220fcfa47a11e7e3f179a96258a5bb69914c17e8ca7d0fdce44d13f1f3229548

Analysis

max time kernel
146s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
10-04-2024 09:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

220fcfa47a11e7e3f179a96258a5bb69914c17e8ca7d0fdce44d13f1f3229548.apk
Size

12.7MB
MD5

07532dea34c87ea2c91d2e035ed5dc87
SHA1

04ec835ae9240722db8190c093a5b2a7059646b1
SHA256

220fcfa47a11e7e3f179a96258a5bb69914c17e8ca7d0fdce44d13f1f3229548
SHA512

270319f1a8a8fe9e19a78741cdcdf5f7c62d3072e55ea68a8c5ecb154bea9fb0895d1562164a0a04ffac19cd2bfa760ee219e3e0ef3890ccce564ace0c1f51ea
SSDEEP

196608:A8ULZA2UNZPFyeRlQbQ4Waex2Jg6K3KVSOjQHITUI8KgYeX1EVsf6lCJwtBD/SZP:qqdZPFyeR2b/WWO3K75Uv5JEVsaUwtNu

Score

8^/10

banker collection discovery

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs 1 IoCs

banker discovery

Security Software Discovery

T1418.001

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	org.schabi.newpipe.mask

Queries account information for other applications stored on the device. 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccounts	org.schabi.newpipe.mask

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/data/phones	org.schabi.newpipe.mask

Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://media/external/images/media	org.schabi.newpipe.mask

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	org.schabi.newpipe.mask

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.schabi.newpipe.mask

org.schabi.newpipe.mask
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Queries account information for other applications stored on the device.
- Reads the contacts stored on the device.
- Reads the content of photos stored on the user's device.
- Reads the content of the call log.
- Acquires the wake lock
PID:4223

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.schabi.newpipe.mask/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/org.schabi.newpipe.mask/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
44ad2ffd16efbd8a7cbc8d908f45fd9a

SHA1
9fc908d2179eefd99cb513c896a744fde7d9a8f1

SHA256
5d2feef0239b907b17d93ee01665245514d08fa9d12b4e4ab0a25feb2d1fb260

SHA512
5954095c9ba2d07f893d9018b8122fb4dd41fac92e8267170fd54fd33d8d648780b1b5e5e866e9dce4d7445ae4f1673c8a7490a78266662962fd410904fb71c2

Download Submit
/data/data/org.schabi.newpipe.mask/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/org.schabi.newpipe.mask/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
dd544c92e9c653be88c6374f1ede8554

SHA1
c5d4fa3935046c5466e8871daf6bc8a6b8041331

SHA256
46bc866f0eae093ba01307d02bbe709282215736d418d3bc7f4e5dc995c55118

SHA512
e7a55329f19f7ea5984ce185a7e303fcfa9111cfa2f4ebae24ff25cc49f8da82105175e29e2832bba6002bff817497a2693873871afb0b5a55bfc16eb3ee3f3c

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4138c7bda019aed4042f6085620cb5cf

SHA1
f52d575be1def60da58afd4b59c210d2d251d934

SHA256
cbfdc1227247146945832baa3a5e1ff58defc07efb7d6af6e6e89e9fa859f986

SHA512
9a6e28464de5e0cea2767d3280ec3dcf0af9f47c2a6935418b2d83640d6c7aac4e74aaff691558656c77b8f383d0c2ccc8b70ff7b6b3dd70389a732a5bd7f0f1

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5cff0eaa3c8e288d5b682e8cf6e236e8

SHA1
83d763f63962502bf93de447bccc3c32d244cd52

SHA256
eff322f45921a4e8ad78daad43d2ca7198ef8ef0c186ff49759c9b26cd6902a3

SHA512
f30593599c1d142a9a1a57ff0537486654f1f34ddd366ca3f1094b075216b97dd5a2b893a65bf6dc97595adf9d4a07f2fed6f79018110244bd9ac33dc9a1acf1

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db

Filesize
16KB

MD5
751b304047b83d523b85da55180b172f

SHA1
cf4a6f59a4a7e01bc4ea056932fbc1e83ad6498a

SHA256
3327000d1001a306369c6906ac492521903cc06671ff35220d9aeb0d843f735c

SHA512
42849e9f8272a91a4c5c28bbc789d1198ee0774ddcdb89ce1a5cedfe529dc87f2ffe1e0c9550603f57c8d8687f08c0268307d8d56663a79accfba5b37f3f5ae0

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6e55b8c5ad72eb8a93987b0915786f14

SHA1
d73d7878db5dad358849d5c00a56be5cb3aae00b

SHA256
658af3213ed3db1819e440fb38bd174736063ce7a1a8f640e859067d22816147

SHA512
54c8987c6373b15dc6c7e68091a78a3ff6b396c0ede5a0c6d442c36f4d4dfbf138a0d5c9d25216e24516a19eb268f2a20e4c57a773987fa00316c9259f4a8ff0

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db

Filesize
16KB

MD5
272ffa7ed7bc39cbcaebb4e6b0c9f85a

SHA1
2c9e53d35150b54baa5036584fe49a13167581c0

SHA256
d0de776084ed97b4206cd66ab5483f508db4e202a22790c9103bb2928e2b42cf

SHA512
45eb18771f6cfa92adbaec72c6d1bb8a8257d417aaf480eb4bc5303ac20c1092258acb0684889e5e033be96543e59950b7c6e41d40752bd29936b00e1ae6c662

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
10b8884b3dfb9d360362a9dc2033e051

SHA1
d82b9a08b6baea8ce5b76e9dad501ca311b2f973

SHA256
21ae01c9799c72211c0dcf4d862b70b7652beef4108af39a9fe29a8191636115

SHA512
a288b84c791a3fd4fdd6679c757d0d3f4bb721081f06684fedf41ddb64e358c4a49dbbd4ec2dba60bb7153759490ad709ad1a87298a6d9af04595d1bfad3b428

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
232508279d63b3b9e08c05c0819ee3f6

SHA1
e50eecd77151a48b7f6d6a636f912255b460f8a5

SHA256
8f47e1f22b9ba6076b8fb8c650980c6031c80680119a1f008087f6769d92ac7d

SHA512
a1132dc77902a080379418c897ff00d2e04e049acec51a412794d07aace7e1dde628bec422a91a57651d3bc018cf458b45fac96cc9616bd6e14af9ae8646858d

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f61483abda002d005c1e1081ef4274c9

SHA1
96ca717ccdd0bf477b51270ae85ef76f727ff831

SHA256
fde27489ce3b6433a1930e4f0ce5aabc07bbbec9361ce323499b9ab2642709ec

SHA512
968077bec9313b85128bbeac7a4af04df053f5675d6d2df9832b03f072b2c0bb45b87f69e1f69a356daf9a052c3f908105ef87e4f0fffbec23fb17a598d5ad59

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c19281b64683460dd05751e726c82bdc

SHA1
1695e2ab9cc931fd8f54c5ae262de2c6d1aaafdd

SHA256
97a9c8fad3a243f5da44819cbd3eaeebfe0f96855ee9320620fa5e52388eef47

SHA512
e2bf51d99c50647e518d9aa2d482c15f3a5e52666f003cbd6e389041eae65d657a8d4bfd909784ea48a1b790cab0041bfe9936257cc6a441212d69676f37dd3a

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ddf6b21aa28017b8b3463966cb04187f

SHA1
c0abf9593b6836514dd1350c2423f2fd843e27dc

SHA256
b041dbd7010498452b3ed1175112b53910667c79b4540b039fb873d8af96ef18

SHA512
fed68371f76a127f5f64a64375eed75e52d34c1b53e7e30133db306e48779c6c7b807c1e56a7bd75d1d8c033bc936e5d0a2776501a1976c820bd63f28683917d

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7fc3ca110d7eae22675cfc2037557407

SHA1
7f0651d6f8143fd0b780590188a0566bece7297f

SHA256
63340763eb9de23c4139cb5c0c0798e9ffd2fcd77b2fa335b8e1a34938bbbda2

SHA512
602f955ff60666b284b8ed7fce90ee1652910b404e163efce86bd0bd09d55d9bff115e50d57ec6a46c2baf8edff80f95593279574a93fc555fbc9f5d15655028

Download Submit
/data/data/org.schabi.newpipe.mask/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bf087430fbaef163f0eb92a87df79787

SHA1
1d85528b096eefb55c7a7ef923513e5babaa165a

SHA256
5115c1c3a5471e9132d0113b3c366d9bff270cfd92e5fa469f98471eadf7d224

SHA512
256ece5a009ec07503227e26dfee68706a0299c7c42598c2e796443614c95e4ea6495ae1bde68ee67609fe9404c645b0eafe841f25b141a867a5bb45d9a5e82d

Download Submit
/data/data/org.schabi.newpipe.mask/databases/newpipe.db-journal

Filesize
512B

MD5
bb7adc258d5cb5486597fe05b077b0b2

SHA1
598ba6d20ff7d116d0238f8c1e0d0b406bbf10fe

SHA256
e7d14e91543f08152b6e0a5b091b693088cf7e345d23ead952dadbd2de46bec6

SHA512
6c336abf461e9c9090b75c4400f05b6a48c6d40677b5baa6c3afdea9748702d71e49f3defa37f88fef9042a39810bbc821b5d63be6ff1c535dfefc0d0d250c97

Download Submit
/data/data/org.schabi.newpipe.mask/databases/newpipe.db-wal

Filesize
16KB

MD5
f2315b6350890c54ab3227c5e87cfa08

SHA1
f012a2312211f4f28e2cac1ce81fd52666c857c7

SHA256
151816153a2b6ee679636b8a0ae6b3abcb92b69392e5dc40a82fac6ce36c182c

SHA512
69b5f59ca35058bb42f4acef47edb377602f18b20d9446d5d70b6926fc452f4ecaec8302f2032ed7505f90ec2e145f0f692fa5dfc4962baa178629bacaf965f7

Download Submit
/data/data/org.schabi.newpipe.mask/databases/newpipe.db-wal

Filesize
152KB

MD5
7724ce36d216ba2dbb01e4e29c87e0b5

SHA1
6fcf1d7988699249a9341ebc7b5bca02a6ac6ac8

SHA256
f6994ce02b8b555d5df7cd802567d052f84617112b992cba32238c3358d3bd9e

SHA512
b71f25b160fff7876df3b37ee4aa335fbaadce6b3fe63f8f1a543a7abb23f09dc007ab554440395deb3c025f6046cb4764dfbb29c3ceffe0b3193103ff7d43f5

Download Submit
/data/data/org.schabi.newpipe.mask/files/.id_config

Filesize
99B

MD5
3554196ec9c8eba5e7eb04c52e0c013d

SHA1
89bb152a96de8eac6641e1dc7fb1841075e645a0

SHA256
81a178e408898093e9392256ccf5b28c4cb94a64bc156a84107588445bed5559

SHA512
3f9bb7623525d7e2303824d924fbb40146df5f2171415eb39da3aee2aba4cc8769e524f4a71b05856e3c42d3701ddcbd0d25e6fe40340679eb6fb17d5a30a0b1

Download Submit
/data/data/org.schabi.newpipe.mask/files/PersistedInstallation5417049445381815418tmp

Filesize
569B

MD5
a203eeef1e18ae10efaa552920fa3394

SHA1
8c4461b4e489905b3d9fb2aec08afbcc900ecc5e

SHA256
39523d45537084bc5ba406e60cbdc6ee0ba14a74a8e0b3b2aabf10ec62c4e937

SHA512
3100289a2069f5f67194a581ee7b5f3f21bc9720b88287cb2d87a5b78c75bb16c82d5e1133ebfaba24ce10ebad62a9a369b8b11326dcdf746459ffe2ac34be05

Download Submit
/data/data/org.schabi.newpipe.mask/files/PersistedInstallation8680161013642882781tmp

Filesize
90B

MD5
ba0499e43c34ed8ddf943f791dab3101

SHA1
c21301b2d44341da0b428ae2f3737be6b28f201f

SHA256
fb17323b85323dc26c6acacd4e419a9362a8d3505f142858f622eaec4a58c427

SHA512
51a70370199bd42f6171ac36c67ea8f907098f53b531f5495c167ea439afa54e1aa2aa63133e44de89fc52a83fae58413eec571126ab8899b9e894237aa7fece

Download Submit
/data/data/org.schabi.newpipe.mask/files/time.config

Filesize
37B

MD5
73b332e367d23967f33f68b209ce2dd1

SHA1
b320c327feab307c4526ca5a8e3b71720f9029b4

SHA256
fb1cc362c9cb491e893cf60811a02aa7829c0c9a610be5c5a53ad161d8846814

SHA512
2307b946536b4d27cf1f6c00031077f211e95bdb4a3dd4fe5b36f2374ca7511a7372f2b6e7acb0f682d6a12eed67f2d3b2088a0af7c9020eba1c0cd1249b8d6f

Download Submit
/data/data/org.schabi.newpipe.mask/no_backup/androidx.work.workdb

Filesize
96KB

MD5
b4ce981e836fc593be4bcdde48088ab9

SHA1
7dbf81b52b5c4836ee12d0aefde58ac04ac9fd01

SHA256
10affc01443789aaa245c19cec960db663ff82045117c335ed4c2756d35141ed

SHA512
f82429350b41824a842e468186199108b9ab993a38cb7c5efc35a4890bc270c1ed0968f601d5cf3f7c1ee97e7e1f60043a8e669a3135ff3e181078c92d25664a

Download Submit
/data/data/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
b7411290eaf93ae252abd626e4df02dc

SHA1
175725450d6868660403633f8ff338711af3e6cf

SHA256
6794d0c9214e9d0e9bc55d1b41f3eff406a8ba34790edcbb012c6ffd41e3028f

SHA512
1f5e065b21521bbcfa178d35c14293a0e6dac9c675188af0b0c5b1625ca4b5fd1810ff21317ea88e85ddadde34074949690656d08e4d16aad5f3385ee31733f4

Download Submit
/data/data/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
ba5afadbe584ad9302c839451d250b68

SHA1
1ffcc0c4a30afa605402f2afa50af62970d24c68

SHA256
aa542a798ecbc8ab4ac542b58b404010380dee09a29a992389e00d50db9fcf18

SHA512
d33ef3bc198a67f6d9c5eb5dfb553cbfacb38d082a9faa41071029b3816f76b585906a7005e6926839f7ea6fdf7e8776e958ff777dbb2b21cad05aacc5ded043

Download Submit
/data/data/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-wal

Filesize
406KB

MD5
06359a9d5e20f0e3ba6f25905d6ae2f8

SHA1
0200b22a848372ba049360a2bb755e41528947fa

SHA256
d1ade1c8da19cf7c65efc0ff41c47e62c4a0f257e2344d6c622366526852d81f

SHA512
72e0a2ef7dcee764183a03d0d4a9754c5f7fe1d9ada61cb8ae64159205afdb4fd65db3157c4e16a5958c8fd91dc52a8a59379fef54beda5793acc07f38da252e

Download Submit
/data/data/org.schabi.newpipe.mask/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
b74452f103cb0cf09ad15a891af8899c

SHA1
859d7fe474a6a2a17747160b7a74b09af1f1d7b5

SHA256
5c79da3f31f4e01dfad6cec4668d2e6cc0fb51bc53176bc2408da490d5b57ecf

SHA512
c98c4fe6b6c09618bcdb3a41206fb3b518637013e3100ec137606ef30d4265ff83799d1ca1a992362e392f2270f17666893e05c68151224936152be34072b4c6

Download Submit
/storage/emulated/0/Android/data/org.schabi.newpipe.mask/cache/uil-images/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads