29e10e48615c69ef475ea6f203d30281869f5a1979e1e15b84bd74c0643f76ee

Analysis

max time kernel
3s
max time network
147s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
14-04-2024 21:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

4.1MB
MD5

4f9b84a780b172905aa3bbb23797dc21
SHA1

791e0d2ef94162227d588df66918dd4fd5301c8e
SHA256

29e10e48615c69ef475ea6f203d30281869f5a1979e1e15b84bd74c0643f76ee
SHA512

f5b3ecfc1486ea1c37f09c6bf9ba0e6239885e4a92db589f19ecf31048b47ec8bf575cfb4ef6cc3e74b63bcdcd48e0b6d497a9bcac618bd690aeaba39fdbce91
SSDEEP

49152:xKjjqMqY4nCZcomDQyhFvLkuN8KYn+xETg0pJf2wc8ljXhe7sxkk+j7ZzwrUYisL:+qMqYS5oNyhFIz+MvvXFkk+JQUY0OtZ

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.lyufo.play

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.lyufo.play

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.lyufo.play
1⤵
- Acquires the wake lock
PID:5090

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lyufo.play/databases/google_app_measurement_local.db

Filesize
12KB

MD5
6da302a2e5fc0263420684f38a00e3fd

SHA1
9e1c35e91c3b84600dd8ebc10e072ccb91b5895a

SHA256
a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2

SHA512
6e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
be4d4db4f44a1d40726c6c31b6c1328b

SHA1
2300529fc16aedf157fbb85db42cc2564b890a78

SHA256
0870d730c89196663a1933f09114d6b6afc2fab03dca4cca9e2316b0b8103f04

SHA512
de8420447b54d4937fce0138a6e7fd78845a5cf843fca4208618c17afefa69d8e27c9fda28f93a6acf8f4ddefb7dbe09432a2d203ea106d4eab2cfcb76f83411

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c4a3580f3d835cf1c4b6240c8740c69c

SHA1
090f6e4f8aeb9967f5f3bb25b46506c8c9225856

SHA256
ac2b7eb49cda8f8546bc1fc4cdee9153a731916de78ec97246efba363d2ae648

SHA512
81c55c8a8ef81d069cd23112549f34257e30c8c2140d9a2f141081fed035e49c0dbb8e9a6fe9baeb8c0203b6f9c0ed0af71d41889739ebd678db8fe7c5504f08

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
71839a3bfd68274d7030f80d5775f40a

SHA1
49b126062cc07898a1494df37982a87376df3644

SHA256
b29493bdf124a69b7a57a422aad3c1e1c2980ab44badec0bc37ca695b689bf03

SHA512
1683d2d955b414c70e0ddbb9a2d6a8050ea2d3b523af28b50be1e973560a3f358ba93cfda307438f6f4baa6e70568425522229f2c3c0a870d4aacd094512d42d

Download Submit
/data/data/com.lyufo.play/files/PersistedInstallation127229095764431577tmp

Filesize
90B

MD5
a62c9a6c94d4c5c4e3d69c365675547f

SHA1
daa69999e5ff83d67732183918052efc7d76ecdd

SHA256
4ac763bf02d621ebf27d44096626c4391f94e9c948a885d48731a5471401a1e8

SHA512
ea6bb35f31e45e7df9ae5314b49afb402eac7156345ec9e1339af0acb0882234e954198c3e7abfad0be8a9e13ca879d201cc71b6b71f82498103171c09e9832b

Download Submit