e2cab5ffecac080d8a85ac9448efad21d03c8298f0d32e74aa1643578ffaf1d4

Analysis

max time kernel
47s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
08/04/2024, 11:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Blitz-Premium-v3.9.92_build_72-Mod.apk
Size

6.2MB
MD5

d32956457233322b59e3c7abd202d862
SHA1

9210cfb78eef2c1f9b6ff98aeb859bf4e4f31652
SHA256

e2cab5ffecac080d8a85ac9448efad21d03c8298f0d32e74aa1643578ffaf1d4
SHA512

575e5b7b099ef2715f53f5c03da40832c0c675c2f7e301ca73c73db90db738d6d2f1a057c7a46e36b188b59df79ebdd23cac9824b31fba7d0eee0622482b1f44
SSDEEP

196608:kspKbVEXlYedtdVo+tx80shLTjr5JCrTTZX:ksUAlYezdBtm0y37CXTR

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.qwertywayapps.tasks

Checks the presence of a debugger
evasion

com.qwertywayapps.tasks
1⤵
- Checks memory information
PID:4231

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.qwertywayapps.tasks/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.qwertywayapps.tasks/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
f553dd3774942817fe9fff07a6894189

SHA1
c7ddf42212abab19b80198153d3c4473fc7e1262

SHA256
29843350a7084dac38d841f8b57d5dbe7a2207e5ecbd2c448fb46cba5006a872

SHA512
4bee30f8ff6845d684301f4686d1a947d15e2c9d0feb6af2fc847599c02b769e6fdaef85d1bf4e0af1ef0e043848fbdf692c637494c09f3fd5ea6b40626b6a5f

Download Submit
/data/data/com.qwertywayapps.tasks/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.qwertywayapps.tasks/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
304f2ecf514aee0fddd6553fb37fe4bb

SHA1
437f90593d116347882169f7ae12a366eb1bf2ae

SHA256
d3bf6e13a0a4bd7f620aee3e54ed458f7022e3ec5feeb8d182a8bf395c851a72

SHA512
529d355213ceff139c3f9de856135ffb26550f19d44818c3929cd19e8f4ac6ed9926aedb0533e8a55d4e237db5484c4387ccfc2bf49ffb31779e4a4b5aba8243

Download Submit
/data/data/com.qwertywayapps.tasks/databases/tasks.db-journal

Filesize
512B

MD5
94408c824d3fbbc2d13cb80b218f05a5

SHA1
eb26df23e14ea7c4604cff759036ae5b8a6c26be

SHA256
1259f0e2d3f94992a7264e4b35c5fe031eabe0d8dc364e02bb3273ef79ec6fdd

SHA512
9bad11f77c15673225017958e1a69136e2846bc76b1d36023fc37af8648de15989939602a1b86c6c1a29f2b919139268efa34cc4233938cf560aaf028c17aede

Download Submit
/data/data/com.qwertywayapps.tasks/databases/tasks.db-wal

Filesize
16KB

MD5
954921e78033fff3adf38c08ff375856

SHA1
84e0e672c9f9b122d565a258a67c7d8022058c6f

SHA256
bab86a0db09b178b77e987ea87f5bb6a9de7fdab4d1379cccfecdc6ef7957d15

SHA512
924cd957a41d8d13c9f3f5b45f6a90c5e7511edbcbd44b03387fe535e11632c08b692b3feca6e422257267382483ddd5e362adee57c08bb1467558d9723f6df9

Download Submit
/data/data/com.qwertywayapps.tasks/databases/tasks.db-wal

Filesize
140KB

MD5
5d502e12e8853cd05d5d63afbeaac083

SHA1
2f55e0f4e93525b829bce93adbd150cdc642e6d5

SHA256
ef42afb61e569621fea3eaa6ecd7897b9bafdf98024fed00d09e09a08ad39b6d

SHA512
5901493edd0c7d64c483027b5b58d5a98350bd656455650d0dc4b53ec6134afd0b5dcdcc23d9eee70dc5ca8d1640df730d798c601212f5e0715572f9963d895b

Download Submit
/data/data/com.qwertywayapps.tasks/databases/tasks.db-wal

Filesize
152KB

MD5
1f7e65331d22d47f44b4e43b0c8b0780

SHA1
1b10aa3e0ddd93d898fa00dcef1e7f4fdd1d6bd3

SHA256
31423d68798f61a37e9963b509b6a0932cb7aa92b28945c659135f63d0c5b4c9

SHA512
65893a413e25d9f33ba20395726ebedd3a605ec43da5aab0e9d4aab05ad070a62bbe27bb670163e595251db37c685163dc0bf3fd282d55eeca9518a77b992c49

Download Submit
/data/data/com.qwertywayapps.tasks/databases/tasks.db-wal

Filesize
237KB

MD5
6406368b9355684560dc7843500f7e80

SHA1
06a1e06a3d9f03adc8b7c2ec911e6ee10d031730

SHA256
231ee01e4f3c917797c85819f27bbae7dde84ef89cc68fc8970c59a088334dcc

SHA512
8ece89d097216a17b7985b8cb834292ea38576fdaa6f652c07b6251fdbe78350d90acfb3c0c6ae4f7a13e308d4ca3b8e2bfec9a6545507fe430a974adb83682f

Download Submit
/data/data/com.qwertywayapps.tasks/files/.com.google.firebase.crashlytics.files.v2:com.qwertywayapps.tasks/open-sessions/6613F65C01EF00011087A3139F0FE98B/report

Filesize
742B

MD5
1d40c667e442b6f9bfc01e8b4e32740a

SHA1
ee63ddae9a0ab5edd0f22d8fbb83add8f7c8bfd3

SHA256
b6bad7eccf97f6ff3c35e73b9a89b7bb3d58109980b998d3e1f51b0aa347bc63

SHA512
dd4510682c87564e37998a15c89c23bfbc545dab25a96167a3ced5305ae0457d2a5b334e6d2a75e835eadd634f001cc137e02d6d407a7d969c33e2c0554fee0e

Download Submit
/data/data/com.qwertywayapps.tasks/files/PersistedInstallation2274513237389906222tmp

Filesize
561B

MD5
7e457b2f293ef21f163cc51bee781db3

SHA1
d09a2863bfa7b5e58fc9da1b4e8be1752f89b9d1

SHA256
81b6cf1186501cc60fb2ecd0b51fbdbb27541c307ded41f628539971009b8889

SHA512
3b4d804d4963e6639f7c2de6bfb6b1c152b273ab788a154bfdb845d91b4ba190b47d1591d73d07bc388167d01c6caecd7ca075c5cfd9591cb267787ce01c826c

Download Submit
/data/data/com.qwertywayapps.tasks/files/PersistedInstallation8042842808232879812tmp

Filesize
90B

MD5
0bb88756e3d028edf509d138d7aad530

SHA1
de9de67be2e3195bc8eb9ebf6431a120d9789139

SHA256
aa42fd0447124033afbd3a5e3898ec474c0853afddb6a934a803c571022a6731

SHA512
42ba2c1dc02be4dadc9bb4807ef047bb70c01c5e8ceb0027a11c5606f0bc3ca9e7a59ab39b27342e0f9189ab371d631623398f1ffd6364dd891d366319350ef9

Download Submit
/data/data/com.qwertywayapps.tasks/files/frc_1:419174467846:android:50221aa1df4cf21c_firebase_defaults.json

Filesize
587B

MD5
9a5e3e0e55167460303082a4f69188f1

SHA1
80fe5c9f597e15a0fb74903ec51a168d6c19179f

SHA256
8a9edad6db7396bd78c8ebc0d75a126fc29dbe9b37daee258a29438d21d0ed2b

SHA512
458b529b53e16e0b34a15d0e5067915b05ccd67ed44a3a4e28c6a1bf6144eea7c089dd4ab7f2bf88eabf1fe5e454e101cb7a314fb3f9fffb3970ac24408d1edf

Download Submit
/data/data/com.qwertywayapps.tasks/files/frc_1:419174467846:android:50221aa1df4cf21c_firebase_fetch.json

Filesize
2KB

MD5
63272928fe4858bcdae844d65a8f6be6

SHA1
b2033d60fbdc5b297bd3af5d7bc0c84dee238e74

SHA256
3f30247234d49136b5293db993a4545b7381394dcad58684341ab2bc6d4a9ff0

SHA512
45170ce256bdf273414bbe34e79df9e058f01d25e9d9bd7502ce29a6dacc703d350984bd04678974a154025f284ab9cd8fa7cde9e1e98dccd7ded82b4d5264e0

Download Submit
/data/data/com.qwertywayapps.tasks/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
0091380f9b91c7c82a76785ab7473679

SHA1
79449643d4f3cd8447586b60b60500ea61375372

SHA256
3acf238eebf35703b82583d685f9a56a7cf73bb37b51408af6d593584ba876f8

SHA512
7feb53554ad66c9ae7c1758e7b6aea33794341d842b01ab7f937c55b74a5493f1bc6401311183e9a1dea413e7b7e94e375a4d4f606fbee68912b8aee350bb37c

Download Submit
/data/data/com.qwertywayapps.tasks/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
8576d50032921a06fd3e0bac8b9ba75b

SHA1
39a9ea5665ea5f45c283835f371fea43087b3869

SHA256
6db44635335d418d623475baf46bebce8e82e9ddad130bab2829aa23df47158a

SHA512
acd6eb225ad077075bc69935a27b5e1a3be6b9ddaeaa76f504575b3f2cda6458e2835be875b9d39e42e568d78aeed973c8e630a0c8625b38e27e440d54098996

Download Submit
/data/data/com.qwertywayapps.tasks/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
1e7f0f8ffa88d1f54d94d8dcc90f7367

SHA1
bf88922f060af3daed2b647a62341bd610083a2e

SHA256
89edadd94b01019c5af556333f5bc95e34ff9c16cfcbbe64b9967e964cc27d4f

SHA512
429deccc5e388701d501db6e6fa866294e6e2368086c2faccf8f554f8c2c66efd9d5d6cbb0d1409d39d41c21b025e8c5d4ed8a4c6aed69704f65936510b200bb

Download Submit