Overview

overview

7

Static

static

6

9f6f8009e0...97.apk

android-9-x86

7

9f6f8009e0...97.apk

android-13-x64

7

sJoZqcggso.apk

android-9-x86

sJoZqcggso.apk

android-10-x64

sJoZqcggso.apk

android-11-x64

Analysis

  • max time kernel
    140s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    25-03-2024 13:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9f6f8009e0aa7fd7f7c831cf3d09b3ffb310fd4dcc0692c47afbdcb8b7e90297.apk

  • Size

    10.5MB

  • MD5

    3e70c102dace59929fe676eb79c20406

  • SHA1

    8a24def948f8c1df03df596955cab2573d4fa2df

  • SHA256

    9f6f8009e0aa7fd7f7c831cf3d09b3ffb310fd4dcc0692c47afbdcb8b7e90297

  • SHA512

    c8d3e8bcfd90fc146e013c7da6cd2ee13022259ff1553717b88b109a4861c95ce80807f2ab196dfc265c8cf26ca2f919a967fc46d8ff9895635cfc2653dbb680

  • SSDEEP

    196608:aKfoTDr+V6G8ju/nKExFoDE8mrPuUVWibyT3X737pcp3c+L2GGy:aKf6n+6juPKEIDE8gPuqlbyjX73FcpsC

Score
7/10
evasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.mycompany.kvb
    1⤵
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4239
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk --output-vdex-fd=47 --oat-fd=49 --oat-location=/data/user/0/com.mycompany.kvb/cache/oat/x86/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4272

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk
    Filesize

    25KB

    MD5

    b605d45c76d1b02b352c5e16abbe4835

    SHA1

    e0936d628150da2f04fa9e7ea5019dda31cb2820

    SHA256

    75c328022af1b7d4a613af59df5f5dc46311aa6ff7d9fbd4ae7b32ed5428bc31

    SHA512

    5d1c381b78f8d36365179f4ac7744f01d9ea1f529be531d5df29f680230ed42ffcd7b623c57dd1df785665ae759eb0639d2d106b8e40cf74a090aa8732a68b3f

    Download Submit

  • /data/data/com.mycompany.kvb/no_backup/com.google.InstanceId.properties
    Filesize

    2KB

    MD5

    4d4750d63b12b4ee0ae19c6c37ebee8a

    SHA1

    e098c8d0e22597f067dcebfbeb3b6aeb6b102950

    SHA256

    c01e300176dc8c8f8138bd47fcf095f8bfeafe2d96377c2d027346b068ef504b

    SHA512

    8940e266108957ccc8dab5145b66b96c8e2db693dc7cb381c886c0f0f2652917de9c6e15d63abf134bcb7f9aafd267282fe661bff588aa053f9588f819bf04db

    Download Submit

  • /data/user/0/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk
    Filesize

    9KB

    MD5

    91a72e43b56d920e1c765d983e183899

    SHA1

    fb2011a34a4fee09cb3287059e0f74f9730c5777

    SHA256

    ef49ba6cacc5f007143a735cc9f354fa2dc0e16102da05afb6631b94cb378eb4

    SHA512

    ae96112c83e4f3e758ca64b65f4f45394e4c11edba876acf782c49846b3a76f59c84af1a3d4a41f9eabf59bc634b89300a0ca6863f33c5a3bff5118660adb14b

    Download Submit

  • /data/user/0/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk
    Filesize

    9KB

    MD5

    895032666753fa2705307c6c83a95852

    SHA1

    1aa6a8e31416373fc77e08eb8720a6c5962db8ec

    SHA256

    38032744f14115ef0e48d4f8e3fdcf461d3b32356ab7eecb424ad7159611f398

    SHA512

    0af05f1bfd4827cf1f32f2870d68f9af0cedca07b6ab15536865d80dfd30ee90e0eb24aba0f1c3bd5a9790727713dd1f6b5440149e0ee977e0fc2c3d0d5637a0

    Download Submit

  • /storage/emulated/0/Android/data/com.mycompany.kvb/cache/crash.txt
    Filesize

    2KB

    MD5

    850b0a039dd6b3822ffb490fb4e6e786

    SHA1

    767aad07f02bb59f907d9b256f4566f41ea09fff

    SHA256

    76360533bb28abda578a10715fc3c03e24b58d25b7487421113c874b58ec04cd

    SHA512

    060bc3fd7ebcb538ba51cc316dde2941b789e23a72f46521ff61ecf1031b223e8e54132c2365e9564ea0d809c18db76e4faab2da78cd77976d6794607c09cb52

    Download Submit

  • /storage/emulated/0/Android/data/com.mycompany.kvb/cache/crash.txt
    Filesize

    2KB

    MD5

    c2c58109312f8f6b9776fcf9bd8d7774

    SHA1

    63c1c2d630cf251995ba7890aa7fd97b0ddd4a61

    SHA256

    7ac3b6c8136714642843bd748aa797a731e2db03ad86e42b7ccc6e0299d3e438

    SHA512

    7d338521be8af5e47d6635f4de4ee1e95780f714792d89b90b4ee242f880b46f1293e6b2a095a8fc1d8e9fadbcd6a16a446b30ffa3e7b58405cc0f718c41b790

    Download Submit