cded261370bf597d50e3987a72a1a4887eafcef

Download Submit