Overview

overview

7

Static

static

6

virus invisible.apk

android-9-x86

7

virus invisible.apk

android-10-x64

7

virus invisible.apk

android-11-x64

7

Analysis

  • max time kernel
    36s
  • max time network
    39s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    21-04-2024 10:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    virus invisible.apk

  • Size

    1.7MB

  • MD5

    789a4f14dcba5d270730ab95f0cc230a

  • SHA1

    f377d584cffb7d263a71bb66315f13cf130f61a3

  • SHA256

    7281ef02bb73c92d2245645ac1a3b08966719457fab87e74a4463911310718b6

  • SHA512

    9a99b00158759599ebdbb41926c9948a428c2c72bcaa4a98e407ff209e12d7e217b08217d0ddb13d2735ca20580d72d27ca23343cbb8c8c9709e898094f364b4

  • SSDEEP

    24576:kHeVbupUASUT4vcOwxBSHu2ajHf2xg4MLL/UFvhiOZyPa0lHNzde1Ej0:0GQ94knbJTOxg4MsFv0kEl5Nd+Ej0

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.tankbattle.games.free.nearme.gamecenter
    1⤵
    • Checks memory information
    • Loads dropped Dex/Jar
    • Makes use of the framework's foreground persistence service
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4300

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.tankbattle.games.free.nearme.gamecenter/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.tankbattle.games.free.nearme.gamecenter/files/2f721622.dex
    Filesize

    1.1MB

    MD5

    11aacf1657c9733c5b9091c01829fe1b

    SHA1

    414d116a1ee0473c606b58da44734f8f1c391006

    SHA256

    f1a671bac898e7993232dc8a4c0f0348a0c56a7c495b509f5aeff3b688b5f4b9

    SHA512

    f0270b324d5755b7716f4439f5dda57e723e093037c28879a2f580ca11fcfc826251033d96b83f9da0b4a14369babf0b8347e8c4290e803deade203bc1a71502

    Download Submit

  • /data/data/com.tankbattle.games.free.nearme.gamecenter/files/MMK
    Filesize

    730B

    MD5

    bae39400b063eb6e93136bb7a841e2fe

    SHA1

    c1415b2690ce0cbd84b6f1f8b46800cc7d562afb

    SHA256

    3b78c4e2bd5969593c90f180f6dcc0a13be4fc9582dc987c137255f20a1b017a

    SHA512

    4e62faeb56e3ef747211a7496499921cd3fb8504631888371be38b2f88026b8f921906f01d3eb7c78411b479fb139fb88b26f15e6bb80fa81155abe5fd05ec94

    Download Submit

  • /data/data/com.tankbattle.games.free.nearme.gamecenter/files/PersistedInstallation1090414981344850995tmp
    Filesize

    568B

    MD5

    c77637dffd379bdfb74e9319841e73fa

    SHA1

    59f838a245ea3b8f2a6e4880bf924292d30a712d

    SHA256

    7daa4554198af5e3aee49cdbe859e1bdd9d5f3b67c2ab81c94e2f8498be47ecc

    SHA512

    c0a8eee42358f429d72a6499bb5af16bbf091d5c688fe840f96934f8eb2e99505313714029cd0eef6b6c54b160f9a0c3e1770c8f983a3fb82eb8d01152aa2f5c

    Download Submit

  • /data/data/com.tankbattle.games.free.nearme.gamecenter/files/SbHZ
    Filesize

    229B

    MD5

    c487ea5eaa9bc8a60a5aeb66d68c9d81

    SHA1

    0415cc60fc096ec4ca0aaef90f723c2554d97285

    SHA256

    dadc916bb1cbfea899ddc68481518aaf6033c9f616c7c1c65cdd9fc46cd22aba

    SHA512

    6270340dc51b69fd7b6b45487ca7e9825bc9a8fa67c0e9966af51494497dcfadcae479040a0e1d5abc845e6f1d744316f2cdffaf5f7254c9a601dbd85d63692e

    Download Submit

  • /data/data/com.tankbattle.games.free.nearme.gamecenter/files/SbHZ
    Filesize

    229B

    MD5

    3e7e8383b7322645711a401620709e29

    SHA1

    fa6472401f563ddfc637347b8a8f5de23cef3bed

    SHA256

    f4ffdec16bb04f38731a67b7adc9ca5829e8021ff76c00a3c1e22c0e20de1623

    SHA512

    a7986a2a3b6f00afcb7d0125ef47c543c781ce73424373eb6afb203d515f1e13cf96dd79a9a2acf16e77a11a333699a839a8642c995a000de6a081713b321f3d

    Download Submit

  • /data/user/0/com.tankbattle.games.free.nearme.gamecenter/files/2f721622.dex
    Filesize

    2.7MB

    MD5

    29c4f5590d6d094b0be5fb343e705aeb

    SHA1

    e2adf655fb4ac2500435dc8fdc8b8b2dd3b6e052

    SHA256

    586483ad23d52d083a3ebac2e3f17280624c02bc1003e3858e0396ae860e7f41

    SHA512

    9d8aeb86f38189032c9b9d75c1b0587f6d8369d18a0ba8e58ba50dc2f571993f806553d9c93538644b1d49ac9b46af10ee3643bde8985b8e04a0805989cff124

    Download Submit