093f84e85835034c769563a8674bf7e93312b3621d5a2303e0de2b375b7ad263

Analysis

max time kernel
2s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
25-04-2024 22:02

Target

093f84e85835034c769563a8674bf7e93312b3621d5a2303e0de2b375b7ad263.apk
Size

4.8MB
MD5

0f1ea821dacb7b5920ade69720ac41c4
SHA1

7c517cbf238e9f49f617a0f466e27a9debac3a4c
SHA256

093f84e85835034c769563a8674bf7e93312b3621d5a2303e0de2b375b7ad263
SHA512

9ade8449791a9e653b7a17992165f9ba482f558e47ec3d8b4ceb01536849f4325eda354bf0482bc09065d5ef1e26a33a0428e5a55d1833ae0ee4ea199c873d3b
SSDEEP

98304:2zDfbTLHT0DyjUzbZ3BcVJrFLPRRdE3Mja01IXOrkkAkEaEBVw6:2zDfnzToCSb3cVJh5M3ypIa8ff

Score

6^/10

discovery

Acquires the wake lock 1 IoCs

Processes:

com.temptation.lydia

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.temptation.lydia

Checks if the internet connection is available 1 TTPs 1 IoCs

System Network Connections Discovery

Processes:

com.temptation.lydia

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.temptation.lydia

com.temptation.lydia
1⤵
- Acquires the wake lock
- Checks if the internet connection is available
PID:4234

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

/data/data/com.temptation.lydia/files/PersistedInstallation5260847278335972396tmp

Filesize
90B

MD5
64c5ab74f513438f8e07f92988530946

SHA1
e5c783a5bd9c169ddb19304043ac6d7bbcf68cc2

SHA256
fdc4823aa2ce5a3c0c44c8a5ea34ae81b4aa33876b07a8f27136657a9a8f89aa

SHA512
123a67134792a0fff83d1e2b3f43ed139c2d0b527e926b08165c85735bc588c10186516f022e0ce0b3530b7da0659cf010a2c61b8057884466a91f9e9ea6478e

Download Submit