1a5e3d80b1bbe0d7d4dedf1b94e6f1c9a708e1b7b6b94697b8f89539633fd331

Analysis

max time kernel
11s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
28/04/2024, 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vivounionapk_v4.2.4.0_d74cb3a_201808271150_signed_aligned.apk
Size

4.2MB
MD5

3200674229ed57cf762fc3d8c5137b55
SHA1

0896d5f138545dc9ddbf0003518880d745c8fe0e
SHA256

333ee74803ab4b114d6217250623869c751a00f4748c826c19ffcd7b29476195
SHA512

31c96314a2b0d80ef3d6c04c0a6894b6a8ebff7e501fd48499ea0e12969ba4ac00cdd844caf839a16cdcffa5b51ee2f33af36a578dfd450c79c7e2bbc0c521ff
SSDEEP

98304:aQn4W5hESDzkY18DTTcDPPIKGPBhFI+sqFkSOO:aQ4W5hEIkg8DTTcDPPIK+HFknO

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.vivo.sdkplugin

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.vivo.sdkplugin
1⤵
- Queries information about running processes on the device
PID:4264

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.vivo.sdkplugin/databases/unionuserinfo.db-journal

Filesize
512B

MD5
c7a4477fb697f3f617a706542063a9be

SHA1
e395c72daae42655bde0be966b50aa3310082cdf

SHA256
658d086526b39e7bebb3288ef91b4e6975a769ebf1209ac1c21d4670dd802c2a

SHA512
aea2c7999d9276295746aad57d29adae3c7d204f25a55cbc3ef0a1a1c200ec76d47ff2072a3e0aa33716ce470b7db26868407f1610fa9ff2f9a53f7b7b2a1ba6

Download Submit
/data/data/com.vivo.sdkplugin/databases/unionuserinfo.db-wal

Filesize
28KB

MD5
f2f11fb6b35301b64debf73a36cf51e0

SHA1
f4c838e70d60c7ec329aa48be069ca1e17983b24

SHA256
b669d92c54bb3f4b72bdda475fc20ffc1d01397d89294681e946cbd366718fe3

SHA512
3c7583be0f53ee4e24be28bcbfd37b92f764777f9efcc70200e6e18814de236c81ea2f745bc567dbd6a4087787ec3d4d66c3487c31a5dfed63a19d4380bf9eeb

Download Submit
/data/data/com.vivo.sdkplugin/files/vivo.crash

Filesize
515B

MD5
bee631ebcc0e2f401dc8ac1da0a8f7b3

SHA1
2ade97e8aaa277b8549cd5c11f513d458f02a75c

SHA256
08ad32144c83419ef3833fee94847254503cfe84eaef435c5db601149dcebf1c

SHA512
fd5755d802273ef2a63fee6129f3eae1c11d8ec9ee75d0c32b06738407e8940be538950a51d07e7d92d971ab0d79d349091890046e2749e22063988fe5ad62bb

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-journal

Filesize
512B

MD5
b75f98b8f3d662a60d5d44841b055ccb

SHA1
ddb855c3705808ef8fd7bb3a32be4781e7fa87cd

SHA256
4fad70284f56d6333524f69e77a88a9b5e7ae47ca717c67f8298e6ae97859557

SHA512
1f40731e2671a6c4a8e73e143c5e3249e5e1f874c75110df803add3af6afdc17de62bb8efb03906bbcfa66a06d4d5f71b5c1639b421fedce4afcef3a1362acbf

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-wal

Filesize
28KB

MD5
7f345cb84e7660af7ae708e134092834

SHA1
dfb693b2c93b6a46161627266305bce07f905fc8

SHA256
259ae2f811723c9b3366c111934ffc8e6670ea140b59ea9649caf05febeb72ef

SHA512
795d0644fe3b6137b3726553265602c4c2b84601e6d522d0ebc37a52b5bcd5f4a3c27b979ce6c597e045a5d80da6f78bb477b4cabefd8e365a4079ced3f20ef5

Download Submit
/storage/emulated/0/.vivocrash/com.vivo.sdkplugin/timestamp

Filesize
82B

MD5
83abef49ae0975e7a5fc34bcf39a1752

SHA1
4c37b316ed212f3c0f3cef1c2a7f29a116165a63

SHA256
d115cb16f6cab304711115476a7f6796471ac8eb3842a849f36b67fa55bf244b

SHA512
c275f4784eb1c1a38a642fc6a9173778401fcf2c1d948d9465b313a3361c1c9f08354bde4b2dba1a2d88aa5c1cca0529487fd15d6541d273586377a53b8d6b66

Download Submit