6878d6cf75d033f90ba4366434902b0f9b006ac7a8e3953551c9ee80cd88da80

Analysis

max time kernel
11s
max time network
162s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
10/04/2024, 11:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6878d6cf75d033f90ba4366434902b0f9b006ac7a8e3953551c9ee80cd88da80.apk
Size

24.9MB
MD5

09c64a3dfbd0f019330a6dd3d444e4fe
SHA1

1250d27ce263a662f0ebae458866294bb735f281
SHA256

6878d6cf75d033f90ba4366434902b0f9b006ac7a8e3953551c9ee80cd88da80
SHA512

543966f2d70f2dea6fde536b79c7b078563dbf66f10b4a2b2f5f7a4b9fb172ca8fa443d0fdfad236e210968e553581ce58f297f79d0e3490645c2b63d2f1d925
SSDEEP

393216:3xhRWCNNZlLkf6Zm0Q2Ss/J0QnT3rRmk8hXE/3IOMwtIJ119FU:hhjYf6ZxQ2SWB8xgeJH92

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device. 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.rebelvox.voxer

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.rebelvox.voxer

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.rebelvox.voxer
1⤵
- Queries information about running processes on the device.
- Acquires the wake lock
PID:5100

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.rebelvox.voxer/databases/crash_reports

Filesize
24KB

MD5
b711aca7e7bc5a7bc095ec4694f617b0

SHA1
acb20aad7c57bd6b53b97e06f8caba1b5b89fa62

SHA256
5e17cb0815247e41ef122f1ff42106216d56602d1be0be1fb46cabc84cd3d816

SHA512
935137ee226b072144813148946db802f17b35013b661db5537ef21126f06262d402cdd79b91b5b18e1a645c2ec4e48550872763e4c5be9d4bef12777b9d0265

Download Submit
/data/data/com.rebelvox.voxer/databases/crash_reports-journal

Filesize
512B

MD5
16c38e78bfe1ba696302f8e3dbad5389

SHA1
06d7d28bd4172f1c7afbbfa5033070ae103ec74b

SHA256
006ddd115c6e3ffdc82aae0bd9f1a18bff2f1d69001ebc7822f1a8ae269fa0e1

SHA512
6b7de4b5a2e4bd409c59e44e703184ff600d6024e467378f373cbc64e7320ab5d387b9ca0414d63c742916edabdd39fed72d92cfcf28c35446415b8153787e2a

Download Submit
/data/data/com.rebelvox.voxer/databases/crash_reports-journal

Filesize
8KB

MD5
ed72c0a248e3b9d50db4eca58f329c36

SHA1
a6dde93a0f2dc64995d2d48bba29a442c256804e

SHA256
1ad84505f78ddb61ee7b1944ce1619e6b0915e355e7e019da1abd5528cb1f5e0

SHA512
9e2a353b2d96743230aa99450f1f9bdff6d532190ff0396489f306d14d0c3472fb608fa50d3a06b7cfed451637a8cc737275a1153847b89889b91f34ffeb8bfa

Download Submit
/data/data/com.rebelvox.voxer/databases/crash_reports-journal

Filesize
8KB

MD5
62913a5178fd5d482e54b75c5310a1da

SHA1
96214ea6251ebffc51eea33b40959ac43e309d1a

SHA256
43883b5ef38a2a81e87f1acda671325cc6e9636212b7b4c0e776ac368c217c46

SHA512
b1defd688a2d27d7f3a5e7a91e9eac0ef9585a4e8f0dc617190729ef6124c557a59f1077a25b0f66f11a9a05bd85bb8c928e22f996a6caea4ab16382d5250ff5

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db

Filesize
164KB

MD5
a32be7a7a489515f840ae24a3ee5032d

SHA1
d8b7e6e59d013285e4352bd51597a5ed977bb648

SHA256
a3916eac83f267990d4b94e45aeb0c83ab404791dc4182ebfb36bd2edc2e1c01

SHA512
e63c9564271a959d86c3e7f4ba8dc870b37df1855ad01fb7b29a54802b186d44656cec1e54932ae24cb1239ce49a05e75f3bbdcabb21a785cf83473b9607f8f8

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db-journal

Filesize
512B

MD5
7908ad6e33ca5cbdba178c866bbd3cc6

SHA1
975728018df0b79eb6449f3447de335d3b009afe

SHA256
dd387ae12e1aec9a1dd890e837677880ef6143ebaba39e97dbb0b70885b949f6

SHA512
395b65c4b2e016af49802efeee20bf93d87c31429829165d479b1c5676226c2165bea578c28954daaad68b531b87c2481ce079a0d0fe39689536e43742c025be

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db-journal

Filesize
8KB

MD5
41bec3abf347ce4522e4c7c749d15cb1

SHA1
36853e904c6631569c7c652b9b1f883486af5b69

SHA256
e11e464d4ddcebf35842a4f30f9e16ccc856e52d7b7e568d6aab030b2bdd3934

SHA512
aebf4a88bd129d83a49ee065569e8f64393fb70eafb0c26451a7196f88f6d4a090536756bf278ef07f98b756150e79d4bf7ac81fc358ccde460a84e93a874e01

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db-journal

Filesize
8KB

MD5
c72fc2f16aed6045f55fda17272a214b

SHA1
c7337da9e9389ca9b60e0ecf72ab7cd8baf16dc2

SHA256
4681205949e8bb16dad18c19ff953e173d597c1a04dcd380ebcecdfa344f4c74

SHA512
26883e239b60cf00aa62bfa479635d4f985a892e5eb47914ead207928eac00435f15174b7171c1ea59c56b3bd1b0ab76379efe3944e541b9330458ba1789ad22

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db-journal

Filesize
12KB

MD5
dec17a9c0e12605bc38070a47aeee413

SHA1
f507925ccf83b4197d3b3d578822cefd4db13bc6

SHA256
2976a5a3770dd9dea424f405560e3c67283771c18356af17cd217656aaa80b82

SHA512
951263dc420aaccffbb8c051d95da19d67ce122cc4f08c566500ee8ea764c9af4e23ff8e9847c799faa1acd0942d28f526277aab17a1ccba310e344d6e183f20

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db-journal

Filesize
12KB

MD5
74c166a7936b018c35e1ce091099b893

SHA1
d8dde11a54bf31849a6ba6246d072276f65f5e64

SHA256
81642ff6f4a9020474f6deaf1b3ceccaeadfed5e9672ee82159cf1f1efdcb063

SHA512
ed716b0283c189ca07908cbc6e30b9a36b5af02969c5b6f5f026503a7aeb4e2ef3c280a6cbb0055ee1e45e7b272a5dbdbd5f6b0fe0d5107de9499722fbe4ca3e

Download Submit
/data/data/com.rebelvox.voxer/databases/rv.db-journal

Filesize
12KB

MD5
3ab53396bbff9f92bf107116b207d2ae

SHA1
ec22422a75591b10dec417ee568557c147cde42b

SHA256
d9cae6fdf671371fc66de00775ff5974a64fa7580ff5dc479feb8a30999d8bb9

SHA512
3323906983ea3b0f94749ea92b2e9bdb6070c1eff8e677840e2cd6b421de9f84f1813a95224b367acb849bc0b092e9d872b1295e10407b493884aeaa59705cb1

Download Submit