fca64286dcc254d38eff05828c753a30e86e30bd9018f1484babf7b6a6e96478 | Triage

Analysis

max time kernel
150s
max time network
163s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
17/04/2024, 22:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fca64286dcc254d38eff05828c753a30e86e30bd9018f1484babf7b6a6e96478.apk
Size

4.5MB
MD5

01a8b939b20d7a341ffacd94d9a50a58
SHA1

38dfe4808a529e818106d50e4a4cf0b4c3275451
SHA256

fca64286dcc254d38eff05828c753a30e86e30bd9018f1484babf7b6a6e96478
SHA512

e26ad0da265076c5b36eb4a92f540eeb40b7d1366b53c7b7529a53eb496b551d599e2eb2edbc9a2b30a506f12c4069b0c9b3ae32cb1ed3f9ee3e9d92231991c3
SSDEEP

98304:KyGhiY6MQ/SAtxYu8XU4ggLr1A4mSFJEjdFKCgd2ZrF41:eeSAtxYu8E5eaJs+hFKF

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/cpuinfo	com.nachocode.Godtoyou

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/meminfo	com.nachocode.Godtoyou

com.nachocode.Godtoyou
1⤵
- Checks CPU information
- Checks memory information
PID:5095

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads