682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b

Analysis

max time kernel
84s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
10/04/2024, 07:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b.apk
Size

5.9MB
MD5

599ca5ade29ca5a197d672c4c8030403
SHA1

b65579c62481b07f955638d884d3a59b9582e705
SHA256

682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b
SHA512

2331da7504ff00686b8afbfb2ba9c8b226566b0ab2b2d26d8f5370b9f94af301469818f926c8e27f72de0ed5f91371fc4f0024d7c5c1723675b2b0ecd65d7448
SSDEEP

98304:MLv0HRFwlCAuCnTCK7/WkOC1CvgRw33cDbe24ynnfnDc4WQAEzfrp2vwCNwG7:o0HzwLPnTCK7OkpzRwR24ynnfnDcIsNL

Score

8^/10

banker collection discovery

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs

banker discovery

Security Software Discovery

T1418.001

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	org.optimize.app

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	org.optimize.app

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	org.optimize.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.optimize.app

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.optimize.app

org.optimize.app
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4234

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.optimize.app/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/org.optimize.app/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
74d1a7d6bc3a063f3123bdba149e9870

SHA1
4a10c0566c19371d4cb24c41c8cc48f6e8bf799f

SHA256
7967be59486b062b791314e40e5f5dbb1257a0508b6facfd50709509b59a1b64

SHA512
819194c76b1fa370b12e48b09cb2928535610bef55c2652c0021051043be36165d17b6c524d1611d5b305453733079b1872f794566918965c071c866c8878f82

Download Submit
/data/data/org.optimize.app/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/org.optimize.app/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
9c06bfa953fbc614b91a4a9ea7e8f02a

SHA1
c477881f689383ecd41109b7aed7a146651f7171

SHA256
689e9beb41693f073fdc4c461e4f2f3856fd924e53a2bd71b0c90191c45124fb

SHA512
45a6e1d754be1040f782b3cc6557ef7613f8600f49dfbdd314b8d46fb882948b889f165ab9cbded29e437a4f52a3af98563bb9ccf0c3670c765a24aabba416b8

Download Submit
/data/data/org.optimize.app/files/PersistedInstallation5368626518945626841tmp

Filesize
90B

MD5
10163b00cbba2cb45c1469dbca873723

SHA1
b5dc1af0155b7b84a6a3f2d6821f5814ef61b24e

SHA256
50779004116305ed997dfbad338b187b8bb957c8fb5d91a720007b2789171999

SHA512
b6dd0b09a1bbbcfae49a0910964879f04ebca696858b64706dce63688a73f8fae50fb005b7ae09d0459218e300040b09a675d172af7c343c9d3f423e61b40d87

Download Submit
/data/data/org.optimize.app/files/PersistedInstallation561307770638641419tmp

Filesize
114B

MD5
dc3e4c4abaa8fcda289faa582da7abc0

SHA1
6dccedba9d6484aa46612d54ee7546ff7a75f330

SHA256
3b9f49e57af21e7890f985b8b2d203843507c289aa5c3ff5314bc153cc9428c1

SHA512
3d69f25989130647750e51e35844fa8f544300e5ef22db0ac90c27d489c2e02228606c65bfc4881592d1f40f78bdcca0988390579393f8103f585658491ff50e

Download Submit
/storage/emulated/0/Android/.org.optimize.app/DataLink/1c0n1ct_1712734692153.cn

Filesize
3B

MD5
8a80554c91d9fca8acb82f023de02f11

SHA1
5f36b2ea290645ee34d943220a14b54ee5ea5be5

SHA256
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

SHA512
ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a

Download Submit
/storage/emulated/0/Android/.org.optimize.app/DataLink/1c0n1ct_1712734692153.zip

Filesize
221B

MD5
a9dbbce3fe593c2f5d0ad77d03528bdf

SHA1
cb8d8697062260af5d4cca18ce808fd56a60dd18

SHA256
ebe3661e994cdf4985ae65013525d323ad6e9c0f2874b801454f8af9c96a6fdc

SHA512
3eabe14802489d05ee3b56c4b661f9a567eedce05148b21fc5e3e0b7db37df894b35511c715c257609b9659e205c118ba1f89abdf941fd8d13f720b544822b8b

Download Submit
/storage/emulated/0/Android/.org.optimize.app/DataLink/apps.ap

Filesize
1KB

MD5
ef82b6c374d7a5040224ae80bd784e91

SHA1
456328cd8e6cea34e7d1d9e4f60cd229403da229

SHA256
84af13d354a0d48bdb333f0fab2eee95098f10f647d34e7c82f79a3f6b41990a

SHA512
27abe5ee2710e0f23900e0f02520dc00f74dc69d4bfa1cf34f5010f576f9ec8d75b232411f1b7fa1b577e97dcd011bb8aa9d016dbca005e60cdc22e4d5e44d95

Download Submit
/storage/emulated/0/Android/.org.optimize.app/DataLink/s8s54_1712734682189.sm

Filesize
11B

MD5
0c554d4e30c294140ede96a4d06775b6

SHA1
c22fe7585096e9478b6b64c20bd33e22df5d96d8

SHA256
fefaa3e60e610770898396979fc7e59e2f32515db738a2aa6fc5053d571e49ca

SHA512
6759ae4635432a45dc37262aeea6a4457cf4a34bcb5805db2d42563d052e30ce97438b695a671d8ab7931bed82f93908cdba608ad086e24e7667c1640182e3b5

Download Submit
/storage/emulated/0/Android/.org.optimize.app/DataLink/s8s54_1712734682189.zip

Filesize
225B

MD5
d68fbfe6b63e05bd93ac8afc62cf78d4

SHA1
31f2a7f86740b79151dcc33bdc6e3c1e4a283432

SHA256
7c322acb015ddf679e91a192cc23a897ba2d82668ca31752c724110019f29c47

SHA512
3ea65df3db1c024945ed3a79d38ffb6f7dfe4462b1b998edc7aa1b3942665ec7776d83ea207ddbcc837534ae361be26597a1ba90efb139f6e12665ccd6ddc010

Download Submit
/storage/emulated/0/Android/.org.optimize.app/Presentation/conf.st

Filesize
45B

MD5
0715c425e68269fb474bbf4ef92c9494

SHA1
761945ce56c4cedfd07e2d78f5d795fde493ea37

SHA256
c7ac06c02abc6acebb0a21b907ea1773680df2277a0fc3e44336039525f06114

SHA512
cb1b8b8df700c23fc6c0b1102d54ef3ad7e1ab2f07903c82e87bb68672662cb569c7a777ce09c75892b4d04ffcc5a09537bc2da59cf46b7d306951c7beac2f34

Download Submit
/storage/emulated/0/Android/.org.optimize.app/Presentation/encSocketID.enc

Filesize
176B

MD5
fb75dac0a20a90318e0b073d9b169c52

SHA1
b00843f3905829d5ca776b641e29bd5b2e6b0e0a

SHA256
5afb32034f99485edcd079b2bdee0a837ed5a14746200c048469f9bbc0e63e00

SHA512
97e2f6668d524796c4b847277f556aaf0a0fc70cd0dd593ce8a26a66e96c4130dacef7bd79e6bee81005a176227a1e756f6a65469224041c576fcd7754b8f93f

Download Submit
/storage/emulated/0/Android/.org.optimize.app/Presentation/everyone.evl

Filesize
66B

MD5
65f0466dd74f037929b1fd130e33646d

SHA1
4c8c4b5977c36fcf1521377d934bd5de34087d8a

SHA256
2146b7a7d195c3fb86e56bb3facb9012610900df6eb646cb77ee5759d47c2f2e

SHA512
9d7a5421f46779be00c76f725354232d5fd69bc1ce05db54fe15b54f76b57aae7a2ab6e223978edc6ad7bd954bbf2a63c2f44e2a25fe6cbf3b06e34a8db25b9d

Download Submit
/storage/emulated/0/Android/.org.optimize.app/Presentation/fls.tr

Filesize
440B

MD5
6100083eb0e95f846221e2934830c21e

SHA1
c57e8537a508d1aab00a19f5fb059d98f1eedf01

SHA256
ea646fc1620c52497c51befcfa61a9e28b1edbf69a7326a0a4712e998e5d0e77

SHA512
24a513a36cb905d832580aafe9b24e0cc489efc61e81b2548c5d8605319e0628fb9bf3259e82bb20991fb0f49115939f39168a252d39943ea2fb17d09228a1b0

Download Submit
/storage/emulated/0/Android/.org.optimize.app/Presentation/socketID.st

Filesize
33B

MD5
8f42341ac6c28a0953cc25f200921858

SHA1
fe0d3201a6a706aa42f02fd7702d6accbeb91144

SHA256
baf1f0350690f2af8ec3e232293cc4337e5cb686cb91a079834020669c1027da

SHA512
251fe7ee4102b587b935b0273105dd94842a47d316b2d83e7efb784fabef49d8d89b71bbfb18ebca9cacd759b5d2cd7f68f4b3021f640e268a4bf705fc7c0280

Download Submit
/storage/emulated/0/Android/.org.optimize.app/Presentation/system_log.txt

Filesize
175B

MD5
425b604de906e1f5c3ac00803428b1d8

SHA1
5e8772851e46b7d787e74fcdcdfe5450bb386cbd

SHA256
7ae610cc32eb77a30ae0308f7f09c5c5a23b821e777f64fad6ef0653b79dce57

SHA512
19ebf5f5fce94088da32fa8914c12a6aad80d332c5a641f80362c169b0e90ca63ff93a64742d90fb8a0d45be15ae12f3b662e0e48e4451626c6248c47d445b5e

Download Submit