c907a1ec336853be4dc53fa3d3a73b24d983e098257cbb3d80bd380b6325ca8c

Resubmissions

25-03-2024 13:09

max time kernel
3s
max time network
40s
platform
android_x64
resource
android-33-x64-arm64-20240229-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
submitted
25-03-2024 13:09

Target

app.apk
Size

2.0MB
MD5

58dc1fe57bc9132feeeb681a028ef9a9
SHA1

23b5abe4a4c4bad259723e782ded29873ff0a3de
SHA256

c907a1ec336853be4dc53fa3d3a73b24d983e098257cbb3d80bd380b6325ca8c
SHA512

53ecba2fc42623544517f22f414529b9f42364686d03756988243c32f117758575059c757f81c2103e5bcf7716d7b2b828a373fcc9c81f2b40cfa70c4806d445
SSDEEP

49152:9sKkkpeXXPn3v+VpQ2HcjISMgIhkHJYnxgF2WU2VP3tMz:fkkIXvf+VpQ2H7hg1i+pDP3Kz

Score

6^/10

discovery

Acquires the wake lock 1 IoCs

Processes:

com.lyufo.play

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.lyufo.play

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

/data/data/com.lyufo.play/files/PersistedInstallation5745737601667198857tmp

Filesize
90B

MD5
533e9c864c0400c60c7a0bf146939ae7

SHA1
b2354f8608fc74c4dbf89212803bb21e78cb0958

SHA256
f886896f9e5fa3cd6424e58865819de19aafbe35a4533f2b1cfddc6e6f259860

SHA512
0c2c2689baf7ee6a6a3f8aca6aa1cf6e87a43d621587704c8df40b8bbe1187f8ec6c7a8c2be746330e6ab8373a047960f0709d30b3e7430f9bdff31cd2798317

Download Submit