Overview

overview

8

Static

static

1

ee49aebae7...04.apk

android-9-x86

8

Analysis

  • max time kernel
    62s
  • max time network
    82s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    25-03-2024 12:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ee49aebae77cb10f34baf079a2229085f9af01817b8cec2f26785e5783f2bb04.apk

  • Size

    16.2MB

  • MD5

    caf889f1b553b584001eddb4fb9351a6

  • SHA1

    dcc4cd77221527b57a7ef401ed73dd2c53c1571d

  • SHA256

    ee49aebae77cb10f34baf079a2229085f9af01817b8cec2f26785e5783f2bb04

  • SHA512

    5036f1557e1388d354cb91dac5f79cc08d16b786ee9942874be11d95603447950d8ca45182a00500ad63e21a8e106bc6b7db15650de4a53b1ff99fda5bec0592

  • SSDEEP

    393216:A+WltN+zP6dBES/ct/Q9I3/U5IuXKPSMy1d:SLNIP6dGSa/Tc5ZKPSv/

Score
8/10
bankerdiscoveryevasionpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs
    bankerdiscovery
  • Loads dropped Dex/Jar 1 TTPs 9 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.teamgm.radiou1tirolgm
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
    • Loads dropped Dex/Jar
    • Makes use of the framework's foreground persistence service
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4315
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.teamgm.radiou1tirolgm/files/audience_network.dex --output-vdex-fd=59 --oat-fd=117 --oat-location=/data/user/0/com.teamgm.radiou1tirolgm/files/oat/x86/audience_network.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4522

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.teamgm.radiou1tirolgm/app_par3cyby9sa0c1wtgldi/radiou1tirolgm.ext.jar
    Filesize

    391KB

    MD5

    95068065a61979c92a47b53d2dcbb4b6

    SHA1

    4619615ed6daa98146c2c52f2ff54d9f57955f83

    SHA256

    66980437848d19ecc82c2a2f6bb67c7b5afdeed37a95a2487eb2779d0acdba2a

    SHA512

    d783091d28de0a668e3ef420aba2d4c893d4fe75b7f1e6c66c36add50de117e2edb60b9b48b62419d703903a2a863c57ca9305deadec1a56849ea36783cbe86c

    Download Submit

  • /data/data/com.teamgm.radiou1tirolgm/databases/radiou1tirolgm.db
    Filesize

    38KB

    MD5

    71e666a6da1b9f3d56507c5531a55322

    SHA1

    cf0486bc01af9a837d4f25bca8c58d7dac8da1b6

    SHA256

    07c86cda75c5899d1c3ad23086a8cbdee702a8a16ef1f766ba22db8dba0b1b39

    SHA512

    70b8011a12640664db51d5e581be3cc49f6a7a44c4774a9ff5aeeb4c3fd6e9f127b430de3c3e5412694eee08bec63042842b6da3c5e4aadeec4acf7cd7ed1666

    Download Submit

  • /data/data/com.teamgm.radiou1tirolgm/files/oat/audience_network.dex.cur.prof
    Filesize

    361B

    MD5

    33c20d41fe2546dd8db4a64044422389

    SHA1

    38b5b64638ebd26dc8db40007f0aaa32f4a11c8f

    SHA256

    7b90b9afd18e57102ac0cb80f8ca76342561307085784c4d774a0a6a658c2252

    SHA512

    ea457ff73a42c22e23fca8ca16616195065f789f812795d3e1bd7b171f2fcae5fed35968ecab7e89d127c58371e8c4a786db9f23d1ef2cf0b5b8383cd1e272f3

    Download Submit

  • /data/user/0/com.teamgm.radiou1tirolgm/files/audience_network.dex
    Filesize

    1.5MB

    MD5

    2cd149f5224107dd4c461fcdf97a7209

    SHA1

    27598da150acbccf1a83140888d8282dae8169e2

    SHA256

    12da0363d06405b51caadca39b65086830f9a07a24835b774d70c0ebb959f3c0

    SHA512

    6871ef96fa9b65c216e16e15ea3a28ced180233ef68c4e33f99e0fe3f284c080ff402f734a3394e7003d97310d09d6eeacb3368ba35ab9a68dfc672efa90152e

    Download Submit

  • /data/user/0/com.teamgm.radiou1tirolgm/files/audience_network.dex
    Filesize

    722KB

    MD5

    43a287cfbb1dedb3288413a538935461

    SHA1

    fe9ed687c5e4c111d222a4f3ab4edb77573a04d4

    SHA256

    7d82c2d8e705807f44aed3069a40e77314bbe14780af58cf7f1f7c453be2d565

    SHA512

    b13cf3ea9c92adc79eab8c1de5604148fb4c7d5638a402c13229b03c55d5e5204ef75002d2ef99309836e48d3b4f66314e527b599cd55ac69ad8a6fae1865356

    Download Submit

  • /data/user/0/com.teamgm.radiou1tirolgm/files/audience_network.dex
    Filesize

    897KB

    MD5

    7a10c0f8d29e4e28c6442a29349b7cd5

    SHA1

    59513fa4e764277f82ffde0e671e3d80fa1e5ccc

    SHA256

    6192d5bc44d4df5d0f633303f2eece5d497a27217abcb1fcbcab5462af61fe6e

    SHA512

    090f4856a5cf81968c4a16c91555bb0e75ad05a3e8eaeafc90416a1449912bd0293493b79eb38d8ba225b51be6c0b869b09349f7d628eda99c3bab98d86b11d3

    Download Submit

  • Anonymous-DexFile@0xc9719000-0xc99bc2b0
    Filesize

    726KB

    MD5

    5adb7fbf3ff6773593e5071eb57a21f0

    SHA1

    6ab3ad517ab10e2e2ffd4c6f60b163bb9a4c3987

    SHA256

    20f22165a66c27a7eecd602333e0c54c92d2f1f0d68fbd2afcc32711f1a8ac50

    SHA512

    ccad8f8bbd2f7667d4a757f131557c21bfd729b8b842f2ea88636057b037a6264c3ac67ee7dee097ae323132faa9e45d44c9383b2e0bebe841122580295abe37

    Download Submit

  • Anonymous-DexFile@0xca202000-0xca31e3b8
    Filesize

    178KB

    MD5

    70eb9002ccc2156cb84494401e07987e

    SHA1

    9ab9eee0b7acd16a5b8b94f6507da8aebad34127

    SHA256

    685785b04e78d75a28996accd35c5e0c35b11c30b71c54e495c6b75884da4bef

    SHA512

    20be79f19fda9a2d9eb2d8709e1f112a1ffabf9433c3386a31f364dc4318c5b8d6d006df302c79dd5a86c19210b03820ce33240cfdb3ec44ee582e0d9803a6ce

    Download Submit

  • Anonymous-DexFile@0xca333000-0xca417d64
    Filesize

    74KB

    MD5

    44213b65e4506ea5b2bb466d1121a06e

    SHA1

    da76eca66a37f7d3e531a49a871aaee9b3c2edf3

    SHA256

    54a4ff3bdd8a9b3825adc9603fe60c7e59d5b2696f697e86b33eef91e0311ca8

    SHA512

    f00884b26f375468fc543ced2a38f785285cad9b90b68ee9f815556563dff4a24f8eb9aad36809a6bdfa884a08f12b067a6ee20ce684690cb44378f0f382f1e6

    Download Submit

  • Anonymous-DexFile@0xca77d000-0xca7e8df4
    Filesize

    64KB

    MD5

    afea39c67c6c37991ab90afd5bad1490

    SHA1

    b8d15a55fb171b5cff416ffd69811f8ba504d73c

    SHA256

    c59a0e253ea7de98bd9cf4c571f5cb7b88c64c6c22e1b638e3fc1aabb600a1fe

    SHA512

    b019a3c29f32958747c1d1321b3468178acb1b3da8f0de305ed768ea6695f9d7d1865c0b3d57ba23993bb95f1e05636cca633aecb89d32d5f74d5fbcbedf0088

    Download Submit

  • Anonymous-DexFile@0xe6b62000-0xe6b637d0
    Filesize

    5KB

    MD5

    665ac65d00f1d27b3e8cc4e8d917b8fc

    SHA1

    8a04a179acd5e213e8f2575156305ae25e409d4a

    SHA256

    20eb13263f0db02ce10a6aef8fbedea37aba6644b47cd172438ca36b79d2ae6f

    SHA512

    ab089c1435ae1546491d9ce603281e0a4c1958042cc17fb35007ce59af3e974b10053771aafb33b007c3d56a542da3027c42a35180795732401dc6fb4c13ebc0

    Download Submit

  • Anonymous-DexFile@0xe6ef2000-0xe6ef3b40
    Filesize

    6KB

    MD5

    067795608a1040c57404155ffc3eaca7

    SHA1

    df45650f6ec29b757fa24f0c50c57a89702c9c6f

    SHA256

    33639933403ea02516910043cd9b2d6365ceaeedb0370ff6901f77fb67a43fde

    SHA512

    7341f713871e5ebe26379726981f76df0c63180434e597e7189f66330f7a9508559ec44eb47538ffba1a6813776adb55f6a72065cc4b5e1972519612d983cf69

    Download Submit