1afb76089174b9912458f6aeb7dcb4c91fd4108d42d5e036fa21300b350db44b

Analysis

max time kernel
4s
max time network
149s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
02-04-2024 10:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

05ff22637856bb0edd57cb710afa0d6f944c977fd1045dbd78ea3fb634fa8fb0.apk
Size

3.7MB
MD5

2692680a7b8c65d4c840de1c8f40788a
SHA1

588313f53c98ed371da721a815387d0b557b628d
SHA256

05ff22637856bb0edd57cb710afa0d6f944c977fd1045dbd78ea3fb634fa8fb0
SHA512

d448d59f15fee5e916f50710aea129ca5d16b63f118a7c2c7f6d58fa105e38d80d729b55c1c1ff82362396cbd42ef487f76bb2cb2031a94d6e0b908f7c39e71f
SSDEEP

98304:SZZTSHh5MkkFXIMt5A5qWfpLCrcy+sK3yAPax8vkt11uI6:SZZTSHMZYSW5XWJOyuu8K1y

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

edward.org

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	edward.org

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

edward.org
1⤵
- Acquires the wake lock
PID:4481

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/edward.org/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
46165d4b91683612948bdc4c091e9c66

SHA1
dcb0db002e222666a018f31cecb610686f1b3456

SHA256
a33b88156f0e17e9ac3d5fbbfca38e61f4c5617fd8269bf0a931ba7fcbc251d8

SHA512
e0eef60ec4d6da76262a69ffb0449beabddc96d8d6a946b1b3f71f90abb843f8a628c5bb956729a597bc234730c55f5fc1cb04b591dda346e09e365e539ed748

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
5c07f39a5637d6d958c54eeaca4d0b57

SHA1
9b7be4b3a9e95b495c7b83cff8074b9f9d4817d6

SHA256
a20be0890416f08ddcd54d70b9551c5796b75987be4a33ad443e9199f439551d

SHA512
65ed13a0b8fb4aef8145d579c94c3a1a1a8c0b6a09999bacfa4a0ec849e90ff467a7bef7128c1830d7cbf19b4841a2e7c02b8f922713fc17aaab7468e09d9dbc

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6080680315a07267f2bc81b65ad3c52b

SHA1
792845bf71d518f96eb76c1c560292073f3e3caf

SHA256
1fc80a0be8af449ede320325ae2fc43fb2d25fa5244227ba6e59bf5b42889755

SHA512
ad711f0577a6b9bfb6fb5bda7e5781d1d84e8ba546f0c3ac0402454ac2e5fa4dc42f749437bb1f85bfd9f92c5bf61cf9a9ae76527b3bd226fc2708d50f91df2d

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
16d20bcee308606c5f73070f0ec73068

SHA1
bab15d2fd760ac36d7788ad96f3f0bced59674b8

SHA256
0dd57c504c42bb39c959cc2f2e542fdd2b6f24864d4591a7a979fea7286c647a

SHA512
d2470888d25d2ccff1dcc05d16758eb4b54bdd68f9457362cdcef053157259f14458f84c06634285bc51202f2b254ee4c7a3bfac1c11c636254f8c234161d3fa

Download Submit
/data/data/edward.org/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4bc91c69510d7d4fa22837473c3a8441

SHA1
55ee80e2e6278beb9e3c1babdfb4f8f7aacb8a69

SHA256
3fefa52e0a0899226267a8f6d5840d9b896b0bb10651c9a7a28e2ba6a14ce73c

SHA512
98ce12b0ba4418ad2452569695279b95c8bc31e7349d2fb5e369f51f82c87b4cdbcdbbf285db78b6f2834a985a9898bb9e89d8d82e84ab531a186198f8d892fc

Download Submit
/data/data/edward.org/files/PersistedInstallation5309993457568720425tmp

Filesize
90B

MD5
4b08cf2d96d43ba0d6f4436c629d1ec9

SHA1
f82273988e10af1df11ac8560810820ced035327

SHA256
42e7964c360dcd36754821b9fdb63732fbaf4df90f8a87b1c235fe0b923228f6

SHA512
99756898ea5e7a9a8ec1abfa0bf847debe1d37fe19e2669d5a44738a85c8b8b296757c7c241d376b75a0e17579a9ef7c722ffc5f432c4e77dadb167bb3a5e4fc

Download Submit
/data/data/edward.org/files/PersistedInstallation7794840736388523688tmp

Filesize
566B

MD5
a8881339a2a83ba6f6921880722e9949

SHA1
60519d6483cb9438d70a9af8b7d86de0b44ec9e8

SHA256
646ae8c2b37291fc1e9bca7ea3a84a51b32e8938f955a6f3da0d06376692eedf

SHA512
763713dc3d589142bc9fddde77229d78460b9e7979b2f0a829735d7ed61803e12d4fe96693ba92bef07db5e85aa4e38c115d071678bc429169dc9b4611ef5ea6

Download Submit