e7858e0c3ac80b923e07b79839354a5312cf5aa111ea0ccd761eff679fea3739

Analysis

max time kernel
72s
max time network
160s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
18-04-2024 07:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

clean_robot.apk
Size

138KB
MD5

4b31ed065618d2553b64c83127ecf698
SHA1

aa5cee4147e90c362e9f1e804f31af06cffd60c7
SHA256

0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf
SHA512

6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6
SSDEEP

3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.sogou.clean.robot

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.sogou.clean.robot
Queries information about the current Wi-Fi connection. 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.sogou.clean.robot

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.sogou.clean.robot
Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.sogou.clean.robot

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.sogou.clean.robot

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.sogou.clean.robot

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.sogou.clean.robot

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.sogou.clean.robot

com.sogou.clean.robot
1⤵
- Queries information about running processes on the device.
- Queries information about the current Wi-Fi connection.
- Uses Crypto APIs (Might try to encrypt user data)
PID:4406

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
92c44d4d6330463d863409b443807244

SHA1
31e4824d4ec1cb33b76e9c7bfbce1065a7cbcafa

SHA256
94b10ffe36c04d98bda139042e929f1cebe0d1bfc3f21d19470ac5e12622e8c2

SHA512
fb7cca447b772b0e02d39cf4e57adc80808a08a516e92fccefbcfec8a434d1c10394f816ab2aca3ec1815f6379b9a75f109dc8f0beaaff169952b5d038212d31

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
4f84ec056a04b00aafaa74b62f2f1cbd

SHA1
4a6c86e79350da51c4fba2f0be23aa353376c951

SHA256
5a5207e4e21419aa194127ea0a0f668407414718e4ce8b7f9dd20742b6d4bd28

SHA512
d7fec66e92eabdb576f7aeecea1b0529c0ef183515dce3656eb9536d37a3276ae6d85b72b7c9f03cbd0dfa232cb77f129b5c0e8042efbe151fd8ad02314a8d4b

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
2d8b69ed4e6062b1578c522b56ed068e

SHA1
a1d87f49a1f1205c4ce8a9ac1ffd6a50896b2220

SHA256
812f87c297c6fbf8a5eb324bae7704e74a3b5b9e6a320f6d10112e49dacda2d6

SHA512
e66f4b6bf73dc1faa2b3366b7f34414b901de964200cb93dc2cdd3f31dcbe0232c8553475c7799b9ce62a9aef40951c540bbdcc7552e8e6ee7cf40b0793cccdf

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
c6556a79bc8b9033481e3ae888d31cf4

SHA1
38d9fae80b8ce22082b39e1ede169555abc5c1ce

SHA256
0cb18297d9d08f38b06cc708705b64823f5e84989d14edeeeb45dd70f68e5b3e

SHA512
987eeb97b54799225cca89b7bf18998be4443b5c74c0d34256ebf9ab2022ba7c227ef0c22e56366a16bd4d0fdb6e46a9be41506efd9f3e7ceff243aa358e9c95

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db
Filesize
20KB

MD5
d6f5217344f198fc69cca3ad4a06d110

SHA1
9d900e8d4e240cbbe04d454a945e531c1133588d

SHA256
1ccb7c1c433b6ec36915f16007449a3092d51f453994801f111433e53b38cbf9

SHA512
20fcbfb0c63b11ec21553e6044a47a072cf42a6e72953913a6653707bacf833032d2291e3d1683b3b5968143ef63f3fccb284f0cb45a4e0910f89b0c2a5bee31

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-journal
Filesize
512B

MD5
b617c581e099f36ce0a91002e7fa15f4

SHA1
82643ca75d683b513a66f90b61d6506333d4fec0

SHA256
db398811e6859bd3964776bb5c0646d134546cc97a10a40ae38472f9d7130cb1

SHA512
058700163b1567b6b62a027297ad52327af3562ad47880027d4a6cb65144432de8583050a037264c38081327a3e99443ec93f59081b35bb77ae06b11eb798ee2

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-journal
Filesize
8KB

MD5
23a9cafa8eab69dc0db50eab37da80de

SHA1
4588ac29f983ac2992b23afbf21a95b964792309

SHA256
1ecc9af126d56ef3820c7aab483e1ae2ac44feb5a5296df445b9148bd3d78fe7

SHA512
da62837617c4992571d00d03a7d1e747dd160087ace11d2a96b36bba5f61238302aaccf2f735c0f880cdb9a7f5e0d0653d7e5a454455ad5db3b0c27190a1cbf6

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-journal
Filesize
8KB

MD5
f4172e9be31ffba8dbf6a549ec7e15a9

SHA1
03af2b69e4f61de7e1d7e7de7ef3ef9299581164

SHA256
8c788d7734d05d431489a5ebdfe6596eef86da69d040982f4e69d3b3cb125095

SHA512
ff2340a530787586c197fa7a0c32fc3c1521651b5acca73eb9b8a4fcc1c8086bd4c41749eba7a08cab2709299b2df914df69ed2a88ae6a9e19cfd8ab3821637e

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-journal
Filesize
4KB

MD5
6eb3a343aa51fb9f7f5b71f4f9dbc5d7

SHA1
6494dc533349955c4d1d8dd474f0b2d0d96692d7

SHA256
470f9d9950cd16e8656082f10dc62e0f3891433aad5ab2b883335834c4bbb41e

SHA512
a2c3e62ebbcb2208344cdff14c7d4e9e4d2a0c8ef8dc754106360896b1d493cc1103db9f27ebe824a0d74fc303b40e33af57a14c55d9b1fcf6e7e400ac19e0e4

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
b8bfdf5d62c9e33452317008e4f44d0b

SHA1
7ef5800a15b3f7354cb1613d208696c15f63b438

SHA256
fb3f21f0c8b32d283143a789f8fe59783eed53596002da959952137c7b490ec1

SHA512
188862b29e4264c6dae589e5c1dfec7a3ddc7a4e7d0f89f4ed39b1866973ce8e9b956c5c419601d6e2ca52716d546b71a5574a3d56f8b0e565d93d5a1bbda761

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
c850b17575401081fef9219d4c795068

SHA1
daa78b98268cefe968342df3d4068350e5dfa916

SHA256
918e8d63f1c9a06cc778aeff7d66f99f9c227a77612b6fdd3a98791c17a68109

SHA512
dc8c7d9d383294f0e2e7fdfef16477961f3e8ac8a836f3f752e03260b13d700e85a78f834d5bddcc37d1a2eb689b0a5027ebffca5303d921113400ec8e4188ce

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
068476aa5d8edc06e3a41f9d6dc872bc

SHA1
6b50992970772ae0ae1493d7f2ac5b54af302ee1

SHA256
a749b5b3b7b17c5cc65ac3ff687ea7aed4d5c5c456d4a52e2ae53a081c361cd8

SHA512
2a4b821da028c8c545c66214c2d0418ffb2e223f919c1cb7c32795fa8a5798bcf5aa1594aeaa9615ea05a7c604172c7b629b96f1d5858b0002f51a3242d968e3

Download Submit
/data/user/0/com.sogou.clean.robot/databases/pb_db-wal
Filesize
8KB

MD5
2bdf1db84098e2cd4902e3a0f260a347

SHA1
ff845570fa796c1f8accb3c43f7dca4c5afcd016

SHA256
065417ae2b79ab3f54227263d65f9d5b102ad2caddc4804d84a8d993ca05f95b

SHA512
e16aa502fd8ec80d1cb20cdae20ded8f8ddc79dc1d8a80546e1cfe3771e64706ca2c6c8d746c915c6d6a07c28888f84fb59ffb7607dc138dca5aacf19baa49c1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads