c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440

Analysis

max time kernel
130s
max time network
162s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
10-04-2024 14:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440.apk
Size

7.0MB
MD5

241b578fe963ad199fd5bdc0bb50f4ca
SHA1

3a9fe80e346356dd1b7a12765fc941f7d584d943
SHA256

c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440
SHA512

52e6d4a9164480af0f3c3d5e08d85d25054ccb2f6ac57bf7db7ea4f0c8b9a60a2829ac4e7310822e289fa8ee4d25d9b4146014681ef16cb404ed2a03cf2d5e62
SSDEEP

196608:p8/u+xgCR1D6Du6gUxL8wLszeEvf/QuN707b:aG+HD6yJUx9LnG70f

Score

7^/10

collection discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.systemgui

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.android.systemgui

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.android.systemgui

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.android.systemgui

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.android.systemgui

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Checks the presence of a debugger
evasion

com.android.systemgui
1⤵
- Checks memory information
- Makes use of the framework's foreground persistence service
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Acquires the wake lock
PID:5109

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.android.systemgui/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/com.android.systemgui/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
6e7fc2931b7cb2727f57aa8c6406a45d

SHA1
a4b291cc358472f2fb6105886925cd4679c87319

SHA256
827f2fba79cd93bdc980dfca4ed00ff1c84d15ec4f1643235d876d43a59a4ea3

SHA512
0232457070f6900a8783b965dfc8dbf974e3d8206eda3c2bf0fed3e67321af8f952fde572b309713f961ea41bfd906bad0465bd1e4255c358dff83bdb10aeceb

Download Submit
/data/data/com.android.systemgui/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
3b2a29351132a635f93464f399a8da8b

SHA1
cfd4b96dcf3d70c178b547572f758a7a38273327

SHA256
d44d5deb2849a7103b0785ab0897b71e81b5b2f0f7a4fe5373d19eedb42f16aa

SHA512
256f95574d15bc3a2ff45c1b98ed8613a7bf47ecdb09a7cd038e9c13814331a4a6c15b35d9ab57f6e815fb1ba993ad4a46a48d8f07bbb813873f78808bcb3df7

Download Submit
/data/data/com.android.systemgui/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
27a1564b3ccbfc4fcad92b5a127d25d5

SHA1
768973ee681c6aa168f9ff0c50f1eda455e9a972

SHA256
e2b955566d96282bfa94db263732915fd2bed90b37755858a5a40d3553f2c49b

SHA512
2f523a2099f415bc193a518c8c7aa02bda6114a2fab750ee3d7daf96893778be39bc054c9d8c3cb59f97cc9dcff049a54a08fa8574ae447a06e96217146cbbd5

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
67c1c588e37079e541f0ec315fa31436

SHA1
10be4cf20a13369469adda764678c3b6bad8b381

SHA256
c711926522d8c44063da5f27f8eb2f53ca58ad083fe3b3084759bba46d1fc82f

SHA512
d9ef97ccdb790ba4a6d17daac2ed7a147408050a2db762f7faf1b9d6e2dfa2cabb4711ff98fbd10f1f824f983e4ff180d95199a4f884c0119545e08c5e402459

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5c33d7e2022b6e30e8314738f142ff1d

SHA1
bec20c0e16d6163beeae9dccd4226bb7767953e4

SHA256
9ada9b81abb83fc14b1321327f31648938743e727a0741e92db6e1b7652dc420

SHA512
35db8f9d4b61bbd0a2ed5d911cf0f33cd863605249b7b1d7b33536a6a7f3a35a91241f5c1e499ed9c1860a7e20c99202ee39408cfdb13165c789ae9e2416de14

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8f5af70338d17dae892c60138f7dce85

SHA1
9daf28d2a562bdfbc734cc8f29727aab26873d73

SHA256
b0dc5dded779b399c491d83314096989c1cbb8fb434126d1d930e24e4fe60ded

SHA512
00ef17d8e9296acd43947c302c38987214e5b4399651ac015ab168354d1a3f63c821ef5a4ebe914f017ecd2d48517325961e001510f6348fce5bb952a23f08ef

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
602cb437ecf28f85b1f975fb0e617f38

SHA1
7667cec48729623475c16b6d1a4db1f395d3ca02

SHA256
c7b8c023819c51fd27a411a0cb5a9d591f2296df67c0b495e3d97351276bfd9b

SHA512
e8340720cdcd7f6417dd941996fd254304df46fa447a91105174c939a650518b26a0268018180b048da18e5780e67dd0c4289a8a5d595e600d11d2e7c4f96dfa

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db

Filesize
16KB

MD5
036fb9abe937763e3dc8de0a7f726d39

SHA1
078883d886715eacfee043230a81118630883fba

SHA256
340fb475122975e1bb2db75722b4014da7bd4889047e0564952546f76501332a

SHA512
64a2cc007d2b7eaafaffdd31617f3195a0d12dd6d1aef57786bd0c8c125ef048e2b97c5c792426a74f163d7b6d6bc43be1dc6a901db099cbc55d386489650bf3

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
bc2cf7c2fe46699cb2df7b06a4585056

SHA1
5d9a8e5cdacb36586bdb2042df9144d1080363cf

SHA256
e0dcf2180fa586355ddb3d5488ff1f8235f69ec25fd0e334da872cb6f3c66a97

SHA512
b3d85a000122bdef0e61f489ce734dcea7ec3c9b5ff3d788c67c41c7f2bfc731f4bd89adde6db3bf1d17ff729ce1cc7edb52d682280704032f9de16726deb9ac

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
494a63cff21164f5b2a396a0c32d1966

SHA1
d7db84fc724f983d87dd90f2607675f1e8b2bc79

SHA256
d656a4b2453e14f968fd53143013b19cae8c3bc965f6ee87ee16f2dc4eb2611a

SHA512
fdcb77b62237b76590dbcc45e63b71631be80e033d95ea9f2494b7ea73dfc42bb2b7b82d25c5e475d3f7602ef12fe329ce44aa7b70f9e2b0f09870f517438903

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
2a1b473ba8ea85cd6efe4f60e5f16fab

SHA1
222337051f635154c412cd3b69c151ce3d47e2c9

SHA256
f84ea87817425657097989b2bac1b7b07b60c566db6b6d594d1ac01404cc1e3f

SHA512
474d9254a7d625961c7e7489780c5ea68bc6a1534b60ca6a7728c0be24c04b96e26320f48b7b8c5cf55b0e65b989be85f229359d25dafefd8e1143b4ed98e709

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0f6e875f039eabc0ebd31736e8ede3b3

SHA1
a910fda1af4477bf2cc1a2256188318ab7f60801

SHA256
736d0db8e01b82944f5d718e931505deb0dc294c17ea7e70b68655b12378a7c1

SHA512
722afc28744d463c5a220561ccb45aa6fe4edbd2063283726af70377fc1baf72f1c536909a1f2a66604281795cae0310846290a3dab1759760383d2ef435edb0

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9469aa548bc169ec1257e7d04db03d0c

SHA1
7b1496d7ed285b29fdae0522ebfe5ee842716631

SHA256
8b5f8f2b0167a4db96398d169a98e52efb294277d1ee65d978baa73a1e814ed0

SHA512
9ee287a0f613ee7ccc3efc2235940892f14e2d037d4028cd3f794675ed4afdc97074ca09097bff8ebc82b579bc9f2676018fe2b95457b3d1ec62d80a0b0a989a

Download Submit
/data/data/com.android.systemgui/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8a1e0085735f84d82923d0589b6df0ab

SHA1
b4aabf3275fec3e73fffd030f4a8275cb105b1c6

SHA256
f50d85c6fc92ec3a2fdd3e14baab93bf53f8942343bfe3b3c22a9a8afeb97972

SHA512
e751161b29b2df0d6fd94466ca88291d1c44c7bab1c05abb78c7180a49eefc222a45f78911fd7cf7cd2b7de16a2b38dba0b58b65c37179f30964c81636c30726

Download Submit
/data/data/com.android.systemgui/databases/prdownloader.db

Filesize
16KB

MD5
4fbf26b7586c8778b0dd1665355084db

SHA1
ab7615e028d2a4c211d03f18ecd8b067b73754cf

SHA256
0d1a418d4f25b43224efb7aced9fd47615a4f470710da9ec229b463bf8624a3c

SHA512
a1c778433b69482962db111863b5b3d6ecff52079c9581943057ce8cf9ccf20a611024afed08f567380df2159154fb78dd5dc705de1765044bb68d57ef8b9d06

Download Submit
/data/data/com.android.systemgui/databases/prdownloader.db-journal

Filesize
512B

MD5
3d3018aa984c7315e86fdcb46592f36d

SHA1
d569ef5586a1161935098e2519451ce9af741c8e

SHA256
88dac78af3ed543df1992bcaaa3820bb20f2907121d633cb2a833e303051e994

SHA512
851ee86c80967866d25f89e63ff1ad448008775f9f0f52b45560f1606abfeaf8f2ae4ebc3dcfbe4e87f2dcc5fcdc70118ef1a495045980d6d7bec56c60fd5faa

Download Submit
/data/data/com.android.systemgui/databases/prdownloader.db-journal

Filesize
8KB

MD5
f0fc4475ce41d5b329b06bc93fe30d4b

SHA1
9fe64e4f032e967a3a55666578bd08b7a8931713

SHA256
81cb57c2cde014b17782dbba9d787ec900d993aaf02eece9553a2d378d51f846

SHA512
5cbf236fec970fb8db345fb0b897b774e84b3cf45b531357dcd2b7362f46a1f6766752d40a23bcbb755a03e984cdfd964ce437cc481598eed6c76929b54316f8

Download Submit
/data/data/com.android.systemgui/databases/prdownloader.db-journal

Filesize
8KB

MD5
a9d552a4eb92a2c965b013fa7c68774f

SHA1
fe4f46068e401cece95f1579d173578def875f3d

SHA256
21c62d90fdedb713c6b38f0cd98b18c0a039b7762313def46c204b7001c04450

SHA512
05476c455fb4c65c48b847b48008e58fac064c40c61c8c927433bf7c51bd4cca43af56038ae9fa2f11b57229563d501151d8a6bb4496bf489296d73afcb112ca

Download Submit
/data/data/com.android.systemgui/databases/user_database-journal

Filesize
512B

MD5
1bfe1d6554b8c17a486613103205b738

SHA1
bbf1517377601e942ca6e577cfac0c6fc88260ed

SHA256
0aa00f8ca6f0aeff455b4267a025ef07cd7dde5b6c210acb7b1bba1b2800299d

SHA512
0575948d2f5e93453a32292c972a56b7934197ab3d61b4c4a7f5641ba330055929409dbd364a51065ba3c6e7fa991eaeab0ac11f925de6cfc702316a384c24ba

Download Submit
/data/data/com.android.systemgui/databases/user_database-wal

Filesize
16KB

MD5
3602e429a9e0e3b07f72049b78d628c1

SHA1
60f71f9e46d77bde698d0be1ca21b6eda5db7c63

SHA256
44e1f9bd78e276fa0ce71babb28c9bc0a284942ac80fb170b2caf4010ef60769

SHA512
77eb6952b05a7fe9cf1bd663a5dc01abd1097df9c073c513363ea38cd3f143a39ee11ddf0d21bb12edf9f775d56de80e4e49746a445470f1ab7fc9e388f03fc7

Download Submit
/data/data/com.android.systemgui/databases/user_database-wal

Filesize
152KB

MD5
7ab44f688c25bc1ae47f8e54bb650cc0

SHA1
b0fb669354394b847214bb535da7f1c700158122

SHA256
055938afb7dc2a1bfdfb277eb30120c0034b1d4a23f715ba40801d11938d08ea

SHA512
46f76d5de812ee99a7a51edd57525365697aaf941648a007e3288cfd791a14fcbf032fffb3c1b4742261b958ed93aa05e33c8e69a3c9121d4555ec650fc89d78

Download Submit
/data/data/com.android.systemgui/databases/user_database-wal

Filesize
164KB

MD5
9591b0fca8485113a51dd98f9d29aafa

SHA1
ca1d04302650ba46deaa7748dd949b07c3c097c6

SHA256
4a1cdce98fd2abfc47ca3a7dfe2c6fe75a8033385fd3195a922511936aec3275

SHA512
9f1565728e85522273213327ae356a6c962165c24127847d2a3640bfe88dc6c54a3c5a03fef96f46a6e109c51db2e6a15af0ea6deb255625a9caba77d0f7b9bb

Download Submit
/data/data/com.android.systemgui/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66169C5A000E000113F504C54FA056E0.temp

Filesize
358B

MD5
c4262853f141dbfa6972087773a57aee

SHA1
255801938ee4f9fb5ecf20bb5de0fc7c9a0bb113

SHA256
da6f756af80cc52f0dd2f1196b56e4eb81abc5d0d2b4642e4a4cc6402f826d56

SHA512
dd8bf71a01f74422705f4186aefe47eae014e1f3aa7cdacf7128d0c8b0c927f3689bb7638ac7877b2b7efa85e505a7e014eeb2999865731ffe51141e4cfb0626

Download Submit
/data/data/com.android.systemgui/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66169C5A000E000113F504C54FA056E0.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.android.systemgui/files/.com.google.firebase.crashlytics/report-persistence/sessions/66169C5A000E000113F504C54FA056E0/report

Filesize
739B

MD5
81a150a8c4f1332ec1582add001f43d0

SHA1
afe398dca54ee16fbb39081e2cc04d74cc249a63

SHA256
2732489a070cf2f16505d5f43c2fd96d01b1b4072927c07cf71c71658709ff94

SHA512
0f2704fb6d354906a2b9439c7e2eb3343f7c834268a236269f61098dfd02eb044001126276cb3c23593e87daaf790b45f22ebb2af556071758104fd34f46e215

Download Submit
/data/data/com.android.systemgui/files/PersistedInstallation4750170649595199819tmp

Filesize
114B

MD5
6a0bc31db6e776aed83f9a94b571b8fb

SHA1
f1b38123d627d616e25e75b4503f8e79b8ba98cd

SHA256
29c2ff76ab77dbd550ec5423e8c03944da27c3f74265a40d2ee949606d13bdc1

SHA512
9b89f5e6584a2370630f757a08b6a19a0b87f99895de49881d30eed3821540f0611e222ab5cab4d6fd440208dd0a957ace6da9b721f892d4be82cfed25576d29

Download Submit
/data/data/com.android.systemgui/files/PersistedInstallation9032718403263471974tmp

Filesize
90B

MD5
ebb2a8aef9effd21c475348a8a32d70e

SHA1
2b3e38b04fb050cf80bfd1afe057ad66b6d4696e

SHA256
3c872cba70b04c9937d324b806fa19a203ab4d17cc2178310f4c31428557f915

SHA512
a7ba65fac1681cbb58e45d5b565ae0c9d7e42836ad3969aa0dd42e49ed9ce5a4b9742d19e77617009c91e41fad5f36276b69216895fe3599f645f3d0a04eb2fb

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
97d821ec611020763add55d5d5c4caf9

SHA1
594b845c979661342ae40b42394004bc96223497

SHA256
ff48b7f9d2be202905543f5426151fd28f15d3ca7e83d043af3adb852eede8de

SHA512
712e525a8951f396141b925419643d90804b494ab703da70fc713da84e0efe117fdabe669d5f486ac242a99887ce49d93438ed43bcfaed690c44ab8534cdf78f

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
17a1c1374046f2437e34feabc631b60b

SHA1
7afdf14d9d92f46ab77d5f3f8fc6ba660f7f735e

SHA256
ca4a9c2d275a8378befe77098c02a3fbc8f60656f2fd2cf105ddf9797fb83e1c

SHA512
c58b5e028a39be532f7b6449732ce3af05b89aa4a6318d40c1865975e91e476dda49aa969dcee584eb1667c6f85572e55262e462b2cb682955507cdca395d9ba

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
9c68b4a56e893a08d582e2b8b27e754a

SHA1
c2b34628faf7fc2df76acce814a221034f4d0c63

SHA256
639388a2d0313af4470092a6489b6ed71183a4236b225a73abbe34a99e440862

SHA512
f5349b506a4aa4ab2e6c22bb2ada676bdcf983e871fc4bb13465014dc6fa2a324c5087da3fe73ccbb9dca8f999ae931846af07ad65268081a26620abcaf7e5a2

Download Submit
/data/data/com.android.systemgui/no_backup/androidx.work.workdb-wal

Filesize
229KB

MD5
9c4e2836e65b62a5d54b1895b085b770

SHA1
4bd86a2edf10b511d3cb15ec58f41dd68ac738a6

SHA256
eb8241b69f9b1f41fa851667c952bc2fd97056e2aa1ec404bb62beb6f5afc90c

SHA512
4ea015322d54882c9bed116b34168df1a8bbd0aaba8cff85eac45509d2d52337c6ce72319d8d6f35f61158a4615bd02df1bf5f1bc5bcc9ca7f09c4f2bc448614

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads