b0a3827fec23b6984c6a867a520d522c367fad45fa592eb2dad95dbed6adf1a5

Analysis

max time kernel
150s
max time network
141s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
16/04/2024, 09:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b0a3827fec23b6984c6a867a520d522c367fad45fa592eb2dad95dbed6adf1a5.apk
Size

1.7MB
MD5

a416b6a93cd297cfecd95b01701961a2
SHA1

ce1705d9f986b5c9003478905413278006263d8f
SHA256

b0a3827fec23b6984c6a867a520d522c367fad45fa592eb2dad95dbed6adf1a5
SHA512

15ec3eee7f40795af74586d8b94e154c1f63e71fa8fa8dfd8ca0132be80eb8bf271081a109e01f06a63769cc3fe241f84fa9835c94902d5ef85cd689e06947ac
SSDEEP

24576:exxr7bDmK8BRtxmPIrutpMELwExIpckix839GlkJ8rZKRklEhpMjKaOFpiW77mt6:eOxmPIOM2xkcki639Ghs64u4LOtivd

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.thegame.racinggirl

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.thegame.racinggirl/files/6b933081.dex	4272	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.thegame.racinggirl/files/6b933081.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.thegame.racinggirl/files/oat/x86/6b933081.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/com.thegame.racinggirl/files/6b933081.dex	4216	com.thegame.racinggirl

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.thegame.racinggirl

com.thegame.racinggirl
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Acquires the wake lock
PID:4216
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.thegame.racinggirl/files/6b933081.dex --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.thegame.racinggirl/files/oat/x86/6b933081.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4272

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.thegame.racinggirl/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.thegame.racinggirl/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
b5c10ca3c85ba510dde9dcc3c9294031

SHA1
c73307444e6e0228f22ad78648b52bcf435fe2be

SHA256
e1c3f6a72d2bcf66e5f717c5d73e9e25bd7a7eb8152cc0b83970893616a5eb8e

SHA512
bcfbd68c46c5c7cdb4a8e1e6659ef78bfb504b0ce05182f50f16152ceb6cb11bef61b59c9b9d13766334d88387c8c1530fb8a1ee94cf177675f61727a04810bc

Download Submit
/data/data/com.thegame.racinggirl/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.thegame.racinggirl/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
ba420f9078886f9ad4ea3d1b9f4d0c79

SHA1
1ef87c2c091c105f8377b82e319a8718d317d553

SHA256
08b34d841b24a3bc3d0b70d890eb010869bd2bc130405ee7567a3f4377303d37

SHA512
351d9d175cbcfe9710774c938d9ae1a4473709d6dc0674459932e7b97ed83f3d2b86ab64bb83684ded378084b0e4948997c2eb1eabd02de665fc855bf008b1e2

Download Submit
/data/data/com.thegame.racinggirl/files/6b933081.dex

Filesize
957KB

MD5
4aede5c8e7094eff0d568a74612a692a

SHA1
c63ba6654b376c6f579dcd7e92da2a902d333822

SHA256
6bfb86fea8d7cab4ca178fb98a69221327fb99bbcc7d907bf9dad0d5040d1917

SHA512
711751f486806d2b487d443e2ff9a2f76da5b43906510d16f3e96f9b1cb2e1cf9646b5a7cd23f6545c2653fd09cb3ccf8cf8c68595c9f2e208a5d0bea3f0fde9

Download Submit
/data/data/com.thegame.racinggirl/files/Config

Filesize
536B

MD5
926e9b6741f97e16f47ee269a9fff9e9

SHA1
655d9361bd260f5322ed3c6891008e489323b169

SHA256
23891553deeab2d79c054097e07ff24109ff7033d3967cb98f3e27cebca9279f

SHA512
a5cca1b89b14849972d2a641a0c082e162361519d60c1abd0494bf79bf68945d2963c6af7bc144385788ba224aeb46f10614a78244bfe90a1d955ffabc73da81

Download Submit
/data/data/com.thegame.racinggirl/files/Config

Filesize
781B

MD5
4eac16d859da22b7cabe5a78975a207f

SHA1
b1d12e9c482a648036cd6ede31bf8ae038a48826

SHA256
7dfbda2f54c5fde53eeec51d5d95e16765f7b8a1cc50d232ce31334884cbbee9

SHA512
1caf6c430bcc0ddd365e3d1b86fb7c5fcea754159f9f0df78a8eb2a01348be6da5246846a4da9a8af2f5e203e5073d27458c3907fb2c144e9c2dd7584fbc2823

Download Submit
/data/data/com.thegame.racinggirl/files/PersistedInstallation1191493425585528519tmp

Filesize
569B

MD5
cb3085898de7b878f582f001fd0c5772

SHA1
d5a80b6dd32dc804f5ed16a03797fb03f9400d09

SHA256
005c571bee9fcb863967b715eeab220d8cbb3d535d85f90e8547056f1884dde4

SHA512
dc8f4bee991974f2e1dfc0fc2e4a1d03f27d43f08f598847b9754e84082dd1d7db9f155593aaf8276ebc0cfe3f7fe6be4ec41fa54dfc61c5263795f8f296766a

Download Submit
/data/data/com.thegame.racinggirl/files/PersistedInstallation5147688759653964312tmp

Filesize
90B

MD5
e8ca359d2bd2769a49442d8c6f88134f

SHA1
d03cbff20098a73dfd2dd94770d7a7d62efe662d

SHA256
ceee636eab72ee2a31c0deeafbb6eec400044b7ba1438c6c5e2c4c15a5a63daa

SHA512
3a7b0097ccd85cc3a1142a0f23ca2b7c584bb195233cfdda7866960103d894fe8b7d3536b574139aa7981b9be02209a7ed1702af9400049a24b0ec5c021b4a2c

Download Submit
/data/data/com.thegame.racinggirl/files/Timer

Filesize
381B

MD5
182f3430272338000984a2e0693b022b

SHA1
b26ec1a146815b9cb6ba4b7f63d39b296d98b203

SHA256
b463b883140a5541537101f221bd0c61d38c5b58962756711b1fe14399d0a44b

SHA512
f4d665533519a96d4e4a17866b1df4892b902c1db30b378c9300430c61487da3eb5f2e1b825b2385d5f455bee9b5a6deaf8710af839f14a18b5fd6d2e6cb7f09

Download Submit
/data/data/com.thegame.racinggirl/files/Timer

Filesize
381B

MD5
0cdab2f543d1347e239a2d78c95354a1

SHA1
5c3c97cfee95ff22e958fa7eede292ec2239d381

SHA256
ce67d771f9decdc9ae4175ee95d6f2d2826b17bd6a453dd4e3461327e365bc14

SHA512
d848d9b83af520ea3a63cf6dae388379f374945a83fb913899bee95133be51b261cd3165c194b8591cc4383123505d17bf8e5f6a9ef3583f06f51755cbbfbd3a

Download Submit
/data/data/com.thegame.racinggirl/files/Timer

Filesize
381B

MD5
1bc6838a42e499e4f1bbc26b5e09731a

SHA1
d35422e2b870c23ff38dcddbdbcceaa1ef40b1b2

SHA256
d7f0daa91e2a8776450f014c6ec850912e394987b24ddaa0e8134c3ed002fe01

SHA512
2dbe131914df596f416683750079e916b8581fb2ce930b89f9f266e51ba52ecba30eeb9f953027acd8f79550e777b6386026317b43ced9195a36742d8b10f2ac

Download Submit
/data/user/0/com.thegame.racinggirl/files/6b933081.dex

Filesize
2.3MB

MD5
29be0a20d5d53bad5991b580e7db461b

SHA1
b135c775baaa1c19cc87414d33bee896d79bb124

SHA256
2b8dd0f4812429d7f72feecdb5613f5d8d7dc0ca19ca2c637e01b2484768f633

SHA512
7bea9a38098825898603bcaf1014b5c8d69bcc4a8f42b37fbb9390e5d424e6d6656dad609f2d19e7e4f68a3b1a34fbea3b7d0d9e1cc75f88741ffdf4f8fe72fe

Download Submit