fb96a98c14c077156a74aadceabc2e518f6c167eafbb9d4c1cfca5e6431a3917

Analysis

max time kernel
21s
max time network
155s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
11-05-2024 08:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sony3.apk
Size

6.8MB
MD5

9587cfba1adc9c42bbeeac6ec60ce23a
SHA1

e1a5a3d8377b78e8afb67f87fc9c4696c928fccc
SHA256

0d236b95446c1dcc52359e9121f5ef79133ca1552edb3d4bc0230867b5c6efe0
SHA512

cf94ae910ffc4a8acd1feeeb0479e53d64c6651eec8f8e1969e084530d18ce284f946b57a4438b61bed81e9ec804206fa63e37c0051eb0952b2fe2f3923b183d
SSDEEP

196608:zK6ASF5LzDf3anTfC4FFPxhdCJ7tCHfWS:GdS7nDP9iCYX

Score

8^/10

banker collection discovery evasion execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
collection discovery evasion

Location Tracking
T1430

Geofencing
T1627.001

Processes:

com.game.top

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.game.top
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.game.top

description ioc process

File opened for read /proc/cpuinfo com.game.top
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.game.top

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.game.top
Acquires the wake lock 1 IoCs

Processes:

com.game.top

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.game.top
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.game.top

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.game.top
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.game.top

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.game.top

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.game.top

description	ioc	process
File opened for read	/proc/cpuinfo	com.game.top

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.game.top

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.game.top

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.game.top

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.game.top

com.game.top
1⤵
- Requests cell location
- Checks CPU information
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
PID:4190

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.game.top/databases/OneSignal.db-journal
Filesize
512B

MD5
051d45da5270534c2abb8c35254ebfb3

SHA1
8f2c0fc50a6f5f3ed20cb620dcfb3c3eee4b4fdb

SHA256
a5e4bdac09d6f626a0e499fa1b2a1bcf3a2a686f8d0ccb14baa2b9368236b3ce

SHA512
9aa75f8c4e6ee9c162a8e91a2c07b37d607eafab958860fac1ccac945c83a64d19dd39a70265fb3921b2895d299c0970feffbf579524d8c7f26f32e1dbc53033

Download Submit
/data/data/com.game.top/databases/OneSignal.db-wal
Filesize
32KB

MD5
169a9ba1794b9073cdb6b73db3edca9c

SHA1
d9d9ef9bac095fe5eb7e1aadd30fc440615dc89a

SHA256
0843ed234c3baad308c487f40cfac73a557d922bdd21ebe2149aa65cc28a9522

SHA512
ce8eb8a527fd7247954903be3cf75d57c1d4405ce23b81ce87c1ab95fe7495384dfa2b80ffa4966b43cbfca8140ab664a570ea0f2180677a7d52196c1baa8eed

Download Submit
/data/data/com.game.top/databases/__pushe_base_lib_db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
512B

MD5
a34577be58504412743875bce4528a72

SHA1
0eca9ab1c833b7f1d0bd3643c8691683297962f3

SHA256
0dc690ebe75b9ac2b4e481255131c3f3ffc740648cf6154db5c7a29185b181ff

SHA512
827ee5945403f7dac7022f95028fd8bd327ab810fa3e4b73e68a198d4631f0da0aa1dd6d3e22d0f7cf8ef717c081cba673734f23fcad97ac24408a8e4d9ee681

Download Submit
/data/data/com.game.top/databases/__pushe_base_lib_db-wal
Filesize
92KB

MD5
c79a5b66c58e4ec3b4c6fd7ebb0f7697

SHA1
d992c5a672427444a724816f8aa0cf85c9f61cfa

SHA256
6aa50e4400490ae67cec0842b1047056ad9b2a10b9cd6349d3f14bbbc3b2b5fb

SHA512
2fa0ca0948ef5e1a12901731b02574f64e2bed33911ea0f87b4609eb760241c9c9019de5e23b961d75ba30771a18be1311ad967de5b2bfff17ab6afbd5ddfd40

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
ed096ea9523c45934597fb7ec57c620c

SHA1
1f76d781a408b5bdc67b4474cdeaf62275761b2e

SHA256
e9b1d17817f36f7c5ec6fdc7e089f6e6fb81acf87b36ec7af326ba445f442f69

SHA512
057330f4d03dca1e9a497ccee6742d89c9911283bcc932672381daa2a7359a8dde9e2e44160b2c1cbbfd72b2d87c54716b96b7dd1be7546656b07ebfa3e71d78

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
978fdf85b8448e3a7c9015e51477eb49

SHA1
793bb88398dc9457935a4416638d5ed3974baf19

SHA256
8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92

SHA512
852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
57f8fdfc976d39b8260b62e719b79878

SHA1
22f92b68abbdd21a981055091c33fe3a1f845850

SHA256
acb25651493fdceb8691aa96ae836b5947e9632d9d386a9256c9acaf06212ea5

SHA512
ac005a96f0568f2d65e0374fe7dc521791c15a141fbb91ecc665567d6516ed608fcfdab57944de57ccddedb5322aedc3b35e224e67add3e45c221ccca67538bd

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
32a66924a371cd3ff8bfd35be8e53412

SHA1
b8bcc6b9d239876255c5b6b4512a145f3a50cc6b

SHA256
948c36ae97de247d0e26daf23ba7b211bdb93613c8cd399c2dd34e185c19df87

SHA512
7b684a02840a4147549e2dc451087d8a7b0256622427f04c6298f74bd868f2473c82a9aa9228e814880c15452c0ce7a49073a93ffe1cb0641b1bb2a3c6388b90

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
b5693c2ef99ac0f1bf909c99425611fa

SHA1
180cb3d352bddb30cd7cc23bf03949b16fe6f92e

SHA256
9159535a98f844cbccaad2b325950f4c6df784680c8e82df3ec90b4909ab90bd

SHA512
dddea02fc566e17f4f52539cd2b8798d8e82b00a2ac4856e4744fa92dc4d0b9c6914d2b1557f4769115dd8299abf3766efbd08c7b5c323466765fc12c7577936

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
17f362a7da4c864b4a5187e3cc1720ea

SHA1
a47febcfff60731aacfd727ad1984c22e3ec2cfe

SHA256
fdb7a931af0f0eb8391a8eb55d88d1621828ebb79f84dee38e2419a36ee280c4

SHA512
d598471be0adbe7f38c70716dbb62d77563fd1ca76540fb495d9f17a0917967e8efb3ef86a8f8dc1bc2ef7dfdcf7ba5aad8a354b674d7a29d946484dc3c3d6cc

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-journal
Filesize
512B

MD5
6d2a0c8dbb9fe255b16446e0857b5155

SHA1
e117763e6343ccfb31896142e0a2de30f443c761

SHA256
85ba5aa75f574ea4471f5ec790f248a28e841e9238f660bcbaab41ab5cbc16e0

SHA512
82d2bc4ef4ba0f84df1c16f4ed9a9a90ef7c92258c9839d405f225d0e3e7fef3c5faff8020289caa16a319d9477aa68e16682fc0b5e0724a26edb5751dd5fc13

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
8b57fab551e877feb212fdc3a281bfa3

SHA1
b8d6d9d1136d531e7191f9935a2f516aeec788a4

SHA256
033f405c431ac862567130f35b22582da115f42f07ee68e682aff0d013a20aa4

SHA512
61134a82a409203a8f0cd86b93f01f4cd369292e736cc16fce07f93348f845fd3c7aebaf31fed69a08eb80b4075e394803091a751609294af4d75fa83adb9595

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
d9d852cfc2d18b2af72aee8f108056eb

SHA1
cb3407e202776c666cd018db8cd509a78cb9d5c0

SHA256
4f99854ff1195d829ec1d73d05d2f4a714c6c83580fcb6926af0698fde01f9af

SHA512
bf4f53a2b26aba7e0cf25530d05b1f16d07a474280ec80916ad5ca7e56710e8ac7421429227c549e7db9b59c78fac4e9467efeaa0b0edcd23bde937a43a90e09

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
fd70853fbfe3ab8d0b75346cdba425a2

SHA1
80f99ccc223fc5bdbc4be9096b2fb04cb939ddec

SHA256
dd03bac0b93c1a0921a6176435d3ec6b0e8b4b0b81c1e9ca8d499cc7de2b4372

SHA512
b542b1bb5f3696f068b3c38f3682a7d434d8b5e67f7461ab88de0ca63bd963769e67185c1a3899f96f1ee406f30c539a2fe07fadcd67c357c02231910c2f5e21

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
b36e529682cdfa621faef10dceb459a4

SHA1
4132ccc59de06012c0ed2288627f8a9541474723

SHA256
d6ee8eed3a4fe35b1498996ef0aad207d2e650b15bf1c1ead6deae231c15a4d1

SHA512
8a0cea6515d2e37c2bb49bec078464734a5eca8a819d7b817367a7a1c1b38e8792701dd1d9ae7ba67656b814e73ab0f83375b698d710cefd5cd6e68d38bd02a7

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-wal
Filesize
28KB

MD5
d92a8aec055afc8b673490321995914c

SHA1
6b38db67c57d5d8d4f9fef624aa23fec9f49e1c2

SHA256
1b829a48ea10b9d8cb413268cdf8c299621f560bc8fd78a5420c30284482fa04

SHA512
52307eebbe0a76426ea3e5c51187e1de25e206de4016e2ec49bfaeebb2c533c4d606c0d7bbc5b1c4a9331ef173a1edf21249129d392f4fa1cc121bcb068baf3e

Download Submit
/data/data/com.game.top/databases/evernote_jobs.db-wal
Filesize
4KB

MD5
0e22b1a29323dae2119a8aa8eb38f7c3

SHA1
b77c1373bde6bbaa0a9b6e7e5f988539938be273

SHA256
18626e208dfd7dc6a305b9dd3a7411ac757f30b44fa812f3c1f54b2501d910e2

SHA512
a844cc51c6c6d0b1a78ff1a1f1fac749f39f2e3a4169fb11440d904d61d2c00fff2f38848f1f48475bff45713c771eff16f371860e88d9095283fa2a6a2a7052

Download Submit
/data/data/com.game.top/files/unsent_requests
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit