1d9871425ec0e2701967381e9700acbb4f0cb2a3c5c3c60f25116ac9ba0524e3

Analysis

max time kernel
20s
max time network
134s
platform
android_x64
resource
android-33-x64-arm64-20240229-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
submitted
13/04/2024, 16:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Tiktok-Pro .apk
Size

2.4MB
MD5

5bf513f7fd5186eaa1be8fab370bd510
SHA1

ae0fe8d9b41b9941628f34a06bef62faf5741727
SHA256

1d9871425ec0e2701967381e9700acbb4f0cb2a3c5c3c60f25116ac9ba0524e3
SHA512

7e3c2ffa5377e4f2ed532298e0a15d683756a5b2f07a1c4a4fe6f89850dc0c9ecdd4ccd065623fe9bed573d86c75664e0b6db7cfbdf472ba4cc7a10f0c5f29c5
SSDEEP

49152:fg2An8lMaux6jVMCpctcRmLhkEdVMoAeMUKuG2n5rwMhwJ:TlG6j2m0eEdVMreiuGChwJ

Score

7^/10

collection discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.stdio.tktk

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.stdio.tktk

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.stdio.tktk

com.stdio.tktk
1⤵
- Checks memory information
- Makes use of the framework's foreground persistence service
- Reads the contacts stored on the device.
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Protected User Data

T1636

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads