1e7db2759852e04e2cbe3b68e7490489f561b46cd693e2fceb4a61c15a732b9d

Analysis

max time kernel
149s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
29-04-2024 05:07

Target

Gta.apk
Size

720KB
MD5

6b4a2a223eadda8e24b39456dfc51e71
SHA1

ad4cf20ad940ea309fbe8688407c4e4790ef2f3d
SHA256

1e7db2759852e04e2cbe3b68e7490489f561b46cd693e2fceb4a61c15a732b9d
SHA512

7d0585d3423b1e6a4f3f96201267debd05f36b720040c51e740dc1cc819c9458ac674b6bea402261956408a08d0503a39c8354f1e816141c8005c155bea0986e
SSDEEP

12288:/btZ7ieCoVBaUt+aLMwyJH9xwBZMIg4z/usT3cgtN0Fj2C6M6Rq21lgxStWD2t:/5cIVsaKZ9xwoIg4z/HT3SFjJ6MGNWLk

Score

8^/10

Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

Retrieves information displayed on the phone screen using AccessibilityService.

Processes:

com.semi.translator

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.semi.translator

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.semi.translator

description ioc process

File opened for read /proc/cpuinfo com.semi.translator
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.semi.translator

description ioc process

File opened for read /proc/meminfo com.semi.translator
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.semi.translator

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.semi.translator
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.semi.translator

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.semi.translator

description	ioc	process
File opened for read	/proc/cpuinfo	com.semi.translator

description	ioc	process
File opened for read	/proc/meminfo	com.semi.translator

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.semi.translator

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.semi.translator

/storage/emulated/0/Config/sys/apps/log/log-MjAyNC0wNC0yOQ== .txt
Filesize
32B

MD5
46bf0bbf0abc12118b576f676f78ec6a

SHA1
d1eaf7ef1de95dfedb7da171a2723770c41eea9f

SHA256
4de2fb57ffb12fd8d9cf3a5b359e2524ac94604e69067e5ef93c3bd35d4da801

SHA512
b2976a751a7ba9fa9a698cee5f3c319cdc774f39a953a86ea671856863fd9e84e1b72f4aa1107c4466399fc55522015ea0b36453b2c152a5b2d4623ff43bb12d

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-MjAyNC0wNC0yOQ== .txt
Filesize
24B

MD5
6d2305ffd70dc5c3757147426ecc7d2f

SHA1
695312859c08fe33aa5158a2860b8af9b485b132

SHA256
5a7a6422c077bccd091b7894a5efefcb680da0dbb09cb0d440b60f98f9f27b67

SHA512
6d67fbb57a06d966a70897277db9599996fef51ab8d7b600f14c02b94a7e76d080eeb30040f9ca6442b17f0508f8cc165467bf0def6bc4ecfacc6c157ed39a8a

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-MjAyNC0wNC0yOQ== .txt
Filesize
24B

MD5
29c9a7f7fd7bfc854dcea30683ef40a1

SHA1
64edc693130136957bd9053b5eee651912df6b9a

SHA256
4e732bb8a01846ab7501f5847889eeb8b359acbc3ce5fc71d53a47d2a9ae0b6e

SHA512
85285cef04719745b3bd622d158a8b718ee4d8c9e8ca29bb2e2891cf9547d48dc0c1b7430f90c53da8a478c2e36dd77e0910c7c5b668ba160fcfda6e31033900

Download Submit