1352ce38dadd5e7ff5ed7d0a84cb04e12534061e5aef645c650bdd06bd2d5847

Analysis

max time kernel
11s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
13/04/2024, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1352ce38dadd5e7ff5ed7d0a84cb04e12534061e5aef645c650bdd06bd2d5847.apk
Size

3.1MB
MD5

68ee0fd56511f904fc45882f974a0f7b
SHA1

faa1582fc352a495b02de0cd43a9d4c05987253d
SHA256

1352ce38dadd5e7ff5ed7d0a84cb04e12534061e5aef645c650bdd06bd2d5847
SHA512

3e68f71a2849539a1b7176725796f5f5b2023252be82d4b85cace0c1b5cb6555c0e46f6fc694816d68af65d5d9c583ffe46fecc703e897aa41d0d2891b6b3d75
SSDEEP

98304:BRVqKyHGwhXCUzTIDPwMZ6hyoiIm1rZdr4fc/gg:EVmwhX1TIrsm1VgE

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.unknown.god

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.unknown.god

com.unknown.god
1⤵
- Checks memory information
- Acquires the wake lock
PID:4208
- ping -c 2 -W 10 -v google.com
  2⤵
  PID:4357

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.unknown.god/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a0dd1953de96963caa06f7ce8ac36c20

SHA1
c2e7080796a2bb16782dca0afc6002c015c1c61b

SHA256
5473cfe14f0d8815712783220883b96e0e4a93c03b4209ca6d09c37c92ef3bb3

SHA512
9d5a548e7769cc5ed5a7d19835809163d4f80b8f6a375adc9521ec40b0dd1bca60089fb9176639a3369be30bdbe98451103064d69c9163fde8f46a07d448ac32

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db

Filesize
16KB

MD5
70f414f25ea20517990cd3c24ce2daca

SHA1
1df7a9dd515dea168d1246ac46ee1a5b7105d0d8

SHA256
d059fdbb1a59e5722731b7d23d4aa991541ce946c1aa622b42a466dff3dfabf5

SHA512
1bee4810c24aa33d543f8543f4679b6c24130fe17b3a0b627a7e5e41c307209906b9b40753db16936f4a6a3f9e3e6333e4a8d09e8384e94307a4446306d1608d

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b15ed536d70130d241ff4da7ad4175c3

SHA1
ca255c944b4c2f85c424886778b8b62a9be9fde1

SHA256
48096a6df4ce3673ebe93bce9a5cf828a30f17d74249d028f1c84ebdf8dc4ff9

SHA512
d2899ed1c24534485c72ba45b1804623a76194dc9a8ad0078fd10f5293aba61a29f69fe7f3b60574a4fc9b00b0d1ecf324f2c213bd897d536185e7d8ecea61d2

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ebdd0b83d73b25d27341042eb91f0ed6

SHA1
f05408037ff9f22b1dca8c0d6b2f330186fae575

SHA256
2ca28e5a8e555abf1f44d01115dfdb85057b0221cccb0b9cd2c4caf8d85cb76c

SHA512
16a8fa674a6ab41d5fa5839130e5d88c636bb87520e568ccb19266c3c2ae23a39b4ec433524a665770fd59839e80f04284c3835d561c0d40823e541b5d69fc61

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
0512aa528556a97f287154cf935d2a1f

SHA1
92b942795610752b970ea608f5f18452c783838c

SHA256
db5091ebe5b7cd514c749b76cfafdddd4b2d51750ac2a399086f40638ab9799b

SHA512
9b9d6044309f9900aed2e6f799297bf51788ff8326fb52ae651e99659f4b78147cc2599a315ff7c7a51ad44f20662d4ca0d1df0c9de1a74bb42599f9b0b57a8d

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
378764a6338b2b0cdfb2df321b746856

SHA1
e50381e9fbfc6aebb6d6dbc2e92d00f5ddad8152

SHA256
d741d49b2f928a1a219b786dbbe9c09156d1a67527f179c13612414f0a7b84c7

SHA512
0b53dc33482c3009dc246a38a7e00ea84e73f0efc0af42b752db3110a2075143adbd6658976f4b006b095b546703e3b70a2ecf183b58c399a04b13b46088cc45

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
064bf1e5e0cc96933d3ce44b4c3cc113

SHA1
67087fa066db177c9518fa37b5dadd579d5af42e

SHA256
0ed28cccd400655333fbb8cc2fcc966ddec3681983d58866f48e0b385ade0ac2

SHA512
48c9591123b29ecec421f965a261327f9e6ecd19ba57ce125c1e7da048363e08e01e7026866c86273ccd5fa5700b48cc8adf89dc89a5282bb8d12fef6bf1fd2a

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
20615e8ae1e2c2629528ac2976f91c24

SHA1
519410bd9ca98581e3448e677cc460048b5cd9fc

SHA256
22e8924f00b1f59e318e1e384eb2a74f372398ad00caddfaaf0aeee8902b1456

SHA512
c1dd7e7d322f322cc5207b70ff0b106d7ebacf1fae5d1ad636b1dc3feec4701fe096eda8451fde196ada7f76b2f233c0eb0375a6719e5c61f7372d5c24ca8858

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
55a4f7df9fbe8b7fead37552eac7a66b

SHA1
b2c28e5bbca6e205d32c11dcc14c68934fb0e10a

SHA256
d4fb7fcd628fb5995e440b25915a4db0b5e123ae47810a86237914bf6d603d77

SHA512
24cf2c3f687519b98e3a78fe70b1bd897d907558715d7ab5997e19108eed0f1fd3a965b2b218f33568cd4d9699b328a84c5871a89433073cb981902a392f8746

Download Submit
/data/data/com.unknown.god/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
dbe4c82577e10413a9e59969246a7eeb

SHA1
ec7316a0676806d934c194c5cc87dde42dccf027

SHA256
78f2a65fef46fb8d82e0b64815c8c79f5435614dfcff5fd01f19e58ab8151800

SHA512
69d3985b34180856ffa17b7366c318256eefbe8c3ba309620b52d1ccd99dd400f48241837ff12bebd017a6ada550887d48d4e816052dbc7b199d465783b4f965

Download Submit
/data/data/com.unknown.god/files/PersistedInstallation3266529428663866022tmp

Filesize
569B

MD5
ad58cb9055b341914234140688782df6

SHA1
3f224255f83ae1c279903077e78d5966f31805fc

SHA256
4930cc5f66b9c8c26ffcd1bb7d79c983590400c680582ffee83de2a15be18767

SHA512
9e3fec08d4076dd5d23449d633af9ea2b4bf7d9f67f99328df28a941989e7fa07782dc0f6fef1b6f377cd63863f487ed1dadbaa18c12ac281754db935f4d1fc9

Download Submit
/data/data/com.unknown.god/files/PersistedInstallation329421996502314254tmp

Filesize
90B

MD5
b946bf72cda7d42326c9a9a3bb955422

SHA1
ad99ffa128fc71a63be1e347e382502e735c4375

SHA256
5269ebcf9d945158911b21bc59e7f6e3e8fade9edc105432de64519e4a66fb01

SHA512
5ea5cf89709e5c93664fd8ef078adb0b6d02705448ba53c782ba576950df58254ed5d3a467acf29db01cca8e221866461dd632e6221f67bf7a13e8dbab90020e

Download Submit