9303efb3b2309bf0bec3c1f99e7fda71284a16b4bb87d20260c80bff1070b294

Analysis

max time kernel
128s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
14-04-2024 21:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.7MB
MD5

e9e638ebaedadc758bff4463054f584b
SHA1

d051ade7bcd1f1ddea436bbf7ff467213c1677cf
SHA256

9303efb3b2309bf0bec3c1f99e7fda71284a16b4bb87d20260c80bff1070b294
SHA512

ac38c80a634a657a9f51cdf9aa4405c8935db8366aaa71a58a526e26e3fbf9a721ab6d04f4d74595ab2474e7edc1a29065ba6c5ac97af5b15669d483df120bbe
SSDEEP

49152:p/TD0v7Mprf6jxWCK1k5P2FWYYEkNrB1T2auRy2qivCqXL78p65b8dMIUEVuQ6zI:xX0j6U06P2yNr/2auRyZkCqb78pVuMBV

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	vip.app.com

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

vip.app.com
1⤵
- Acquires the wake lock
PID:4180
- ping -c 2 -W 10 -v google.com
  2⤵
  PID:4227

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/vip.app.com/cache/1

Filesize
4B

MD5
b326b5062b2f0e69046810717534cb09

SHA1
5ffe533b830f08a0326348a9160afafc8ada44db

SHA256
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

SHA512
9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de

Download Submit
/data/data/vip.app.com/cache/2

Filesize
690B

MD5
bdd89b9d5f598ff13f4d9eaecfe86033

SHA1
fc4926068a2c242847710dd623f0a60e3b405e70

SHA256
cf40a58b3b009116d3469ebb16808827519f22eb6216aa9dd2740c389199ea79

SHA512
f74423fa0d082f4e011c3e60abc2f81825e872e6a78ee30d9c4a7b2b357f4cad0a4921789538554194cbfa4f3a9d99713676cd29f7941bcdcd4cc891455b4b88

Download Submit
/data/data/vip.app.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
59a85440eb144f3deda0d71e306e129a

SHA1
e7f82e5d3c71e701ce4c2e8519d8bfe58232874e

SHA256
2a087bc2d51f6f5780b8e80280473db3f190aaf368f07314afbfe812e88d6c55

SHA512
611c474cff5e164ab89ed20f82de9314df7f8b029ec4631f0f2409ebcf3973de864f9cc17610a58437d02860051ae0e73344e5f7c4e889a4aac5c633983477f8

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
deb9d1ada50eafd05c3fd81c6bc411c6

SHA1
6b5884c86d63eb56caddecf8760d261d4e5e4536

SHA256
1391e606ce5fe7fc9ea72720764f096bd0fbbff55d02daddd767f354beb565a1

SHA512
72403f4b4a48bcd5fbba92971e2cf37dfc94809670270886e2478e3a3d3def39dfab8d27df4f766cf385f8459a02b9149bf7895e90070056c5ca714659d04437

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ab4856d89ce4542404b031a32672631c

SHA1
edb7ed606adf41e0ddbb0f0ce975822eea31a3d6

SHA256
91baa0ca663e48934315c04fc6da4cee2d320130d6a02e82f1122389117458e0

SHA512
fef3f28e9e0160aa67db932a080587b026ac958af68e1c5a58b3f5cf2687aeec709af6519ae039141004aab9a4cfc99d7ce69c68a66ff6a95fe03e6056f87c64

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a85fa656ed289c83294e8fa131c6061c

SHA1
04bc38956358c8fd10f5222101db98411f9dac37

SHA256
daffd455390032cab870ff402d6e5ce1cd91f64dcbd4497084f617341579f6bb

SHA512
b46556d39e325311f5cda51290675db776691b7537b045624ca72a105fc33e536e21dffa084873727c89627414cc69d7116b8acbc2d2d257711f02825bbecf74

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
dbc30417cbde9feb350e85bc0423e0b6

SHA1
77eec0ac56704904f1ac7ec3826a36b912aa02de

SHA256
d24ccf7ef123e97903ee352ec3aed0325a387dbaefe98380dcbcef079cd806af

SHA512
ce019050b7b4176f4f90295c9657381421c2dbc02c8a818a058ee2df8ffeaa008120e41d3eaf0208bebff237befbbe64639f3fe107abc9be927b4f34c06fe55c

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
47db7c6c7057144ee66700378352d97a

SHA1
c053266a104a0bf9d5f2bf7f2bd27919593c9840

SHA256
b348b180613485290cfbefa513932adfdd150ba62e892310cfb8bc7c8dddb1b2

SHA512
11096fd914e90c14c0d1e56254e1f9176e89902e6873549993c13778e7c8784729454e8426dfa94b2fe0fc584f016a759f278d8ce29b018609bb3b4c7aef86ff

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a1056e5b253c6072aeb4e103b9c24733

SHA1
ad244031dac9a27a9764c9e49ee852ab144babff

SHA256
a1115e164b49ff65272261fa8e8f31e0ec52163a702618960054f65825fa99cc

SHA512
7285b37b6d8ba58da26462d20fd77c2aa8aed428c41ac584dc298a9877fec0ae63a9cc3261cc2293a6c305b03e4b94f44ec4d70ffc20e33e14fe6466da8ecaf2

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d73b1e5c487dfbb9bfa554cca8dfe9cd

SHA1
3ad0460523c70c143c3f4ce5b3d12153cc64dcaf

SHA256
56fd8efa6540b6b4a0e5fb10344fb1a8bdcc3eb5c33f3828033f4293a6e77867

SHA512
addbe6937af258ec25e70e8126b73319c0ec27e93254a04e8098498b3f8751951fcb54203e47e2b4f97bc12089989e4c7073598d25ab4656328bb21fae9e6f4b

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
6e412e738d47f0e049b95661c73e8f2f

SHA1
995fb4b3be3f8f2e59832231a9779c3e72ea0575

SHA256
3a100b9e6c85368d802ce06124a2c0ccbc7f0d599fe805a1b9103d5801147330

SHA512
29a0715159b065b698ff4a223dab89e677c45804ebd82518fef87f74b484997b3797ca3f09be9a1b108ecf7be7ca36ac650f6c3c08d70fb1dcf626a818ff369a

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ae18a584ff4d455d1aa1059aaf5f3449

SHA1
e8b9af822f404eac345c99a33698bf57dbb473e0

SHA256
e33cf6a1ea31347fd2b2f5771f63dd487b71d31574ada395ec6ca32f2879a713

SHA512
1b3f3f3db96182cd546394c2e05dad20cc9fc517a1bce2c01a5d8ae2a5e5481faae5fbe49d927af92328488a745f2b167ec09ae1018acf7c04f2ddb436ab2852

Download Submit
/data/data/vip.app.com/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
be554a2c2355d5e91692d970c0fe7d4b

SHA1
e27a735d4378a00b9b6348720fcebd657f0bac67

SHA256
3f2539146e57893686dcf90e7070143cee3fa60001d308cba0f6077dc00584be

SHA512
bffddc734bb02df95cdaa65be3878a8794d44e5abca7cb014be228f02859b35ac16815ac2c854765adca015d3e8011b6e73ae69f61a4fbee3a4e805e02eeb497

Download Submit
/data/data/vip.app.com/files/PersistedInstallation68260045229595465tmp

Filesize
90B

MD5
ef4fe9ee91c959a0f9e33ae2a23667b4

SHA1
ba28318f692d5f8d6978a9ba50504701cabc1080

SHA256
bc98e96532db943822a423582c6e993fa72fe267339eb26e273a0f116e9517ac

SHA512
136e1c7f80c7f6801733a4710ef60a5d1476086066a5f810e9356c7582cda9917907aa9ddcc290a00d9c94827e8bbb952a6b24e4dbd68aadaee80592ac8d3d94

Download Submit
/data/data/vip.app.com/files/PersistedInstallation8873141100037582937tmp

Filesize
570B

MD5
650f25582c4abdc739200daf61e62fa7

SHA1
666a9d7c2387f130d2eac65ac15f828bd02998ba

SHA256
be60571f69e7734a6ca7f719378d7c3fc8e79daa95d11f9121a794336f789376

SHA512
935487594b640407582e6b818288ba472ff97bef4a13df7d406961411377d65afe6b34f38731d64e48043e2830637968ba5a6157f21f485854c7c69992baab69

Download Submit