ca90b2965d1724dde15a69bfd487ec7c11042890819d909cfea858051877f7f1

Analysis

max time kernel
14s
max time network
158s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
25-03-2024 13:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ca90b2965d1724dde15a69bfd487ec7c11042890819d909cfea858051877f7f1.apk
Size

11.2MB
MD5

e04fc758062e42fb0093a77a6ce30919
SHA1

7dac015a66d8c45d762d0fd97ce8a5b39852fb24
SHA256

ca90b2965d1724dde15a69bfd487ec7c11042890819d909cfea858051877f7f1
SHA512

f2f710a1cbef97c772e5c420e0f929a0d3fc248c534fdfeed9d5372506c749bf2fcb1a1d5593cf0e30949b0d947bcc1fa7b093635441c4d1d94e905725457f37
SSDEEP

196608:q+DsCZNMpeRjO3npTsHdkJ6fP6J+dcBZuoSqQO2C3IOUEJUiuDd3V:dsCZNo3pTeU9JOeuofX2ROUF3V

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 8 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.ext.odex --compiler-filter=quicken --class-loader-context=&com.aceedutainmentapps.Max/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.dat.odex --compiler-filter=quicken --class-loader-context=&/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.uni.odex --compiler-filter=quicken --class-loader-context=&/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.stp.odex --compiler-filter=quicken --class-loader-context=&

ioc	pid	process
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar	4347	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.ext.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar	4320	com.aceedutainmentapps.Max
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar	4377	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.dat.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar	4320	com.aceedutainmentapps.Max
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar	4400	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.uni.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar	4320	com.aceedutainmentapps.Max
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar	4426	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.stp.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar	4320	com.aceedutainmentapps.Max

com.aceedutainmentapps.Max
1⤵
- Loads dropped Dex/Jar
PID:4320
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.ext.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4347
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.dat.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4377
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.uni.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4400
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar --output-vdex-fd=51 --oat-fd=52 --oat-location=/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/oat/x86/Max.stp.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4426

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar

Filesize
2KB

MD5
f2375c5199986cb5fa3a29ed90d53b8f

SHA1
545ee8987e3732d3ac54ed446f860bf5b7a78e71

SHA256
9b8e40ba09c81fbc57a869c16cdd71145a8e523b8e39ebc897980dd313ff3acc

SHA512
ecda78c02e58cd1a77ad9912da4012244b3d219f0285145ff2a446fca58729b6b6df9140f051a2c059aa5e1914b5acac586435eb2f888e6d0b12d9977f4f684d

Download Submit
/data/data/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.irs.jar

Filesize
276KB

MD5
10f0f2e3a222b464cae3a7f7cb88683b

SHA1
289736ea9d08a05941e597019ebafe39794fe7aa

SHA256
e59ad1e374220332c0782fb5231eb1edf585dfc825fa6a8ec98b9850f144d8b6

SHA512
b0dd3e3d7089d153ac866b666c9abfaffcf5370f3de82319dffe9899feff2f9ec12a9a53f4f0213e32e411f2b01b2068998417d4396ec996877dc3b3106f2303

Download Submit
/data/data/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar

Filesize
460KB

MD5
07f66394a6d17e9761959e67dadd5fa5

SHA1
5c8d1da75e1c16a6184134563aeff1a36d135918

SHA256
45bda437150c06e93d4ba6f82e88a24ad2ab1c2c5e443f184f7cfe69602b71d1

SHA512
c9559de124ea53c49fea84c7fcc996ac1a92c6d2b046659395ba91ff287fe2b2f142004c425295c6e5da0878a7e6835992900b75a07435340ba08cfa1c196578

Download Submit
/data/data/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar

Filesize
168KB

MD5
a4e00e4d85bf696382f6e61c50cd79ee

SHA1
20faf6ffc99b55bbe741a714cea2e1a00339357e

SHA256
f8ac4ef4b07341a27d2f237c74083fc1353a0ed0b73c5ecbfbfb40b2ed0ae397

SHA512
bd6515c7b726a6dcc1dbdeb5a4d7b87f5f81b4cfda0fe9408110f3984c8f7fd20a2bbd41eb841591b840ebb1139bd273440db4918bc376f6afdbd424509c6d9c

Download Submit
/data/data/com.aceedutainmentapps.Max/databases/Max.db

Filesize
1.3MB

MD5
5b6428578d8c4736d85ba4b0ddc81358

SHA1
1103ffab04afa0179761a206ad8b0c2c725bc789

SHA256
ac0b3f207f61d636a15cc1799a7f108fd3d8910579b92f9a9c2628080c81b797

SHA512
7e09372df1d3b2c420a94994f1972f3cdc11fc9b22451641584cd825186b7135f9b753faffbaee883589cd6bfc3183af1d24c43afee908bb415862afdcdeb3b9

Download Submit
/data/data/com.aceedutainmentapps.Max/databases/a

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.aceedutainmentapps.Max/databases/a-journal

Filesize
512B

MD5
113b46d354d61bcdc7002e54b52ea1fd

SHA1
099ac079330627ddaf7f2c3ec2c9a3a4d4dc70b2

SHA256
af8beb2ce0f547c60fff53347512af2fc8089d4e0d5aabe33b1e38483c136c0b

SHA512
f1621484a58033577038c5774df98fda62ea6691e174c5b08bfe7899095a88ef7b0a18dc5dca5c77d60346a39d9d11cdd0e9696f4e2e93b38ef8023aa91c658f

Download Submit
/data/data/com.aceedutainmentapps.Max/databases/a-wal

Filesize
16KB

MD5
12df9d49557d7189e4c11d93ad3669bf

SHA1
e5b3f5dd58511fa9dfb055d311bbfc4a28b9381e

SHA256
eb8debce74d2b85370b0dbca21cf6fad4effd2a6b063cf7e0c1b7680df424f04

SHA512
2b23d587d0f837ca37e771944680415ecfdec80162faa222b05427cf5cf2fa25a0bed0f94864ce3a620b99818bd2565051db461948f4cb85e969535bcc190dd7

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar

Filesize
6KB

MD5
21a22259fc6e64c711dcf1fe305a87a4

SHA1
cb4447b6ef133fb16329fb5ee2ee45bf6004fafb

SHA256
3fe9ad4ab45f864ceb450756b6daf77abdbaff00dc1e95f955bf7326a187d899

SHA512
b4c0e10cada9bdcf3744dc4646d71ab58567d9234821b4fb152e750db4d189365ce05781b3dffde8fdc6ddbbf740f6c00cae8c9ae221a9d6b823610fc6811102

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.dat.jar

Filesize
6KB

MD5
f73cf3c3206b574e15507afdfd1e7382

SHA1
72bed87254a64a5572878b37b069103aa8374142

SHA256
4709e9b0ad1f3a92c970017c2233d1a46b17f103eaf1ff4c60ed928593b630f2

SHA512
fb65004ba7cbebde12cd2697c048f7c2af215964eebb23035cf0bf3ee8302cd2a8480f2c8b4ac1292b361f475366c4aa3542b9b9ba4b8e1f223398e273ae58db

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar

Filesize
6.3MB

MD5
324e43e94ef6101ae0eff6039749ede4

SHA1
f459c9fd9e8d78c871deedac984e2d00393310e5

SHA256
3ac8cefb3144313b8881919dcfc17872896fcae38ba66c2aae837173a0934add

SHA512
9c380d443a826bbe319e8c14845e8fc9b5145106a9fefa212116d4f34cf0de7736bd45a2e85c7749f091e147efcbd7cca92b127d7c55e5f2ce944d4dab403294

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.ext.jar

Filesize
6.3MB

MD5
bf3bb4066ff99c5e81977bbf253fa0bf

SHA1
5fae33bedfdcad9c637f97c96a69668b207c947a

SHA256
21a2e145a6746292b7e6865618b1d9f7464034bd016552e24a8f3178a875141f

SHA512
eebc3c15ed4c07f493452dbd1d6a5f348b1c9f0599f0bffc1f4d74817b8305a433af21f241dfff90a3fabe4b9f133de30d91b9a310704b39b4ca87efe89c0b74

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar

Filesize
1.1MB

MD5
04296351293b42196f66aecc1afe172e

SHA1
53fa9577e740e587499c8556ae31aa7e18d75b8b

SHA256
9fa88a0783507c316e66336d37fc16ad8e8cf45ba701478c1bbbda52596e87ef

SHA512
d116890fad4112a62da9dceddb02e0be43a29847aa23721f5bd7168329fbd4a3994921ca3c2a0851e233366d37601c43eac977819f892122540aea438c1e2502

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.stp.jar

Filesize
1.1MB

MD5
49b91e17f8168f2d406b5cd32e34c9b4

SHA1
96054ee16e5dccae6de5b42395813fe5cbae0a4a

SHA256
31fdc6c48124540edf532fa66a36652f997ec505662320abc3738a8308c3fe4a

SHA512
d4117115f9e6fdef2ace6724d984f60e7e054f7423195bd2cac22c22101052070c29e1350c9dbe5869b067d64c5e29fe86671757f484ac04db2102e712115193

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar

Filesize
424KB

MD5
5281c31bc937e0486df57682e61c5c86

SHA1
ce34b2893d203c76bf90cb67d5a1d56e957fa315

SHA256
2f6654f61f0ab758f6825a38f078cf4a1bb1cbed1a99819ea18ae96634171401

SHA512
6219e0f2a04232ae6aec1736eefd00f696d1badbbaeb68dbff5254370281b2b82fbaf10c256e982004bca2fa3f4259106bc1fe6562850d420bcf283c1c8c80a9

Download Submit
/data/user/0/com.aceedutainmentapps.Max/app_0iggq3ynbo9rh05nlv7vi/Max.uni.jar

Filesize
424KB

MD5
3f5d5ab5cc80ae55dca1719549dc3627

SHA1
fc1a5e8b43ddd46c4d301127f9c2e07a613809f5

SHA256
adde7822a6f4b22b80e8348fe09d9d716e2f8519b8be926598a53463f43b569f

SHA512
885988fb4fb5b0a0b4c9b5f067c5b36a7fb7b731def6bbd3860832da215f19911b9a064973f74180461bace2bd04a2735142bb770783cb46e1b1d87c728497dc

Download Submit