9f6f8009e0aa7fd7f7c831cf3d09b3ffb310fd4dcc0692c47afbdcb8b7e90297

Analysis

max time kernel
146s
max time network
158s
platform
android_x64
resource
android-33-x64-arm64-20240229-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
submitted
25/03/2024, 13:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9f6f8009e0aa7fd7f7c831cf3d09b3ffb310fd4dcc0692c47afbdcb8b7e90297.apk
Size

10.5MB
MD5

3e70c102dace59929fe676eb79c20406
SHA1

8a24def948f8c1df03df596955cab2573d4fa2df
SHA256

9f6f8009e0aa7fd7f7c831cf3d09b3ffb310fd4dcc0692c47afbdcb8b7e90297
SHA512

c8d3e8bcfd90fc146e013c7da6cd2ee13022259ff1553717b88b109a4861c95ce80807f2ab196dfc265c8cf26ca2f919a967fc46d8ff9895635cfc2653dbb680
SSDEEP

196608:aKfoTDr+V6G8ju/nKExFoDE8mrPuUVWibyT3X737pcp3c+L2GGy:aKf6n+6juPKEIDE8gPuqlbyjX73FcpsC

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk	4253	com.mycompany.kvb

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mycompany.kvb

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.mycompany.kvb

com.mycompany.kvb
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4253

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk

Filesize
25KB

MD5
b605d45c76d1b02b352c5e16abbe4835

SHA1
e0936d628150da2f04fa9e7ea5019dda31cb2820

SHA256
75c328022af1b7d4a613af59df5f5dc46311aa6ff7d9fbd4ae7b32ed5428bc31

SHA512
5d1c381b78f8d36365179f4ac7744f01d9ea1f529be531d5df29f680230ed42ffcd7b623c57dd1df785665ae759eb0639d2d106b8e40cf74a090aa8732a68b3f

Download Submit
/data/data/com.mycompany.kvb/cache/oat/x86_64/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.vdex

Filesize
268B

MD5
08400ac760d9c6c51daa9769f4f47417

SHA1
d7202ed0d5caaa4e0b96bcea62a6892ece84e334

SHA256
0d3b41daa00d3b8c25ae6e9e5047d53842e263aa5612ae92711b35a07ee687bb

SHA512
3244703aee361f9a79f3310dadcef8b7762c9e85947189cdd359a06998b794558a6124767133083296b178497b915379efcf085c342114e0df1ae230020864c2

Download Submit
/data/data/com.mycompany.kvb/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
61df75ec00931f39f376024e6b2f32b7

SHA1
0d0cae176cf357044ac8ffedff96386bd406fbe1

SHA256
5dcb8f6320d9996ab1de220050f415d488f6a8da2696af0f72453a383841217b

SHA512
4c23240731ed5edc2e69a331122943b64400e4d1e1a988f1237cf9fc6b9870faff7039a9537a76f5574622922630ed59083b4e98ff9b156006552d952a50c024

Download Submit
/data/user/0/com.mycompany.kvb/cache/a5bcaae3458bbb33c03653d2e038eecb345184e077adb334b74a98c0a0aaa7201139d6cdf777089exz.apk

Filesize
9KB

MD5
895032666753fa2705307c6c83a95852

SHA1
1aa6a8e31416373fc77e08eb8720a6c5962db8ec

SHA256
38032744f14115ef0e48d4f8e3fdcf461d3b32356ab7eecb424ad7159611f398

SHA512
0af05f1bfd4827cf1f32f2870d68f9af0cedca07b6ab15536865d80dfd30ee90e0eb24aba0f1c3bd5a9790727713dd1f6b5440149e0ee977e0fc2c3d0d5637a0

Download Submit
/storage/emulated/0/Android/data/com.mycompany.kvb/cache/crash.txt

Filesize
4KB

MD5
56d76176475647acc2f5bb53c53d59e2

SHA1
152e462668e9c470257d2564bd0a463a6d1f0afe

SHA256
d52a6dff990f77a7b67ad3d0e61a07ea00a9a0eec448ad708d4b6f3d530083a0

SHA512
abb5cf1ce3d616c1f753c8507820a5057a5550fdff4679a5f98808f320fc7258ac656eca71674daf4e92215a130930ac02809ee3be8c46cb52aedab9c450cdaf

Download Submit
/storage/emulated/0/Android/data/com.mycompany.kvb/cache/crash.txt (deleted)

Filesize
5KB

MD5
7d842e01d9020b1b81ce2554e70c9b92

SHA1
3f29e1e94334104289b8d6af16dd37b519ab7759

SHA256
57c94c3d34c938b0a59b3548534a99afd691a35187218968c952c26668e2397f

SHA512
6914145568bdb991048a9b25ad1e210a02b557b12f1465a74a617edac7ed029e4e81377b2a80adfc7d0e86a5b59b522a30a98e64f2c4a5c45b27223b97a631fa

Download Submit