fc0c4740929afb409b354d3a1f8aface311412fc685f656055121d758c8c4c40

Analysis

max time kernel
16s
max time network
147s
platform
android_x64
resource
android-33-x64-arm64-20240229-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
submitted
27-03-2024 02:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

thunder-vpn-5-2-5.apk
Size

6.0MB
MD5

20c088b5bbb46bca2ff503a12ca45425
SHA1

a2841360ffdb0ee75d09c09ab5215d8f3158ac95
SHA256

fc0c4740929afb409b354d3a1f8aface311412fc685f656055121d758c8c4c40
SHA512

80b99a103665fa959092a85ece9ba53d878eeb0c26d6114152043f24f19272d24d09d18d1374bdc98486245dc13649de50b2ed8235fd446e571a81eea90e8c47
SSDEEP

98304:CjwJLRaAOTU0zV7AF7sRdYro3A5/O1TJ/U/gWvS0L2HPkrrxDyfraQzzRrf:CjkgdVFmydY7EVBU/gx0qqFx0Frf

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.extensions.jar	4288	com.fast.free.unblock.thunder.vpn
/system_ext/framework/androidx.window.extensions.jar	4288	com.fast.free.unblock.thunder.vpn
/system_ext/framework/androidx.window.sidecar.jar	4288	com.fast.free.unblock.thunder.vpn
/system_ext/framework/androidx.window.sidecar.jar	4288	com.fast.free.unblock.thunder.vpn

com.fast.free.unblock.thunder.vpn
1⤵
- Loads dropped Dex/Jar
PID:4288

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fast.free.unblock.thunder.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
da4c81d9a032121236a4ed034c0cc9d9

SHA1
6ea1d3d14a34c4dbe056fc4380747d3970cb3498

SHA256
30b7dde5771b5ef3cb6cd033fa2b1618a0674f41f47c1441855f3da24887a0ff

SHA512
e61d8e6af3d48cc6e95e34568209bc24308db9d751dd1451538907df0e7caa67e329c4615911b0c6614275f3e5cfb2a8a38288f5818487c5d292c18dd857849f

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b7d75f4b07658062a40f5645b79de5a1

SHA1
b897dc355dc2cb71f571260e631b1e6381eb8618

SHA256
f34ac959114f0653b29b1bcb8fc807626ebfd59b75562a778fa3bb14df659b2d

SHA512
ae7a35f8f87b8fffef83817595a545d6edbe473be7d1fa2fec96a0e32ad1132045e7ffd94e5ba88f8ee81766e52505578e61200e02f4407ce252eb19a140961b

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6c1aed68c2c8d4b90c44d0c64a6dd648

SHA1
95c0378b3ba4f13fdc419935b3d1cc759857b263

SHA256
3dd658d9931a844dc1f620870734ca74132b13b3ce7ee38102388487bccde748

SHA512
24b1ab0b557f7ebde856377748a48555252ef603e0f3f896a08a804a222d3bd1fdc2a9f2860c56613ebabb029c6f2abf1ff8d2c53710de5f3627078a45e23dd8

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
1ca79fb6487cb734cbaae2a7425a7775

SHA1
15f4336737237224f8d25d7481b3a4e77aab52e3

SHA256
a223de65351af328f06eebffab69136f43e8bcc922ffecef940035223963c63d

SHA512
e53de2af1f9d276ebd799f67b7b0870d27aff2454ab69ba5f69de18c646ea6a16a89f16175ac5ce3186a274bdb0cbd38eff3090752d4744c845c2fe9eaba8eb6

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
97f85dfd6a166c29c0c908590200224c

SHA1
333b42cfc0c0e21d3adad7a536a6973a7debd0be

SHA256
fea1aa30893ec5e0054c84bc9b158fa961de614db96e1dcc9bddcd3f30ece3a6

SHA512
71aaf0adb6060f4a817556f5b84fb34a2fee80cd4b4d839cbb1347e136d371c4e2007d5845b3e91dd294bc073a29d1ab8a2f42f35d8abc48e87644e497ab249c

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
0b455216cd55b4f6a09cf1a6a8c2e2be

SHA1
c86d70b35cadfd85f68d5260b9fe76e7239b255c

SHA256
477deb93a9e873b41b4e2b4e089e1754a82a2bc3fb3e6f96166a26134860fb76

SHA512
11a2728aae56ddaebd6bb7558d3009caf798423543c2669b0763740d0cf6af68bdbfb9846027169b4b27d96cb64d649495b9fe502692673a0571f5acbbe16b8f

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
1cbad90e404b9d5e03e8474d2ae0f354

SHA1
3b59aa686dd07e01ef9d6b7ca6c830b578ae0afb

SHA256
ee670a39a2e1e5375643814fa55684cc3c8e2b37f1031a40c424e7556bf1320f

SHA512
a1d6afbba87d7d60cf1d27e879adc6896dd9b057a278361db3c21ca09da082fe0a9e06fd35fa6654eacaf36f26de286238ab56ec1da296ff97d55caa1a253ade

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
60e528579a82eef2c170fddbc9edf297

SHA1
89a6d24d770ab903faeeea434865084c8bff60b5

SHA256
8083067a94a4a688493ef01dd2d0bf245e5baf171ba5127319ccc80078492a06

SHA512
41cc8504bc4451f5ac238a80d7ff80aae72efa2203e8769a55a0e353211d9ff2549abc720e11efc13c9e9f4e963ab5407e7b505d5fa93e769ba4ad9892d7a17c

Download Submit
/data/data/com.fast.free.unblock.thunder.vpn/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
6b096376c19adb6157e9ce4d8a025404

SHA1
f39cc8f0b30a6852515a4e8e6314b138b0a6daa8

SHA256
c0f5c27fa7cd508175ed9482648b6f04ed9931fdbed14df20992b83bfef38b8a

SHA512
9c3fb809ffd3a7c5241258d2c9d81840742e462377c071b363574723ab3d7f8599a8495c1467ae023000cfba3cc9f26ad962bfdd8463624ac85cb3489cf78f8c

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit