e7858e0c3ac80b923e07b79839354a5312cf5aa111ea0ccd761eff679fea3739

Analysis

max time kernel
71s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
18-04-2024 07:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

clean_robot.apk
Size

138KB
MD5

4b31ed065618d2553b64c83127ecf698
SHA1

aa5cee4147e90c362e9f1e804f31af06cffd60c7
SHA256

0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf
SHA512

6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6
SSDEEP

3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.sogou.clean.robot

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.sogou.clean.robot
Queries information about the current Wi-Fi connection. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.sogou.clean.robot

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sogou.clean.robot
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.sogou.clean.robot

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.sogou.clean.robot

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sogou.clean.robot

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.sogou.clean.robot

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.sogou.clean.robot

com.sogou.clean.robot
1⤵
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
650956f5790780ebe873a98ec3c6208e

SHA1
93d153640b298e9214eca32825ec30b181f9e8ce

SHA256
36b4a521ca7add4a85d3ceffd27777e37c0c0e06c44977492e58657664d59cab

SHA512
9fcc0dd8a702424908286f597c6418516a939038d264c2d31f65dc48fc5b025d7a4c85d85a54dbaf33708b7ccb0c703c2bb0762033a6fcfe7917287c6d307449

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
2c182d8ff4012113b80241e68ddf4794

SHA1
baeec7919e5465b1109cd57a6645cd581b66a6e5

SHA256
7322d2984f846c3ff83aa15a5fbd109c32a747ef193bd357d393fd4f6dbffb13

SHA512
f1f12086dd3ea337fe824aebbad8f964caada9c51e8a91938d0d9ed2cb76af99f3c9183629d76984d1dafa75aae5e082b4773f5eab1a2b38aebfe938be94434a

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
229f19c50391824a991c9eeeb18146aa

SHA1
2b79c610ef17c8b52e7db2d153e384f83e009ae3

SHA256
d639bc0238de3c021542fceb8b22b6e8b86b6c4778eae4001c2ac32bddb12a2d

SHA512
03eed7be4bac5add553a6b5323b14522e2b891d724543f5c83fff396128828029bde298fa9fe058b9354369093d54c9b37114ebc3edbca72ab5e56afe0fdb03b

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
996f9868902eb65f9b40558bc65f4ad6

SHA1
8579b169049c4ac9772af4d9fa3ddad39524e55f

SHA256
008a93afbb9cc37c664d25d7eb534a2e9b8d9817de066bffabd4feea4e27e705

SHA512
3e1b31c4966169a6bcecc54828f64324defed06e762042dafaf93f84c23ca9375b767ea4e08ac4a44c2bb3541c6e1179b6ef7c82397cb7c55a0aeb491d719f4a

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
59efdc565f1f829fd0874183da6dedd3

SHA1
1b086424742fec1439c42f85b03f223ecc7af0c7

SHA256
28e4a796f6405bed4097e9ead6f7b72593b8e1140203f63b0dce47b1f8a9a259

SHA512
4b17a205ad406bafa5f3c21b2123fd08e4245e46310b6ef59ded5b04c9ef3110ecafbba2aa98e4cfa40da8dddb990d176cbde9012d488ee563d04a883ddf22de

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-journal
Filesize
512B

MD5
cf2e57b66a1162f46dbbe2141f4218bd

SHA1
cafa3780391112444abf964c309c2e1a50070805

SHA256
48d57724484b2e7f5df764b89258fa9521728e112a2899912e7072bbddb6536e

SHA512
4724b1b50f5b8eb8a153edef5ec47058c8a35a3f51e5e2f37ebc294ced986a09b775c199c1f059da781e4b50245facc4bf276230379f43cf79cedae94f21e073

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
2865b1f2205957cdde3d43c601f9e69c

SHA1
cc614f488a01ad97e16ee143495616b0b6fa2e05

SHA256
5318b27ddfe4d70b712d293356b6226907883d40be999d46cad2341488ad5714

SHA512
2bc33503af9d3b7a85fef71182285a4d4f3e92b7636a3b992d21e6966a90007ea8cc6c58f6d166ef4bc36ac837dfba2caa170a38fcbfbc066c2ed385cc6a3b76

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
32KB

MD5
53fb53da2dde8a1675a95505a3b1e1d8

SHA1
aca1630ad9f70e2f01c13b46ee88a38407e13769

SHA256
89daf847ac7e4b9404ba2c1f8817de50ef28304a62710181d11855d38be83ac8

SHA512
4b011b8b24f8f0b0a72bf59b47db720790f2a4f5f727346761534e40a4f80a30a971624cb34db74432647c0a078d8afdacadc146c5e18e265f6d8fc05d478150

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
bce03a617b3209f3ba2e3bb09410d375

SHA1
9a5fa7f4c0972e5b8cd40ab3621c617728ff0c2a

SHA256
b857cfec929f05496b3d8d1ac409e803d75fd26822332650df4013fe79b69196

SHA512
efa09a8762393a3de4087069bb949c8ebe7304946dd6d6fe3b0516618f8970a950fc31c7161f03c1fc4f11ca50093d21a7c90f9ac45149dbb9488a0d9e82f047

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
a58190df9725db2026dc46d5e5f2e678

SHA1
6bc69c85b1c38f361c91963c29f03b13f3af5fdb

SHA256
c9d58c7e097d88b4625c2e8bbaf8961129d6e8230502b6486a5014cc1ad5a8b2

SHA512
1cbe5e6548a9461e4e61c09f99122e056afc690e5e388e5c182b9762cd6fd721fab1da62372ab9e213d699f37678e436e996d703c29cc47984c282d81e3a6a3e

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
cf09cafecaaed1e5141b55bea3795db8

SHA1
80643965ec271a59267e676541cb0a22d8675451

SHA256
dc7a496f0a1617dda16c73f5d75d4e04e23273d292c5899d3e5fd3f8cfe04307

SHA512
06d70473eedf3de828bfe70cd9b2d59839676d892714f0c822678e126361ccdedd0673028e05bfbbfe733af14fe9f0407878936023fa44970dd24042bed60e0f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads