9bf89b33609973d48c7d09d5774c39bfcefd3922202db0d872f12b3ffdb28529

Analysis

max time kernel
149s
max time network
156s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
10-04-2024 12:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9bf89b33609973d48c7d09d5774c39bfcefd3922202db0d872f12b3ffdb28529.apk
Size

1.7MB
MD5

69d3ce972e66635b238dc17e632474ec
SHA1

8f1a2907c27b7a736817bfdb54d662a7770ad328
SHA256

9bf89b33609973d48c7d09d5774c39bfcefd3922202db0d872f12b3ffdb28529
SHA512

e86459dbd262807f260c389566335723cf53a94ed06ca68890fb0ef63d4164eef8aa84181dc31fdd8922b681a9360e506bef5dfce8cab5c0ba66c0208c8cbac6
SSDEEP

49152:uJXz0WuZnKSGZ9DtaT0L3VvbciZCfr9BsNUCngFfE:YXAbNKVZ9DT7VvoiQr9WzQfE

Score

7^/10

evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.newsm.secursm2

com.newsm.secursm2
1⤵
- Makes use of the framework's foreground persistence service
PID:4323

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.newsm.secursm2/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.newsm.secursm2/files/db.db

Filesize
28KB

MD5
ab6446f174e940245fd0164d5db956f2

SHA1
38cf7231bb9fbddf15e121fa6029bac43e919767

SHA256
61c9a65322262a48b78ccda80b46e58a21f297806d937413d76c1d24bc318658

SHA512
cb18437ed00c21dda71331e21ebfbf453e85f988a2ae9a6c63369acc27e8ff0473e558e9cfb3bcb09ce7d0a58679e643ac63b3220d11eb717317a5e6499dea88

Download Submit
/data/data/com.newsm.secursm2/files/db2.db

Filesize
8KB

MD5
892fc89a414bf19397f74885b2c4b55c

SHA1
c91f904e6b44c1269c8042e1516bff541579163c

SHA256
ac042632d715d92b86cacd6a357bb2d1a2582d635b4984896bbd1e1353ca20e0

SHA512
bedd2d9cd5ee251d21e7bbab0ed5c8539a79ed2ecb192b19307ddf096bbd06b58dc64bb19972261da261099dce53f1bbe3ba6f5177c3303915c888312411b6c7

Download Submit
/data/data/com.newsm.secursm2/files/db2.db

Filesize
4KB

MD5
904166e5a66e054c3b0f134f4a5dd50e

SHA1
049a1b127a21f2447962af1fa10bb27ea680d110

SHA256
2421cb2cd7da281c211fc2d3af0eedf6dc4c3722cdd8103d1743700a1119a18f

SHA512
ea2673efe43dd54d82b60de7f8f5eeebeb7765ce3d25f56b65c9c435dd8008120924cd5402fe69fadc100a8c41b9c3ae7fb3059ce77e4c8b6749b848c428ec1d

Download Submit
/data/data/com.newsm.secursm2/files/db2.db-journal

Filesize
4KB

MD5
d60313d4e3aafdce20a2b98906cf746b

SHA1
c0645cfbb9989b847c14148e6a8b4e47f4887a72

SHA256
f72db21b2efccfba72b2cf5d7274263e3651e3018435b42629f40a2ea6cc7a4a

SHA512
af72f28d52bedf35e5c28cdc0f1dfd6eaaa9224bec76f21b1b8c1654a025d0913649634e5569095e9a4f6e0d501b78964a3bf90ab018cd9e2a21d3a4a9de7855

Download Submit
/data/data/com.newsm.secursm2/files/db2.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads