545e1638a22602271762ce27fac8d4493b2b80b5b5de5abe256cb2934864c782

Analysis

max time kernel
47s
max time network
150s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
27-03-2024 09:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2242164a5dacbf84465af4b36743c4874eac7688a6ebcc44cdc93940ce1d4622.apk
Size

12.9MB
MD5

ecfb0e004eaa80c80e0361785ce2d2f4
SHA1

e078e9d6d27a2c5077e5c9d151df1bcb6a1b0320
SHA256

2242164a5dacbf84465af4b36743c4874eac7688a6ebcc44cdc93940ce1d4622
SHA512

0f5b2a2ae8a510930607a536ab5a57fd76d05c647ffbe43396f3d95fe68408a0ef6ccc4838ef4b5f9b4d2ad6545e6bd9b82fcf476d429b86d9dea5ca1766c1a6
SSDEEP

393216:uLDcQFEEfSc5avdRapbX5/E4VxSxGYoga:uUQGFep1/EAxJga

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

com.s1creative.vpn

ioc	pid	Process
/data/user/0/com.s1creative.vpn/[email protected]	4439	com.s1creative.vpn

Acquires the wake lock 1 IoCs

Processes:

com.s1creative.vpn

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.s1creative.vpn

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.s1creative.vpn

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.s1creative.vpn

com.s1creative.vpn
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4439

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.s1creative.vpn/cache/rndseq

Filesize
48B

MD5
d326fbe9b0145ccf5efbccbfc4aee720

SHA1
c820e3eac820d758c38dc3fbc82fd3cf251e581a

SHA256
302aa54589e24b5bda5c283ce900311e22a1b9f62a2ce9724afed482c879bbc4

SHA512
2c1a9c3828fa087f2ca0fc15eb622dcbae5734ed35ad4b496486b7b5fe4dee33e30f5f9623f3994506a7da9edd57d83475507d978754a31cb1eafaf38c132006

Download Submit
/data/data/com.s1creative.vpn/databases/InternalEvent

Filesize
16KB

MD5
1d62b92892393129a9a3dacfae3a2ef6

SHA1
5a42ea411c8dbd6d7c3f4ac36bc49919c5ff89de

SHA256
a9ca5cde23ccea4a436aeb8edd1e256f2bb3e384d025eff3681e136f5f530ca0

SHA512
155bed56e31a3c15215158417b3bab67c9d68e1c5789fa920b59936f94186a2ea8561e8d6fe00c79b4eb4bed8e93ab60042e0d605e69464d0671c0c69c2b155a

Download Submit
/data/data/com.s1creative.vpn/databases/InternalEvent-journal

Filesize
512B

MD5
872ac72a14e461834f7b67aa2105064f

SHA1
935bd3e6ca11dae6e9d077728c3009f60cebf0dc

SHA256
d9caaec44e09f9824432d8e802a3e4a8ad937a3ed9d109263c58b48d951f8f39

SHA512
0fb34cb66041d5b8c47869b6aa7980d8419b5f2313251345ca175bad354de4ad3a4bdc5904598c96fc0199660ab86fc0f8ba7026d1dd624c51572107df414c2c

Download Submit
/data/data/com.s1creative.vpn/databases/InternalEvent-journal

Filesize
8KB

MD5
8efdf69eea3f7931d33d5970155b3e20

SHA1
bac4fcfab5e74e02a0bcf6d2c7e1acbe0a8f5bac

SHA256
4d2318eb5e985d77890b96f0ba1c90f8b90fa236df7ef68e5f442c4c52757565

SHA512
3799aed065cb0bafd7738f43380a5880acb0efe6272e0588ed24341731bda47afd4ee4b9ea46234e8b7891c0eb3d9bdeea3dbe7d41c739e0f8a119a64202f560

Download Submit
/data/data/com.s1creative.vpn/databases/InternalEvent-journal

Filesize
8KB

MD5
ab69661d4619d0e146489521088420a8

SHA1
c93d734c4803cbdb9826ab21fce2f63c970ccc90

SHA256
3b02c28a1272ec5f9aa77cb80a326e7815ca9c6e64f6181bf589609c50d3fa73

SHA512
1997f8609fd2935e4bf12ef04a54293850e03c9ded9e1f3d522a05ac09fa3d3339609ac9631ed6bf26877af00f452792f589076c745ecc6bad66e03ee2b3559d

Download Submit
/data/data/com.s1creative.vpn/databases/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.s1creative.vpn/databases/androidx.work.workdb-journal

Filesize
512B

MD5
64e264dd2cb6cc0c8c595383b0186d30

SHA1
76925599025794fa2d40d54eecc30f60485b5c35

SHA256
f1a1b71ab8e637e582ea6b02daa098af1190cb02717ad6ffb9f6b616cfe289dc

SHA512
c88b6b5626d4074142dee948460a336c265f56666bf16e97c274a88602de40b76521e49d47b657337714b4ed53b29f1c3d5189033d3a993da35276be9a17443d

Download Submit
/data/data/com.s1creative.vpn/databases/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.s1creative.vpn/databases/androidx.work.workdb-wal

Filesize
88KB

MD5
88641e48f08608c694d083bf29614f85

SHA1
86c326ac1c099b64132fe99d12804eeb0d40c746

SHA256
c2bce2dff94cb6dc95104214b1fa547164f447560cf84f791c71ab99e1d93392

SHA512
bedeaf14e86ab51900997d07cc379103586043406c23ff8ff6e629553017af1b026fd426c4881e53c552cda19e2b91d88782557348122e5f5063d459b1f02da0

Download Submit
/data/data/com.s1creative.vpn/databases/androidx.work.workdb-wal

Filesize
16KB

MD5
fd563ecc133412f526844e62eeb070f5

SHA1
50ba9f0ab2836b0a83a487e3a92b66ed829d1a1e

SHA256
df0ff75d76bc564cf9f171f8e4c92e9f2c6763d3e36f804fd356861a5c2b9072

SHA512
1e1c06faf731efe5ae458da75b61e9e0b5f0057764afdc154b5d4f8cb0dc194aad79040f429751781936da69fff87c89f3d918fc0f64494c36ada95be7ad12d1

Download Submit
/data/data/com.s1creative.vpn/databases/com.google.android.datatransport.events

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/data/com.s1creative.vpn/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
78bc7ba2252d5076dc2e3a27aa0035e6

SHA1
9f5ae08301f3c3a6c9e7a67e208ca77db918c717

SHA256
99845da6c91da8d031611ea44bed8bc4662c851531f081d170ad1b7cd42172a7

SHA512
8466f94d77285c1761b709ebf0b69be5189432a1a52b241bbf366e30d17b5cd4ab12266956504a7c70067763b9cb1adc203d1f1875367d1fea1ad946ab768ff3

Download Submit
/data/data/com.s1creative.vpn/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
44b9fbe4d9b1c1beb9f6412d01569064

SHA1
d32d35e9436dfc1ee09f4287b3e66dabca06cb78

SHA256
3129cd9d763b8af8379f83c6df9aa6d95a0e16e705e73016da4c4fe99abbbf5c

SHA512
51d9f390e6115b0bef1d4bd4d297c92235ede337db55c28563d966905ca948b0d9933e78ce530b8a423c166904bfa6b67628aadc0aa0d47f27c87ba49534186e

Download Submit
/data/data/com.s1creative.vpn/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
406941cdabf3dd7900478802fe3eb900

SHA1
11839000b6f60d1cdb58769aa687e3ba46e5bd53

SHA256
f36cf2b7ba5c3f93116ce18182242f67e53470c0c1570921167dc2ed9f35c936

SHA512
dde8f963954eca7197db9e5a4692cbfb1406be17a40ee9510914574b8426f438c8e00f964aee7e7c2bfdc4aca158a9d28cd234d107c021ce66b70102c5571e4a

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
73dde037d43818d6392e51665bee0446

SHA1
79d2b7aaad055aaa21aa371d61b05684c2164073

SHA256
d8aa44c8b932aa136e23d352f22689c2173c343125e0e7588bb111fb635b30be

SHA512
95c88a7ca75a3f60fc3715bcac6a0a0f67bcf8a3a9fde5482f15e8da321521faf184548fc7a31df3f6019c48214b97a683b9fd7d0d2b1bd5595e50fb5d80f4fe

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4986bc7e2364cc5c98ed669a3ccdddf8

SHA1
94d74a679e621f4f521d655060a2849c25511d4b

SHA256
ac332baebfe687502e441128fc36d44c24b1bf9a8ce25b7547f80c96af877fc6

SHA512
3f926d736029bb51e1c8116bedd2dcc8afb3eb29edc5a3d501a79e51015c454a7ea9c6a94acc662e23920f4d75e71471c70778fd5ddbea4c45dc0bb45d8e645b

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
77573ea3aa5e7c4b27b0139a0aac6161

SHA1
280324fe6859481cbfd03ea9d209a3fb69f4c1a4

SHA256
d50951052dd15c697e22e3168ea7d2156bf6bc52ff0fd8aee65df93ea877e425

SHA512
ff1b5e8e4571ceb302402540f35393496d7373293131cf2cf4ebacbcf2f680b3b85e6df4782a1dc51b2cf672e8885b5d41ece2d3edf206ea092181982e7cb22d

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
748a6361304d696ba29ffbccb08a8654

SHA1
72d6d6b8a71bc8578862ebc037f14fbde581d942

SHA256
57f675e7a58984a026d9164495765c88835471a214a350f7779348463c5d1cd6

SHA512
c5e1ca26515ad3cd696bd32d7646f0dfd5e60edbcfe1ad93179150c05ea3ee00502aa7a749eb82bad581b67efc2182a37d0a5ac3a1760e16fe43355c5a85b649

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b13b1b8419b03e8e4d1cdb12756badbf

SHA1
4707ae9e7fbbacbb25a33955f70af96ddf7ff22f

SHA256
05ae8ccf9da5e92fcd804e7743318fdfa61e46398f42d7fa474e4839d4f3f8d6

SHA512
92c6e50b496c6f0f187f067f5f6473b132e0b0a374810d07e8b24b1c757ba9a4f531412c1675e5ca20aa3ab0c0f82923bdfb1e3e5be8404d034214e7fd57fd9b

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db

Filesize
16KB

MD5
818548be1885386cc995f564f36a8e8e

SHA1
008b0c602ed55b1122dadfb3a20db517d55c10b3

SHA256
b4765a86f69c122307448d0c6e81cebd52ffbc59b0d19da42971e2857f773e6d

SHA512
47840561a1eded73600b656576a7a9195bd1beddb79b08090b9e6bd9ab610de6cfb0a334310bfefe0b33ef157d420aaa17c6315fa2e689398da3328c4460a02f

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
579cc8a0253b82f8bdd7ae275cd8e2c6

SHA1
f3b6df41382bff47982881785fa888f78e567026

SHA256
f144d4d41afbfc8b07b490108ca76a5da336e820145543150f1b97849183d274

SHA512
338d206c0d1f1111d94b1f1b0398e16bb70fe289f5b6ef07c54a352f235f00f6c48acd3d586ce742d714c492fdc302609fba809c056fea80de7ccf74db4a49fb

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a22be32dd9cf3a21b0443de4a61632c3

SHA1
09cf503325e8eacb1eaff04a9c3336d6524452e9

SHA256
74122609cd20b7377a5d0cdc95024f5df4c3212247a7e5be60b042e6d1433150

SHA512
976123dde323f2c9cf4abae0d8e738232413ca9239bfe524460d5de8d5f97ddb8cc1cc8e59adc47cbf98a7c741fac38b4711243a1404366d156ea1668c14b6ac

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
f6b10e6f8a19e2738b4797403519d5ee

SHA1
3a8e795480c7a2fb4ca246df65fb36c3303b98d6

SHA256
b4fdb2225933cd92498e165f96739b0f5fbf78b73d80cc132965d000caa41f55

SHA512
8637573528e1bee1550fd84085d6062f88f736aa8622d88ce558d45bd2d5755f655f4f8cb597f87c0875000c011670c3496c77ee4d70c54046a7e3bb7d3cff55

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
baf4b5663f044dd2f8c8a699fa2aed16

SHA1
49f2cfd11b16164eee051a27f9b40680404e5657

SHA256
c0a19ba4a4a8ef92c90cbef5de9ea0d251ce710cba64e67e2f1b97ec19b1b86b

SHA512
45f543255b2b3da90c63e3729b27d0870678243dc8210c11750046e97991e1d5cacdd64d7bf18b81e28b917b7ec27a4783d4be46bb589b405ef84fb1aa1209c4

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7edcc683cbc851ac992ad036b258c879

SHA1
c1fb518b9170a31b40ace89349475649966b6c12

SHA256
ba97853329617a02cf0917085fda37cfba7249c24f670ac5dec77f1dbbe4969e

SHA512
893d1817c5041d62fcd6b88d1b9d6355dd36e765c9332154a34928ee9d42fac2408d0e5544673aa73961a1974ac5c89cbbd31ab2539ff5fc699bc5649b8dd3a1

Download Submit
/data/data/com.s1creative.vpn/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d3061b09e098fe6164666cad2c25969c

SHA1
f2a2ebdf15f2a1e100bdcd29ec6cbb92e7113186

SHA256
b34b23e88620d625799230b5e72c135c7d1a2a7435f01c422b58ef4d96cf23dd

SHA512
4358e2b17b581052a80d5c4b59c60521cee2f12c6744649a3ef9acf63d90bfb807d59038a4e39411a09b6935f99036bbf0eb7872cf04a3fea47efc99e6ffeb32

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db

Filesize
20KB

MD5
03821ba1bda98fcd495ec950487595a3

SHA1
1fe8dc313803c6a540e0018d0b46113cea4b5d30

SHA256
cb98090784b0644f0bf4a55db011bfdb01b25e5374c9df929a4c0b4e4b40f959

SHA512
9c2821dd1ef14f3d5e1d4d758727d8962d4f0523a057278557836a2c6949d31ddcfc043cd7dfd6062463668b14678aa0c8f4cfe2fa12b32648f85ea5cd2e5477

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db-journal

Filesize
512B

MD5
93c2ac005817a00a6f49ae338ae5af10

SHA1
f98759498d107cf5a544b5c60fb92807412e2db4

SHA256
ef094c28d758f678242fcde14d8030d4714654c26da31399b4de4672b6e49004

SHA512
0ff6b3382e97f00e181614abcc1a06aaa7610a7164319810da6d31644907a86f4c9ae2ca3196ee70910d094d581b979e949ddc6ba8020db74e66a8d6e47bb2ba

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db-journal

Filesize
8KB

MD5
116d27716cbf8b915b69b80697d10a96

SHA1
72d781cada1ce20fe2ed4aed479ce315d0d56679

SHA256
18be0afd7beb9ce8869c7f948eb962e5672cd777acbfab400d871cf05d2d2f57

SHA512
cfb281cb68aba548b06790663d924a4f97b3c40c82182a5844489fd12d8b4bdbd27fb87b586e8d6e544140ef476a71b84014a0c50ca1787e3dd4bd218e14dafc

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db-journal

Filesize
8KB

MD5
6a3478dba406e8df2ccf9ea86c43590f

SHA1
fa3d927fa80840c6ce6da51b24a48df75bcc336d

SHA256
dc0990920b3a64499dba5f3d1e9cb69fd7a07b8001e40143be300eb1367eb248

SHA512
1ba2624090a189b8caa78a99be98a6bb105f085e8507a5eb3c32d37c0662d8ee2768028493225e5538695c638f5c2e608521db7ee5ade319d9c885aebc773804

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db-journal

Filesize
12KB

MD5
c218b4c7a5ee652b78a275f08d88db7e

SHA1
f93e3548c7f761e6c2c2bd2f69f2d446c02f657a

SHA256
7c13d09d351c26bfa5bb5d87cb912086b5a197d961c732093da1c3d537de28ab

SHA512
47a179d83aca0f341a723f18b38dfb00f37e450c35bcfd4bb498a08232bd2ac78a1233ae42ac96507577aa33124b414fb5815c6fae9c63b4f39e62c67cf8215b

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db-journal

Filesize
12KB

MD5
09452ee4fd8b4f9bf4d3614befcd9dc2

SHA1
94eb1e16b8e0cfd2b0f6adf71953650ecd8c3da3

SHA256
afdba62640e2cfb2fecc675eec2f6fee0b9adef2516f8df92aa0cd63e5be1667

SHA512
539a1cc70fbe926667245d8e9b81fd4f0e18e67e418085ac9c4591b38a1feb1b1cec9b03d5fc71a2a349b543d5e873d5790e58a642a30bb9313f95cfcf843ddf

Download Submit
/data/data/com.s1creative.vpn/databases/key_value_store.db-journal

Filesize
12KB

MD5
398108c3c3ba66b13531080038c385df

SHA1
45eebdd4b2aa747e1f023d539b9bfa1b91756c61

SHA256
4716ca117bcb55e3a83fe6a913a19602e77d224951e6b1c0b602f558d83858e2

SHA512
8fcb9ecab8b70e51bd9929e87632f53736f3ab40c638c80d41ef99562449c6700be4d39b691bfdc381538c2358bc2c73afdeade83c8f48bc082e1e2a1db37d63

Download Submit
/data/data/com.s1creative.vpn/files/PersistedInstallation2741146149625375171tmp

Filesize
567B

MD5
451b4ec187d4aef1ebee3457981e3afa

SHA1
e947cc2a77746bad7c05162de6dcb80fe1f80cc3

SHA256
933f651203eec5308c6afe257e7089f1dc465da5a633ab16de00952176d0a684

SHA512
fd9ec0894c23d9a252ebdd294959b6ad4eee5b5058a3bcf33b14e556e943268dc7c6a4eb4d770edeaf3b3fca1ebdf75f37ec9600d708f94a42885123ef84eaef

Download Submit
/data/data/com.s1creative.vpn/files/PersistedInstallation3075605446448137898tmp

Filesize
90B

MD5
3ea63bd0366510fc3ed561a58225aa90

SHA1
dccf0d79682f9ffb10aa02bf98c9c385decbfc80

SHA256
c6a85e25e0de0f9c73c0b42b8a72d41b8f0fe491b627a28066c5f7f49a6ae8c8

SHA512
e4d2ed5809c72cbe8d60de8b0bfee4e34d55eb2dc7988d6ea47785ea5e153565db1254fe5903ec261f58c63be79d8bd0cae2e36582f9d2c8d8afd08a5ec853fe

Download Submit
/data/data/com.s1creative.vpn/oat/x86_64/[email protected]

Filesize
571B

MD5
87874b5d28aae120a5bdc58a42101a7e

SHA1
80a5d498e14b18e78b217f4e5e04dc6e0f70370b

SHA256
896548af1487a80f064c32c8dd02db4087c2a8cea1039a4e619999e10ed41536

SHA512
512de33261a094b57606c47732f4698d818e61811053ab5111261dc317a03ffaadda25de18040782f31e9adc8e01a63bbd1d7c8074f3bcd3400bc74c3eab61d4

Download Submit
/data/user/0/com.s1creative.vpn/[email protected]

Filesize
3.2MB

MD5
69cf159b893eefff9a8106cc3ee37e03

SHA1
165207adfe8c6047ce9f3dd38aed50796c1660d1

SHA256
26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf

SHA512
379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

Download Submit