29e10e48615c69ef475ea6f203d30281869f5a1979e1e15b84bd74c0643f76ee

Analysis

max time kernel
3s
max time network
146s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
14/04/2024, 21:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

4.1MB
MD5

4f9b84a780b172905aa3bbb23797dc21
SHA1

791e0d2ef94162227d588df66918dd4fd5301c8e
SHA256

29e10e48615c69ef475ea6f203d30281869f5a1979e1e15b84bd74c0643f76ee
SHA512

f5b3ecfc1486ea1c37f09c6bf9ba0e6239885e4a92db589f19ecf31048b47ec8bf575cfb4ef6cc3e74b63bcdcd48e0b6d497a9bcac618bd690aeaba39fdbce91
SSDEEP

49152:xKjjqMqY4nCZcomDQyhFvLkuN8KYn+xETg0pJf2wc8ljXhe7sxkk+j7ZzwrUYisL:+qMqYS5oNyhFIz+MvvXFkk+JQUY0OtZ

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.lyufo.play

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.lyufo.play
1⤵
- Acquires the wake lock
PID:4421

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lyufo.play/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f1127251f5d3de67cf433c29a0c876d3

SHA1
d2bab716f50eed483d3ab974105f761988bc11bd

SHA256
6459e1cb6da30edb98d2ec184c5987f534e575427c28577a4d344ee761b76007

SHA512
85231e17d061221bd9da4b1c1e6629a6864892ccb36acce3eb3556f1bfb06fe255b86b7a1ba9264f37f6aec51bd0056605ec2ea7c7da2d0ac68237342fb2d967

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
a3dfdde711d94908c3e1469bf60e7e5a

SHA1
0ff51b3d2f03fa54afc530acb5b2a64e2ed175fc

SHA256
7b8e32389616e36a64c4351c75558dddc549bcf61990e8fd1dc350e172565b97

SHA512
087e3132962907c1dce08cb4eccd2ef216b30c10fd9037a3a64f946ba89eef0d2e2c5fda7826f598df3965c4328b5530be942060bd79e1b0da3e257ef59d0e12

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e5c02cfae723a8951a7f132bd00315c4

SHA1
0f8655dd8085f63bbb72f80c463ba7807f290fca

SHA256
8400d2a73d16d460d5f1474aef99e2a9aaa5c66cc79c4aaf67966b65cf2da2de

SHA512
0166553455a6c871671071972c9dc33387467c4cb55a954425a6fba40d6740e7e5c03ef8e31306553f7c97de9b89909dc44a729142498c1f6fad6e337e463007

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
a81e6c372d5397e40ef2dfe8cc4f2a2a

SHA1
0dc9fdccb63c5387545e41594c41282fd3e839ca

SHA256
d81c00420b11429bcf16c100b03318ab29c75f65811a0865e1176e38fdf2565f

SHA512
a8004b542681db38e6c52565870c4638fc821689c5bb1f910923d0152960ee2c521cf05ecc5920e25d725116e22ee9469f39581c0d93d07e3964d66c899ab6aa

Download Submit
/data/data/com.lyufo.play/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
58c77f82d71fccf9d103466fc1b2a75f

SHA1
d148f95a651b4ec78e0e41178cc01e9c85ecbc8f

SHA256
89917b5bef48ec6e4786665eb6d38375748da2290782bb79b9504cc3f3e42a8b

SHA512
c83843c0cc25ea33356fb0007a0f984156df2c5fa8b50449f0e8d5a7d80204d82bd127b8cc8137802054a8de67a398d4480552fb591aad83338b6a3eba291ea7

Download Submit
/data/data/com.lyufo.play/files/PersistedInstallation4106098621211968504tmp

Filesize
90B

MD5
c53345d9709cc47e2ddf2e4309abba0c

SHA1
f599a03ea22676f52e8cd0a4809b42cfb02bf7d8

SHA256
ad2f98913abe0492668e4b6badc1087e3090b0659b00897456d7d029d320b32a

SHA512
411da02b9bf89e993984dc1041922c9abe3d889bea86911a0bb23a7c62368565eea806bf7fe155c34c836ca39cb3941107e25fa24be68bd4e8991a01112c8744

Download Submit
/data/data/com.lyufo.play/files/PersistedInstallation4740348686753832927tmp

Filesize
568B

MD5
97b18edd94745acfa8f46357609328d5

SHA1
aac795d8bb8cc47930ba6ce62d692b9db911a73f

SHA256
e53db72957df349ffcda3b66bde8137c2b6c3cede2c8f2a1dd1fd2099fa34907

SHA512
d0b9ab7d633555f89f56e3141b2e96c915c4b2d333bf5474be6938c2c582ccdd1637f0dd5edc4ed4dd86a981f636ec9a709ba219533644eca1ab804455fb9c20

Download Submit