Analysis
-
max time kernel
146s -
max time network
165s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
10/04/2024, 12:53
Behavioral task
behavioral1
Sample
990e50ce20706be80b4d62367ff6ed615d6dd04551b42cfd80b1a8950065b646.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
990e50ce20706be80b4d62367ff6ed615d6dd04551b42cfd80b1a8950065b646.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
990e50ce20706be80b4d62367ff6ed615d6dd04551b42cfd80b1a8950065b646.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
990e50ce20706be80b4d62367ff6ed615d6dd04551b42cfd80b1a8950065b646.apk
-
Size
406KB
-
MD5
369ca8fd7af4865752c2241884e3b2cf
-
SHA1
ef4ea8f1ed83abbac62ed75b74cbf9c815887b3b
-
SHA256
990e50ce20706be80b4d62367ff6ed615d6dd04551b42cfd80b1a8950065b646
-
SHA512
1dfd768f803959f8e79331459fabb5fe5b7fed6550b952ac734f41b694ec2a72811ec34b5ae88fc2d444221ba77df4b384c95f58442b0eb138a9a497a800914c
-
SSDEEP
12288:9oIrRitNNC4ZulrkFAIlniM2XtQHKvZIcaEWI:9oCo922bWXKHKvHdX
Malware Config
Signatures
-
pid Process 4677 com.photo.android.p -
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.photo.android.p -
Tries to add a device administrator. 1 TTPs 1 IoCs
description ioc Process Intent action android.app.action.ADD_DEVICE_ADMIN com.photo.android.p -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.photo.android.p
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD54fa65216d7c7a0d708f0fc39947bc574
SHA1df4d662c7336532c40ab966647bdfb2b74d8a0f0
SHA25690efb1b89a9732f3da0cbfc20437ceb7a03e6607cbdb3eed1ddb8521e28c50c0
SHA5129f38d1fb651f61a8b7c95460c0a6a55b7e0d60523c680f7f11d1fd8887078d6694ae5d68c2cd1207a86b8e7e8aeedf8117a6cea47d1fc38719be522be062063c
-
Filesize
512B
MD5553f940004eca6b2c9b93e6c715fa125
SHA1d02e904a1e4c6c1798f48696dd3311aed21044ba
SHA25686c22a5c0c1c07d8fbf21e660846b1cea2f18e18c217c7f6074dca9f6b5b1252
SHA512f489e39a95829d7569d392beafd46cdc6a8c7cd5a25c390d27ad41c83266da6fbffaec6c2cafc6f030b4fa9097787be841aab47f6ae273bf3876f89b510afc2c
-
Filesize
8KB
MD5c9050fe79d5f4532f2166607f8f0fe1c
SHA16a1f7bdfbf5f4dbb11c5477252566414a00c1191
SHA2562179711b33c5d1568ec1456898870043b5c65f6d948de4e737f8e359d476d38f
SHA512e23b7913ae076a4c95cf9cfc29c1e84e24a525448db4ccef36c178b1199575b2ba418c1cc2bf8d4b68ca043b67cecd0ab5bf20e65c96f6c75d4f6dfedaab8f4a
-
Filesize
8KB
MD5b8771f2cf05966b9b7dec72b1adf25ca
SHA19d274130cda7f198cda620dab9b100736d49b31c
SHA2560250e2f4ae6672f283c6c090b6564143ed57eb15f50f179f29d2e307fb8ad4f4
SHA5126fcea1dc0ac8a79b8f57d12ccd93c2cbf80bf620da1d5461c9bbb6ffec6769295d956b80d2e5a2b20cfe3c38ba8d59a1f10a37fc3159b8837ef739722d9e66ef
-
Filesize
12KB
MD5171aedf968e17a2744d2585715606cb9
SHA1bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA51278a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b
-
Filesize
512B
MD5d84d39298dc0b45160bc01d32ef1bb15
SHA1e3980350db6406ede7305c25a8ff484ec18bf1de
SHA2563848c151591253939abbe6acd644305ca3d4545c54db9cbe519c4ec6c8eabf24
SHA512e97cc33a89bd884c4baeff7fdda27fc16d9213c2c1f6250c0c32a9ab71aa0783c4a41fdf094b81bc42b05c166ec5d63dac0930090ea08972e2a3f2566398eeb0
-
Filesize
8KB
MD5dc95275359a2d2cfeabafb9595236c07
SHA1e813aa32b4d912efe0f1f4383c053cd45e66a24a
SHA256b222af7b13af1003f5ddb45611fc691caf140ba70e748509e60300a1c71646ca
SHA512e78255199b80b5414ebe74c7013d904026301fff8ccbb5ecafb57c752554e531b25eb10c148d038cf869a22c4d144918986d2eeb7b707ed8e914cd02a8612ae1