fb96a98c14c077156a74aadceabc2e518f6c167eafbb9d4c1cfca5e6431a3917

Analysis

max time kernel
39s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240506-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
submitted
11-05-2024 08:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sony3.apk
Size

6.8MB
MD5

9587cfba1adc9c42bbeeac6ec60ce23a
SHA1

e1a5a3d8377b78e8afb67f87fc9c4696c928fccc
SHA256

0d236b95446c1dcc52359e9121f5ef79133ca1552edb3d4bc0230867b5c6efe0
SHA512

cf94ae910ffc4a8acd1feeeb0479e53d64c6651eec8f8e1969e084530d18ce284f946b57a4438b61bed81e9ec804206fa63e37c0051eb0952b2fe2f3923b183d
SSDEEP

196608:zK6ASF5LzDf3anTfC4FFPxhdCJ7tCHfWS:GdS7nDP9iCYX

Score

8^/10

banker collection discovery evasion execution persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
collection discovery evasion

Location Tracking
T1430

Geofencing
T1627.001

Processes:

com.game.top

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.game.top
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.game.top

description ioc process

File opened for read /proc/cpuinfo com.game.top
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
discovery

System Network Connections Discovery
T1421

Processes:

com.game.top

description ioc process

Framework service call android.net.wifi.IWifiManager.getScanResults com.game.top
Acquires the wake lock 1 IoCs

Processes:

com.game.top

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.game.top
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.game.top

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.game.top
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.game.top

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.game.top

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.game.top

description	ioc	process
File opened for read	/proc/cpuinfo	com.game.top

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.game.top

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.game.top

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.game.top

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.game.top

com.game.top
1⤵
- Requests cell location
- Checks CPU information
- Queries information about the current nearby Wi-Fi networks
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
PID:4771

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Execution Guardrails

T1627

Geofencing

T1627.001

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.game.top/databases/OneSignal.db
Filesize
20KB

MD5
6aa928647f0ed87e0f94949906ee66d0

SHA1
869fa2e7d21d7b50b6b55958885acd96ccd4a0a6

SHA256
a46f3de041aef0f8c8f87e7cefe153dd2333ba2e928817d1ba3af690078bf26e

SHA512
29e7830bb2b1e512f376b3676406b51e3a048b2d724a363e5500591cd54bf76586e8d916054953c3b79be67bf87b71f976bef198c0244885b02d9e506ae87810

Download Submit
/data/user/0/com.game.top/databases/OneSignal.db-journal
Filesize
512B

MD5
ff181b5547eaac556c473d65491fabf9

SHA1
914047ee174487d19b061f6c9750e3ae8e45a0a4

SHA256
195e606e7527b1badfcaf0cace04257caa84e7b87f69152d8421be0e8de66f1f

SHA512
cf78c9a7a0e8917777a3140579f6531978bead7296542e1ac97d673cbaf93c9872ffeff4660e2e30134bcc4efa55e38b9e9ead155ef14d027f93eeaddd6544ca

Download Submit
/data/user/0/com.game.top/databases/OneSignal.db-journal
Filesize
8KB

MD5
04144bd263fb545d5ad7e55f56ac1e21

SHA1
be6898bde137870913f0b619135af850f7c62a51

SHA256
1be595cf2805c6bbfa5efd1622f75b544a7f5f8e5128fbf46b00d61acab86a9a

SHA512
d64c390713c853f55fb206d67d4a556dea62dcea851c23591053fc10e5995e6c753568327646e9a077e39fdfacbd57f8dc49199d2cd1664c1c01d80e7bab6380

Download Submit
/data/user/0/com.game.top/databases/OneSignal.db-journal
Filesize
8KB

MD5
469bb7af3d4563d222097ebe5b220aad

SHA1
eb2c69d4766984bdd2613cdbc717b84aec95df31

SHA256
4c13a288536b3a52faf7945f5a3e73d5c13395799cb7659c8990060881c62473

SHA512
dd153dd5b78933fb80756e846938711ca2c9c388b0ad36f82ca7a4b4b70c3bbf63b605aafcafa920b623ff8523a979263ccbfd4de3dcd6d31dd72c0f2fe4ea59

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db
Filesize
24KB

MD5
96f8369177af05e43c518b3c7211c8a8

SHA1
c517288234c2b2970e15b500736ddc2627a63be9

SHA256
d2db2e07ca62889af39a8e129dcd916374201a25de14f9272c3648323bcd6f3b

SHA512
9d4174666f5a96f645ee1c6287ea4807fd0e55876a0ce8484fe0b26173fc9cf7c4a0ecdb082e3eb585eb2f6de002c896457bc939bb6e6d474cd49d802b0a9bd9

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
8KB

MD5
54994eda87281f99fc463a6a0a05fdf5

SHA1
d3e67e205417e12fe227abe699f62160939af374

SHA256
b83cd013affe6002d0cb560ef19cd80973d23e087497a82fae765c20b427518b

SHA512
74fd46704a5a29cbf5f44a83e733c5494111ee9e7dc7b1b3e60b084fcce83f508354dba9bd53db8b22c8049c53e6b96698c81920d79a3ec6ebfbfb9d65f4673a

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
8KB

MD5
707976c8ca44739bd363320849474811

SHA1
95b87659c2dac285c1829565ad5533b7e3b04e15

SHA256
47600d2539e8c88ab6901a880f6538b38897cb377ed60683f8f02214e6e35b93

SHA512
a8ce8f5c5adee2e23fdac2325fe753186927e35017efee79c07df6aa0f07c17370f5882e33fe7f2ab2833c2025de2cb8c1a59cf7c3bd4401239c3148504ce84b

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
8KB

MD5
b78d3376a24ffd5f84fac1b0fdb01af9

SHA1
9a2fcd39da16cfb6f9649cafeb5dcf4e4ad02e33

SHA256
13756cb0cf6f4fce41b14b90c6aa7a0358a83711326d99512520bb4561e11c30

SHA512
85031eb5e4a386b0998f8f6690096b281cfa2b980c0dab32d8041a8aafcdf9d541ecc3747027f7c06bca7addcee4da326ed5f3994eba6e44011594279f2b3df7

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
8KB

MD5
a0ae1a9a76f8429658896f37b45d6bb7

SHA1
91781a70ab9675cc06b3e7beab0741a067ec3d65

SHA256
fcaf4f9f6437d4e034eac34c70f39bd511c6d2505880434940ef63c0833afa2b

SHA512
e47eb576ae7c37ece78e493c4acbd6d769e275146396e903aae9be9e0871b6cc4e1dd0b1a78200f4e484c1f78d72acf728a9a82475279e459f15b03f5c0f0724

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
24KB

MD5
d517a485a5f561648e707d501011d236

SHA1
9d40166124b6e0292230d0675e50fcb34829684d

SHA256
5890529818c3ff3649c7b47772690568ff1d88f7fe3f9dabba9499720201da55

SHA512
a65d8a38981e9fd60384fd51e9ad735886f842efee65634d879f1d8265e025539b04bccaafb87ba6e69620bc8f7c7acd45f99fbfed5b7c359e9b7a0ad9128354

Download Submit
/data/user/0/com.game.top/databases/__pushe_base_lib_db-journal
Filesize
512B

MD5
0109e92aa7446999c1366e72f4826b5d

SHA1
6a7666cf62ae5dcc610cd3fa2a9b82658b961785

SHA256
451a2c1af5ea46808dbeeccee2f1cdd51c0342b426fa55b63b7805ee6879641d

SHA512
b3891a09692998661c459017b33c8bb280a8b50fcb8ef28d638cf1088e104f511a33989ec1eca25895bad487d970edab822279ad4e2e14d6806734f0fac73e92

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
a17748100c8d970281fc19cc8eddc98a

SHA1
528faea15390ad616a83e8f75a75519f9a791205

SHA256
5dfe5fb305298bdb6eb236a5fed2236efb49b28f991ac0cb538ed84857392a59

SHA512
5494891e27597140e3715da7c6ef8b1a36865d38b4c20e45d893064a172f7434831f4a86b090c46c94395908c32a01161532df849d25bf0a6a6599a56d46e011

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
47080e3bfcf2db9b8620f2faf6c5857a

SHA1
6f63c1851255e0fa99567f047382074b086d38bc

SHA256
dc4f8a73f49d2a6b41ff425fd08b85c1eba5280c438a1a1ff9832e91dfa56cbb

SHA512
e757043d82798926a5ddd716457accf6616894ad1ad79ec832293a1f662910b663239f899bf05a5c8d90fed5bcb093c5529e5bc842fe9003c1d5902f9ed84473

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
9c35c54e15c06cdb62236f88cd1310bd

SHA1
ad7967788a4e98e81de8e3fcce10f6e112bf4ef7

SHA256
76665bc7f490534245335c81d6ff8e2a2488f3ea9bbb13cc51d0c36c53370016

SHA512
8e840cf1f3e4400df6b67acbba62a3fc6f6afc19982931634e292021c1889dbe9080913807682024d8571ab0d4eb050d7bd6dd204c7506a96534c4dcaeebb4bd

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
e2a62b27e91a066a9c925cd2efe8fb4a

SHA1
c427c066443c832aee22e5c78ce246d4733a6f82

SHA256
8b82c2c3704679544ac14fc44477858f71eacf0ebafb54dfb46a2bce0ed136d1

SHA512
96ce376df20878d4f693f7556036a86ba6fbe948c5c62750d4ea80836e2daae8ef3b932b1fb09509e81a460baffb9103cf3c8d442379a6acf63ce1e1f1a7e45d

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
9946baeeed52031bd32a7a47a546ad1f

SHA1
9ca0fde908ae43eb889916e2e18178d5a97b87ad

SHA256
d27da49a2a47ebcd41c8286377221f9620339c917103701c0a6575968cd4edee

SHA512
e133b8bd61cad707bcf4b7a15a7bd72072e21ed8c415f9bce99f6fa9921b7bde1b05b6fad535a6cf8f2eada180d22faa732c2dd12090eb9cbf91963b84079187

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db
Filesize
16KB

MD5
b228f2c89c9dccca78ddd21451e3504c

SHA1
0b30c333f6fa236304d74c9c8e2b186818691a65

SHA256
699fd9b185f3998390891154483ec7659426cff0f3b6e241742e238a39833946

SHA512
4c38095fb44c492b66ab139f33a1fff0bcdc3cc89944e1c48381082c2d6c9808e35aa8a72fdf62dee1244c492a980b14489c2c7b22e7c8b5ff34cecd59d4bb47

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db-journal
Filesize
8KB

MD5
83e0348bb46f59a6cc340fe05b63e4f3

SHA1
e6b24bbf1597aa7ec8c0daa685b59380dcea76d9

SHA256
720dde2ba409b77e88bac835008b4c1aa06e541435a860abe65fd0c534a102d3

SHA512
e155704ed8050fdb4060d217a53a124487f240f0cd2cf55b3b75b92159c0378bb84e73cd8fa0997b454c4d65000694f5eb3740ed01be6be7c596ab1674e24b70

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db-journal
Filesize
8KB

MD5
fd43eab5366610226092eec096a6b151

SHA1
1719bed9167327236887d7343502bb79053c2a4c

SHA256
49b2a9bd4e7b44b489f73eeb12db5c371b51d77204baa55ca5c7b8d0df784324

SHA512
49875a119b2046d07aae7cbbdea4ee4e0a49da9c6cdc3577cebacf12f432765bf31357ebef9de51c957edb96b95d021d85c67c203509167887ff87f2fe11d67c

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db-journal
Filesize
512B

MD5
174d6806d13b5dda030717e5648e93b5

SHA1
c6b05055b8fa642121942e76bd7a97c96eb1d3bc

SHA256
b72648250e7536341bbce28a18e797d94a33d1f80e9589a4242dfefd834a6c1a

SHA512
fb3418715bc6f5fa049dd1351b1434c1563b135980a8fd18c77c5aa86ef1f597897b03f5b4f663d7bd7192472707489f3a1faed9be6f5187045fe14a23eb15a8

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db-journal
Filesize
8KB

MD5
9bfd9d4a4bb5f43b7cdf4f8be17a8a79

SHA1
f2ad65e13f3ca23e5f2d8ced27e3300584eacd18

SHA256
075228591eb3e16fa347b352fcccba4b591a6b26c056448981ce941f54cd6594

SHA512
85ca5f57cab99f2887556aecc8cf79d2ea52b3ff89def886943c0ea2b2624c0ddd9ff53801efac6dc6ef5332a443c30a05e9262a98d3954a7438f69b75c9d578

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db-journal
Filesize
8KB

MD5
66c7320f691294d372f2db0156723a9b

SHA1
94272afc7ead26fe30e824eb5720440080dd021f

SHA256
a02b2346a2ce414565f1c8b028ce550a8a90c81bebc025345a3864e418f8c780

SHA512
04845f28a7782980e9a883275ebae145ae4b7602407226218cac467cc8f953736e0bca443c7e39f4567d62473d65e05a1610f3d61dfd17b8a0166fc14df4de5e

Download Submit
/data/user/0/com.game.top/databases/evernote_jobs.db-journal
Filesize
8KB

MD5
01bf7b1a47984fb30f0dc4c4dc2605f8

SHA1
b0e60320f49a4741b1d9ad3af8475cbf53e8914c

SHA256
8cd311d30e92b3d8972bc0ffe7cac5d02ad12de0bfc008a1b88c8b93e1a3b4a2

SHA512
fb74f9a0eb3708361e095e414ab324e4bfe725095eece9590d5de13983d9999f56bfc08e542f4f6f0ba77ae6a957d9313232f986f27af0ae7b32d8211f42996e

Download Submit
/data/user/0/com.game.top/files/unsent_requests
Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit