Overview

overview

7

Static

static

6

virus invisible.apk

android-9-x86

7

virus invisible.apk

android-10-x64

7

virus invisible.apk

android-11-x64

7

Analysis

  • max time kernel
    156s
  • max time network
    167s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    21-04-2024 10:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    virus invisible.apk

  • Size

    1.7MB

  • MD5

    789a4f14dcba5d270730ab95f0cc230a

  • SHA1

    f377d584cffb7d263a71bb66315f13cf130f61a3

  • SHA256

    7281ef02bb73c92d2245645ac1a3b08966719457fab87e74a4463911310718b6

  • SHA512

    9a99b00158759599ebdbb41926c9948a428c2c72bcaa4a98e407ff209e12d7e217b08217d0ddb13d2735ca20580d72d27ca23343cbb8c8c9709e898094f364b4

  • SSDEEP

    24576:kHeVbupUASUT4vcOwxBSHu2ajHf2xg4MLL/UFvhiOZyPa0lHNzde1Ej0:0GQ94knbJTOxg4MsFv0kEl5Nd+Ej0

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery

Processes

  • com.tankbattle.games.free.nearme.gamecenter
    1⤵
    • Checks memory information
    • Loads dropped Dex/Jar
    • Makes use of the framework's foreground persistence service
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4533

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.tankbattle.games.free.nearme.gamecenter/files/2f721622.dex
    Filesize

    1.1MB

    MD5

    11aacf1657c9733c5b9091c01829fe1b

    SHA1

    414d116a1ee0473c606b58da44734f8f1c391006

    SHA256

    f1a671bac898e7993232dc8a4c0f0348a0c56a7c495b509f5aeff3b688b5f4b9

    SHA512

    f0270b324d5755b7716f4439f5dda57e723e093037c28879a2f580ca11fcfc826251033d96b83f9da0b4a14369babf0b8347e8c4290e803deade203bc1a71502

    Download Submit

  • /data/user/0/com.tankbattle.games.free.nearme.gamecenter/files/2f721622.dex
    Filesize

    2.7MB

    MD5

    29c4f5590d6d094b0be5fb343e705aeb

    SHA1

    e2adf655fb4ac2500435dc8fdc8b8b2dd3b6e052

    SHA256

    586483ad23d52d083a3ebac2e3f17280624c02bc1003e3858e0396ae860e7f41

    SHA512

    9d8aeb86f38189032c9b9d75c1b0587f6d8369d18a0ba8e58ba50dc2f571993f806553d9c93538644b1d49ac9b46af10ee3643bde8985b8e04a0805989cff124

    Download Submit

  • /data/user/0/com.tankbattle.games.free.nearme.gamecenter/files/MMK
    Filesize

    735B

    MD5

    86784fd61b7a6c2bc7c3ad55e035841b

    SHA1

    a9a515def6b6ce46d6d2ad87e71bb29535b763fe

    SHA256

    9f1e086ee61f3ef7e93fcc4a5302fc41cbbb0f0893603ec84dbc471f7986a98c

    SHA512

    4d315d0277440eafbbe3c7dd0f783904d7a0ff33ddd26cb6393360bbbf2db61687992c9a6fcd9663c763b497b9324b0536aed682d8fdd78e24b838f095f5b9e4

    Download Submit

  • /data/user/0/com.tankbattle.games.free.nearme.gamecenter/files/SbHZ
    Filesize

    229B

    MD5

    e0f4a035c8a9d86109023fe34d093425

    SHA1

    912067cae053abe80444f4487ea728b4b3bac48a

    SHA256

    02c3f954683b2f2a518bd6f484e80a61617d74f85e20375cc13fce166e6da736

    SHA512

    ba5dae64c830d039e0cf6069184a45a9db96bba53f9bdd31a1c017916b36c42b8acebe9c779cbbbbd1f11c8afa13ad622b1e17a69d27c657e87484d4a7b3fba3

    Download Submit

  • /data/user/0/com.tankbattle.games.free.nearme.gamecenter/files/SbHZ
    Filesize

    229B

    MD5

    53c39c3ce68d4197d9e570dcfba37e74

    SHA1

    69cf5634c2edcd5e2b1cdcbd613ce082a27cd876

    SHA256

    f6e278c2ce2d8965726252e767b4aa566d666dd8c81ff8f15473649bbe8cf116

    SHA512

    ae337a7939e65d2c685f82fa8d3aa87330bd1911500bcbf0795089d36a66591a08839525428dd836fb4a38ec161443aad67817194b6dca2b408b52409bafc191

    Download Submit