Overview

overview

10

Static

static

6

36851d1da9...5e.apk

android-9-x86

10

36851d1da9...5e.apk

android-10-x64

10

36851d1da9...5e.apk

android-11-x64

10

Analysis

  • max time kernel
    96s
  • max time network
    106s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    27-03-2024 11:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36851d1da9b2f35da92d70d4c88ea1675f1059d68fafd3abb1099e075512b45e.apk

  • Size

    12.3MB

  • MD5

    8073ed7dc906d83db7f1cfebddff8e31

  • SHA1

    e0b09cc0f0e210de84937ada7e5d19dce5132c89

  • SHA256

    36851d1da9b2f35da92d70d4c88ea1675f1059d68fafd3abb1099e075512b45e

  • SHA512

    97d0072d1352d2f7cd919b89d32c53f8bdd1e1da53aa33c09b87337dfbf9d666f7e3e75825b4ab17229655bd382649d52c2d92ad8355391519e776a101f0460b

  • SSDEEP

    196608:bGs1F11OSoKaRCBlWvGUcct7ww66toQYnUzHECotipEXrmCx+wJAEplXpKHm6:bvoKaYgptcwPoQYgHutipUmCswJTXEN

Score
10/10
gravityratbackdoorcollectionevasionpersistence

Malware Config

Signatures

  • GravityRAT

    GravityRAT family.

    backdoorgravityrat
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Reads the contacts stored on the device. 1 TTPs 1 IoCs
    collection
  • Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
    collection
  • Reads the content of the call log. 1 TTPs 1 IoCs
    collection

Processes

  • com.example.livedrive
    1⤵
    • Makes use of the framework's foreground persistence service
    • Reads the contacts stored on the device.
    • Reads the content of SMS inbox messages.
    • Reads the content of the call log.
    PID:4684

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Android/ecd/obb.log
    Filesize

    100B

    MD5

    56c47db5132627bd5933f24097b193aa

    SHA1

    bd210d37994d8098395fa3f2a957bcca853da01b

    SHA256

    268dc269f0736e9c9e95193ac0ad5d1f3289e8a4924666c09591f77ed819b676

    SHA512

    986145566b0ea380e8b6154aee94a5ddc61eb0654a7fe861f91179ebb1a32c839a931bfc4d77baaaad38ccb4b63c5bf86c9e3a60e2e1fc7af572bdeb90e26bd2

    Download Submit

  • /storage/emulated/0/Android/ecd/obb.log
    Filesize

    40B

    MD5

    10bf34364f895720c7cd71dfacb5f2af

    SHA1

    5d9849abc78462c73994be9d79444ce1461b4e1c

    SHA256

    075cb7764f1889ef06dd0f8b4872ef5f23df2de4043885b0868291ce5d91d563

    SHA512

    667f514723a4a02e70eb0520faadf0de1e75bd31cf9df8e2b0d33048f35b76e4dbf667fd92dc33096058d404ea6fa53d3d685350014817bda6b527106b7e271c

    Download Submit

  • /storage/emulated/0/Android/ecd/oww.log
    Filesize

    30B

    MD5

    62a4c53e8acca72359a04266b0ca8c78

    SHA1

    97ffb3e9c5b93375efec26a03b531a69a86b0c7f

    SHA256

    3bb7c6aa2780581102137a2d01a49308b6ca54acd1870ffe38ef8e20b121abb8

    SHA512

    cc7bab90b61e3d237d898f3fe7ddccd3f5f264bc3fec7484cf29fc9bec8f5ac9e4b9cbb9d519bba1104ae801caeec726e9cceb56c35a02af7d4d90905e1ad09e

    Download Submit

  • /storage/emulated/0/Android/ecd/oww.log
    Filesize

    30B

    MD5

    96bf84eb7a88563222fb9df75d2bb755

    SHA1

    d63d24b03b4287ab973c0258eb62f4db3e9c8317

    SHA256

    7e883cd37a10eaf3ae7d4cfa24a5f3d98b5fb6c2c1b3b43891ee364715565111

    SHA512

    c5a8f5ae9488d2938c5dea341d7cda2b2a337df429f0bec4d0adaad9840f64631967cd3b7f6b2a0b1ccc62f2bb177b3cd84294654f63bd284b8f1e31ae288603

    Download Submit

  • /storage/emulated/0/cd/cl.log
    Filesize

    11B

    MD5

    75263edc3b6b0bcf75fe8279dbaeb0b6

    SHA1

    fb2ff1c017b508a31232c9f1a2386847fd8bc3c0

    SHA256

    834f2ccf11ed2197b219f6f8ba0695c87319101765c3ab54bcb091a9b96ae882

    SHA512

    ea6b7b7a9ace6309aee9638893f3b6b1f8bc7c20a35b25edb7ba53b7224833a706e0ca9f9fa98f0c3e9478f7545b37bcad50c689ea2313e14e1952b184816d2a

    Download Submit

  • /storage/emulated/0/cd/cs.log
    Filesize

    27B

    MD5

    3f7b6c8ead54cf249b1927f62414b425

    SHA1

    842035958746cf5a98d67239f57759a8c9a453d4

    SHA256

    3c987ac9c4c0f1ed4c3f184e59520ff82ddb0e5feedb974e12c2bf591b573a5e

    SHA512

    759d437ba941c5f29be049774accba058cd367eb0bc89bb1546e0f25ce015c808200810048f77e2c826fe05f7be780133edebd54991e7f3bfc3bf58c2afbb856

    Download Submit

  • /storage/emulated/0/cd/ms.log
    Filesize

    38B

    MD5

    620528ff54d809cc56cfa1b8b7461c0d

    SHA1

    4bbbe3c35c4f1f9cf5f7dfeef33765f3e022af00

    SHA256

    b60f4360ead8b1525b8463664d7388fcaca7adddd8d5efeea70cc059fcb8f4dd

    SHA512

    f5f9a9fa492e7caf32a1d12ebaf14718e1e85d36db514f6b3db945f8e2250048916582f5780d4572593b3f45541555c064757fdf09c4bb766b9da96c87e96387

    Download Submit