Analysis
-
max time kernel
18s -
max time network
146s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
-
submitted
10-05-2024 22:36
General
-
Target
92f211adb0da4cd916dd9f7e74582abe2fdf4d35fc590c99db297114949c5643.apk
-
Size
13.3MB
-
MD5
ad8685363a026eb8a22c8eb507d1cf08
-
SHA1
1e1ac8dc688841052c589e533c4f39d334f9f858
-
SHA256
92f211adb0da4cd916dd9f7e74582abe2fdf4d35fc590c99db297114949c5643
-
SHA512
5d4fb4e8ebfba021fc4cb32c3f2d42c0fcfcde7843dd588b3a3fc3658f641034e27c71deec49fa0e5cc7aac0bad94cffc754b47d81599859c02c922bd66b1e43
-
SSDEEP
196608:Of7U2ybMql+wzQ3CFO0BEetR2kpXPhJ5jWuhM6GrOiJbZhmqH4DxhIlltNgB6CXP:Q7Xyb5zj/ppJRWuhpMvbZEqHdtI6CXKA
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
Processes
-
com.digitalproshare.filmapp1⤵
- Checks CPU information
- Checks known Qemu pipes.
- Checks memory information
- Makes use of the framework's foreground persistence service
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Requests cell location
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
3System Checks
3Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD549295d6b965c1f02dbb61402c8b012b7
SHA1a393f889f7544da33f977b71f1b9d573f450f30b
SHA256834f3ab4b6c849d65d61e71ac2334aa8ef96051bf3312dcdc92b9cd43e503662
SHA512abe2c73499210179c2b4ba8f8556971ab3399d3be07bef4283368612ff33452c29218fe33871650bc5cd26afd8b584624fd7960f26252ac1ad1a9fb44a8c4af6
-
Filesize
16KB
MD55416b13a297680267369afd696d6e827
SHA160a0e5338e4c41f1e7fdeefb980e9c60557de887
SHA2567b5b4f72f2b7012c4ba9ce1a0b0079e462a2c412fe9cf597fcce0bbdad4bf5ef
SHA512790c811e69fb944adbfdfac057f85b8b93860a40ff460432abb668042406210f64694e5a9688fa991286849c7069da8c76743ea1b7e797c3ef473d4b9347ff23
-
Filesize
40KB
MD5b538b36eb70bbe9fd6538433760bdc3b
SHA117b13eda0725799ac708589568ae6776ed764a1e
SHA256e4113b035cd89298daedd9679cc3978337f446ea01728c2fbc5187f6f8154cb5
SHA5124e3cac7bbe9c2ad99aefc991a49edd82b7d40f4bd6769e3cdf5e669f68ad90a332f5928150128635ea15567dc5f4a8dde8fa44836165826aa9fc8038433e736c
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5545f27d3d6bb14e06e8c6e9dd121df31
SHA1e32565b1ad037359920d1f15b18bb4aabff22960
SHA25658d2995b5ea3b62c51c8ed11efc20a4748296c077b819f57ba9839e95780e0bf
SHA51285c3153c2da1dcd8254c772b86a7bce5c97e30ffacde2926f03b8ef8b53bd4b0b9d2739a7715df9f0aaed423897a02d1e89cb84d523f28035d600b2072de62a6
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
88KB
MD592be7d013082eebfe4c1e2c1aa0143d7
SHA11a0ce5c417898d2647000f2f5a8202d1258727ea
SHA25699c2d8f179abfe9e1181d46b2e18a287c17d99535e3732f1f3e898a9f9abdae9
SHA512ed6c296b4cf7c6812d6c162e930504e89b1da5fa0fff8c1932c0f9697291b9bc7634804bd6b932e55c7048ec2996986a8f1ef4c6b0c1f053a3ee3023cec4a322
-
Filesize
16KB
MD5c4ac4d01badc38a07e68dcd28aece2f4
SHA1210a0535772d2e020bd14085457987869b1dae00
SHA256822101dea77f5e7de5a32b92a57dcf205cf5a1ab48842cbbf7f1116c1619562c
SHA512d05641f635198cf710c4ad3a727b102669b80d527fa3efa8785ba829d1367702f8fb349d573734a482d3365ecfd1a06d029a664c5e149d3f39ba030995ec10ca
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
16KB
MD5f861a8a7ac6650b368054860ca47b47e
SHA107a53048afb986b2285866753dfb7f12023bf40c
SHA256ecccb7b224801b808d219479098aaeb29842af615501719479cca279bfb1c663
SHA512d3bea915eb73f7801c82da125b38700d4d9f902593c7b4cfc49eda24f4ed9ed8ad345dfd75a370c9c14dc2f68cd82598b64875297bb9e76a6e09b5736d0f90cc
-
Filesize
16KB
MD53d037d685b6e507466635f3c153362d7
SHA1a9931a291f7f9b5e2670d15e8396c95b77c169e7
SHA2567fec0ae828899b763ed059bd2a6d3ae56dc0fa77e8a7c4e851b29b50e2478392
SHA512412cb8c6aa16f9310ab8a514fffc39b3834877345ffa4e6252623f2aba81a3a4d690667b39d4a50e3ce2b135b34dcd8fc8b3361d11c4c2b938887432aef65829
-
Filesize
512B
MD528462aac2d420952744ad2cca43fd250
SHA1d98d880f399a0b66b985d91c08a2cf1edfe293a1
SHA25669a66bd6c18bd64496e7218adcd9968e2f314dbf719a0599e63ffe4f4f843ac1
SHA51284139d1808d22a0b79a62963535f5646c753cbb3089ed23fbb9b01e39a26dc5c653bd3b4201b3ccb9dfa47ca1f7ce101a5ac771ece8ac885172bb08e02af1150
-
Filesize
8KB
MD5dc2176460314fcfa1b3c72f4cc07bd94
SHA17fd9dd70c13eb0f50942b0249fac220ddf873ead
SHA256d0f4d3bd71f84f9bcbc94960514c8df3d120872f78ad40a78b691b8c26df73de
SHA5121b2a02b6f83a02d6b285024fb36c9f32598b23e17e347c795c0915673610d03b931807aa8946cff3bd48b356d5274bdedd2efc6990052b0f8f17300041b07a71
-
Filesize
4KB
MD54f1a3fa27df7c131cf47623d8212044d
SHA1ab45b780cda65f60f73c4cc915167f9dcc85efe0
SHA2562bd27f60088eef4c5dafe9cd5210bf80a1cd11331b680e608f31ded31d12a9c4
SHA5128653bf044a5525b8d78e770ba1b866428f0e90b4820f6d1479047b368f18ec54d2293fc5089509fd691ec45812e69e7c4e73be150a9f73a2b86d60877fb273ac
-
Filesize
8KB
MD53ad496e21a438fb72f6bb7e85aea4bd1
SHA1d2a6bd09b24609feff1787b37279abf22b2e6779
SHA256de9a4ec2f81cc0a08cce8bfb519f9593acff22491055ee570f68966d9e3e80d7
SHA512df96dc73ec916d23811dc5e53f7e994eb1a1efff43eb0f07c660ba6f44c72f02142e78d2387fff04bbe4b60fdd9df1c294252dc9c261db28aefae1ee61d139df
-
Filesize
8KB
MD5da8d783babcc0fe660908a431a90234e
SHA1f4b8164f27cd032e39d0cfaff5163dd65e695481
SHA25674d19959133fa847b054560fc7c4d648ecb1692581058d8710ab72bcd2e59333
SHA51299d4c7d2b9386ac57445025a33991fb56e42646bfd52d216a063a878da53f94641d283dfa8faa2cadc707859127da4c4fabaa70d3286f878298422f11baba423
-
Filesize
8KB
MD580bfde44318f61a5d376dd90a046e990
SHA1030dec2c2bcb87aeea6bf1e00e54f82151d8501e
SHA2562e7989b8dee9bbeb1d1e3ea1388155c0abb5559975accc6775be18e37e05533f
SHA512d562b83c39b5257ba0f0c7ff4a1413870cf090ed983403037e43c39894d9a8cf416f1cae446616e38e9d4f2b9e8949db9e2993d873213aebebcb2b66387baada
-
Filesize
1KB
MD53e7c9b287d74fd6cfe30e467531be622
SHA1107a87764f2fa7a183e6171aca8b222538f2674e
SHA256fbe9415b074e2bd634ae3da79314af1a6dd6185c45b41d640f7e1a30156f871a
SHA5128c30ac457b04eb67bb3fa4b17594bdaddae7dd789327ab97ff9f7d75675dae8c72d8f37ca82f9fd79dae110c5644a0e652cf03ca134b22cc401d5f3172784e25
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
891B
MD56e4f9bc9d2aa13fc242020555e3fc922
SHA1051ecf0d786479ccccb2c2ecfc02e1b05742b384
SHA25686407f4811eedb9f2d29bb65475d2bf326a3d5465cc53f90bd977e97fee7dc16
SHA512a85371c9e2951b650329a59772ba1164244b722cd5981b6b562b984f42a8cad1e74fd58919042c77ccb1f3559b45b360c50cc0c6b1a6f90ad04933217ba227f6
-
Filesize
259B
MD5a37aed62f5f96dc9030cdab73ccbe186
SHA1bf8cac48ba0cb826527a7396a8c2296608b6e497
SHA256bbe8bcc1bff725b60d730bde355cc1ee344cdd12750a4dc905e12645a7c02ae3
SHA512d4edd8b1d0b5c03dfbd6a0d985b9ada08efecaf6c793fb2b0d3ec87b5b168c0850eff2588761c791fe72e73e29989866f40b2af00d920c70f96fb1105cd07484
-
Filesize
63B
MD584a350af18eec872a81e335e879f55c9
SHA11d58b36ed0ddc8487c4ce85aec18ba8e514ff8cb
SHA256227e85da6fe19438b9b0369dfd42e304faba5c23e69854fa2f56cecc6971391c
SHA512f300904399f38218283b68391c41131eb4be1c835d290fcdf23dad662629f4eef102fc4a21fc9b92e57c19f9753a664537cbae87a8fd4d55a35e89ccc14930ed
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
2.1MB
MD547058dbccfa4a0a095f5eb2640006ec9
SHA124dfc38b2e521f230b82bd2f34e92ca6f1e2392b
SHA2569a750f5d23834302b37f79725b46838d92a8b22ad3de87cf1597f2b11e32dc5d
SHA512cbec5ba1c4946eb4750f7e97d08e936f0b7cbcbff08f3de06c637b7faf41b5bc6d922a81f078440d6e3ebd47f39fd433716cc1de25fdbc60d05d7e14f933ec16