e7858e0c3ac80b923e07b79839354a5312cf5aa111ea0ccd761eff679fea3739

Analysis

max time kernel
72s
max time network
154s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
18-04-2024 07:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

clean_robot.apk
Size

138KB
MD5

4b31ed065618d2553b64c83127ecf698
SHA1

aa5cee4147e90c362e9f1e804f31af06cffd60c7
SHA256

0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf
SHA512

6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6
SSDEEP

3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.sogou.clean.robot

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.sogou.clean.robot
Queries information about the current Wi-Fi connection. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.sogou.clean.robot

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sogou.clean.robot
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.sogou.clean.robot

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.sogou.clean.robot

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sogou.clean.robot

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.sogou.clean.robot

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.sogou.clean.robot

com.sogou.clean.robot
1⤵
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
- Uses Crypto APIs (Might try to encrypt user data)
PID:5036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
09f820c93e859ec750d3d98dea6c5919

SHA1
7f2351d858576faeece6790ca662c8d8e074c25d

SHA256
24a937e220e4145ca69aa28e9f714f0b6c6c7e760a871fde091d0eb803ef2fd5

SHA512
dd339cfabe04133224458d246a210da9745ce7f86d664bd3360741647b8a8a392270404a21201b6ba0412e505d5b6f12e56964ba299647dafdf1cf2aa18216a8

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
35990b11c393140c24dab69d1b696dd5

SHA1
2d271fa3436ca4a223344201d65e8498779d9efc

SHA256
78e60097c4803f280eff83f8969331ea960fef6c05c1bce5a9e2809d000b35c1

SHA512
765af4554df5899d625b2f09748a89755f5f08f03699b97d8e3ef050c166860e961e4d0e87b6231a6193bd819383a83f86f7abdc6bb59250f249ad1322d660c3

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
7362d9da941882c0825a7f5b7f828c32

SHA1
657229c3a2cd822ca9186be6b3289b7d8f720b3b

SHA256
63ab15225771ea817499dceca896353b61f3aaac83d012f71fd6a5c57c989557

SHA512
ac25475922007898c43e046e674cbef05fd6d62409106c75babb8849582d30086de3dbea5349502325da9d4835cbf8e7d61b21197b7638e947834037742e0b14

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
df8ccb1a3e99628452d0cd8c786d1f5f

SHA1
533958ffb54b1e23135528e0e3f42e64ac75992f

SHA256
176b89594882b2c51096ece85842b1097c81cacfa06be7fc12d2cca5645fa6be

SHA512
76a462815559f8aab5a5b85e218b80d18f6ba76d1194a99c998aff49c6b6279e01e207c644658ab6b507a26087dad04f6bade1cb4a818e8fd07dc0e7aa0c9df0

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
6a4406dfe82dd196a36db2d99c6df362

SHA1
fb3d30af7335925a6d226c74dffe551f1bac8055

SHA256
31cc66a8f484574504875a47c19620cd44a12277af86df927c48ee52b5da8146

SHA512
9deb6d63dca2b79156c6bf5fd07710d3098307be22c9b49fe115ba86b64cbf964fb8094051cd8548d7fa73b5a80ebfd884d987ba767482e8c8735b2247920f6d

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-journal
Filesize
512B

MD5
3e807a05db680b70646efebfe1993178

SHA1
47dd976f05034c12b74eb752d8e59c95028c9f77

SHA256
55acb1b06f845545088afcc0e1ac36bd62ce514b18c386b6c3eec622d2d7ae7e

SHA512
4ddc8f21cc77214b0074ab1ac10c33622641ff25b4db4c46d63b9de7e1d87c1fb345bd845932b4e6319e489203acf7d08053b9e140c691e9aef1753359cb1e92

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-journal
Filesize
8KB

MD5
6a6f2eac8658cd83d2f2036ad33d58b3

SHA1
24fc64fafff35f562a3e64104c61d259b6f790ed

SHA256
48ab742bcc0020dbb351703f24f4f73df20c03e7da97a4efd073d513459bad00

SHA512
e3117ec515450ab6993309801ac5b15f537b29b1c137545b02db6b8a62037dac93168920343ddb41cc4578422ce87c19ca888b7c70fb59371e17b14b48f39ed3

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-journal
Filesize
8KB

MD5
ea0298b34f16fc4872a19e4288a5f84f

SHA1
146d1ff90f7dbecc053a0b25df23710190f19dec

SHA256
325be3cdebac9675a88ff0db9e2bec488b4b5d3f81ab11841afbd0bc38aedfd3

SHA512
903e845e9f5cc23d709b3640a2ebcf9a7b104ec29302abcc3d1098062cd65a55d201647c2b47819517aaf1d9677087fff54bc143990712ece0a476314a7f46b7

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-journal
Filesize
4KB

MD5
15cb716663e5580d87566084115e7a8d

SHA1
89fddd138189317581daf8b84abc61554f12f2a2

SHA256
37bc854a7a7eca4d45002fd81691a641fcb9ea060f41e821eaf8f261f947bb53

SHA512
92b912fe788da03627377f7cf6634eaaca179ca06d673125e8a7b837739df2f7ae6864a76ca8f05ba4abd637acdb4daef601888763fb5532b85bc7cd7f1f329b

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
1a2f658cb6bc99c155508758c735ede4

SHA1
2df552d99b603fef880293455d70e0fc4886e560

SHA256
e22014237c0a5b30f568c2c7d1e0efb2c2cdd43fcbeb796c94cb167940a56e64

SHA512
832a6b17ffa82a115d94605b4b171ff4f2d4a00049d43ab73b942286ffd2ce52b3f37d509fc01875b425659d88313477590d7252c03a245a77ecf07e51ca34e6

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
e31ef76daff63d59c5ee003e4dee4fe6

SHA1
15c9a9bf90f34eb8fae6f01e1cc11e8eacfecd21

SHA256
091706f9ffddff6e41b90f3a9edeb565ac0afc519a0f79f5ec7cad7199657ccd

SHA512
14c1e703cb4b7dd02f733300e280df1fd22a071ff6bad22d8bfac6ea84f3b42f6cb2c9909b6fa5d25a905ff0e073da6ccb69e496b2deb1fb2770fa19958821d1

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
e530a3836ae6d466b942e8ef6b9bca0b

SHA1
14e642ae5076ce8c5fb8a283748dd3df88948c0a

SHA256
d79a458c214561f1b149b9a00d7e651ea9db46d5a12ec6298b52e83499ae8bca

SHA512
312f28cf3ca575d3f3c4955716f6b76bb8d956fcfb3630e19eb754758988a0e020272a8ab62be3bc201dc98f86e764a5ae92e9559658c20ccbf8c5dca74dfdcd

Download Submit
/data/data/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
e8a466cc3a53e88bd99230903bd9b2f7

SHA1
9fbc3c929231f708b58f462c17935b830bf8c52b

SHA256
1ef1cf6bb7fd3cf597229d8321efbfecb8747dafe0d7d29f4ecc612b91967cce

SHA512
ff7d510b8dc9f60dfd31cc57f5d9c2c78c650862599df772ab2de5b1b42dce8124a0a7cbb78b0b34cf18b51c644cf8d9e3831e28ff42c9bc9edd7299057d31d1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads