39eeb95059edadedd820a58ee53599d93e21b8f683521df26369dd64fa7285f2

Analysis

max time kernel
9s
max time network
168s
platform
android_x64
resource
android-33-x64-arm64-20240508.1-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240508.1-enlocale:en-usos:android-13-x64system
submitted
11-05-2024 12:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PikaShow_for_PC_v83 [Original File] - (PikaShowHD.com).apk
Size

16.4MB
MD5

39513824abe081261fc6f7b29c311aaa
SHA1

01c8720dd45154520e7ab922a0ab3b0c191dd529
SHA256

39eeb95059edadedd820a58ee53599d93e21b8f683521df26369dd64fa7285f2
SHA512

6b13be7e2e87bd7dd31ae3581954a8807906ae65c2e00410084e238b47fa449a76f47a2b0822d86c048eab7bb540b495c8cce4947a78be932ae786cca735023c
SSDEEP

393216:ZU3PewET6HU2Sl+pulhfIhzxVtdEYUrCmlCS7gwU:ZU3PePKF7jhzxyYK7CTwU

Score

7^/10

discovery evasion execution persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.offshore.pikachu

description ioc process

File opened for read /proc/meminfo com.offshore.pikachu
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.offshore.pikachu

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.offshore.pikachu
Acquires the wake lock 1 IoCs

Processes:

com.offshore.pikachu

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.offshore.pikachu
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.offshore.pikachu

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.offshore.pikachu
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

Scheduled Task/Job
T1603

Processes:

com.offshore.pikachu

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.offshore.pikachu
Checks the presence of a debugger
evasion

description	ioc	process
File opened for read	/proc/meminfo	com.offshore.pikachu

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.offshore.pikachu

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.offshore.pikachu

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.offshore.pikachu

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.offshore.pikachu

com.offshore.pikachu
1⤵
- Checks memory information
- Queries information about running processes on the device
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
PID:4265

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.offshore.pikachu/cache/image_manager_disk_cache/5e7e3916bae35e6d1558709fcba11be4e530705fec3bafb79168cda387521f06.0.tmp

Filesize
77KB

MD5
b8f0801856f90b36503920053fda984b

SHA1
cc2eb5eb2f2931a38fc65cb79a92ba7502531905

SHA256
1c0bafc12377fc5e29782ae0a5d9b45913ab81574da36e1ee2cb6e024f1a76f2

SHA512
1ad7c7ee4d78ac2952164826dde7143608b7cd5341fbca1ad09f73cf77aff41552bf4a8a6f3f4f23fa401a2da96b2b68f47a97532229d4219ad73a740f10dd86

Download Submit
/data/user/0/com.offshore.pikachu/cache/image_manager_disk_cache/journal

Filesize
179B

MD5
2374179681e9e18c7259e2c355dcdcb9

SHA1
96256be353a1e14ede3ff6b74038bea3b6d54e60

SHA256
9d0fda87c725034d5004da81f62bfcc5d0733fed39d8b1a2392a235126e9e809

SHA512
75410fd1ca427404c5dbd4a755193cb7cd63b2b0c8e0ff47ef2fbc4c149ec2852658df4010e8ce93532f3b83c5628cb84a9b6817cd8c962913267f74e1ea21d1

Download Submit
/data/user/0/com.offshore.pikachu/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/com.offshore.pikachu/databases/com.google.android.datatransport.events

Filesize
92KB

MD5
0f67ae9ceb0de1e8c493be4a889046b6

SHA1
3ff7a674345dbd9890947407aee0805521e1ede6

SHA256
f459059095c8867d2ac3e951dfcf99fd0a1b79e6dddff0b88c222bc1b5e48643

SHA512
b297b92b7562ac15a6d7f5aaef0b2d37338fb42b1147a1306500ff6815f55c6f73a46de319b3eb7865145f5bc894d1698b811eeb81c5c8e55c8f435cb72719f1

Download Submit
/data/user/0/com.offshore.pikachu/databases/com.google.android.datatransport.events-journal

Filesize
28KB

MD5
a2da9b6c20f4939b903dafe15e9827be

SHA1
d2863b0ff5cd3842994aa53932ce2008ccb0cf26

SHA256
78c7950ffd0628ac4cb442cbd4bd7620fd8c98b33fae934d24aabb88e86d63fc

SHA512
fdf9f5a893baf0a4dc9302f664b89df37020605eade00caf157de8d61a91d03b1c38163ae19e13bf07939610fe0a8187996892c7943242e2a304d087d09e41c6

Download Submit
/data/user/0/com.offshore.pikachu/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
2a8b01cb76883bef579719fb8f162dd0

SHA1
d099c31302124fd1266a6c9dbc215fcbeec6f196

SHA256
c4a3fbeb38b4ef9e73d0baab3e0268854a5458bd6c38ee92926a9f1cb1f43ad4

SHA512
9c29aef5fb07cda561e37cb071b37f92d2d674c102dd386d2cbcb906bc096fe1fba787f8c0ac505c23f49572ebe00df3b06df6af3c896669bd5811e020fb9944

Download Submit
/data/user/0/com.offshore.pikachu/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
fbf3987595b346a34419bbc994ba1141

SHA1
83b5dd592de053e8099c4daf8efdcaee0bd2f762

SHA256
4970e7c10accd77c2b1d2e5bb6064f8f49b6f1c059dde945dcd04ab4f3187295

SHA512
3cde14244c9f85e1c8d047d2ae1a77aa8e84b13ee0c70164dff83cf0043aedcb9fc0b26c676b71df55801023eab5f1e31e27b38a9fdd288f4e7700297475067e

Download Submit
/data/user/0/com.offshore.pikachu/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
073fc76e29eacdeee2c720fda56351ee

SHA1
62f7a86052aab006b968a7a082ea374d76be0907

SHA256
3f17a6c4575d6c59fb701eb6f3818e3dc7ee88c150bc9dd2632a86fd9bfd4e09

SHA512
e165081d3ca686991aee4fa81863e5c53e507a79be461b7b898e3b01eacdcf62c035c29c8dd996053a0858ad4248fc19fe229e720e97f09d90a9d13220de6d45

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cae422f45d395f45dd5ceca0a45c3c9b

SHA1
258d2faabd9d30648342018408b0da5b9a2eefae

SHA256
5914fce886aa6638791280df778069c93e01bdecdff38471ac7f0165c39ff036

SHA512
0f93e81a8dc8bfa31fd72e014f228dde97ffb5d7d52c287c79002e6cacc2205841dbd99c439e1ca066514f1337d6a5d5c12684e02488288ae7ec07cb1e0cbfe9

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3250c5db4b82782556108dadc897ee71

SHA1
d688b9464730af5445bccf9a1481692c68bcdf39

SHA256
8a778033a174529c65fc6dcaa29da74a33f8ffc5844c218f9fb4b0303686b8d5

SHA512
8622ea91d5b8158f37d66a9bd8cceb146604c7b8484a4dbeb65386629d9eac3d7a8e64309ddaba12dc7a16683289b8a9fac1d6ecd670a060222349dd8e0586eb

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db

Filesize
16KB

MD5
da419085dad8a460a708c9cdd7e5ee39

SHA1
f28d37469d1721ca99f7e9d378341307f445e6ea

SHA256
48ad5d37c1424607d5f878c85f0456f3f7a3150219ebce67821406c0f2132487

SHA512
e5df88fa81f9714823262fad390bc92841a841f1ea436dae15a7f49e6e3b66534da2198c297e28dc772b3bd3158010d0946c21234792e316e227145dda8e98be

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2fd1f691a1923c6dfe6acb244f4ca2b9

SHA1
72bd74a7f8f115d710b24613e5df329dac1ed689

SHA256
eb45e3ad886af64d651c8e804ac57c599285ebed6894bd868ea452096889b4b3

SHA512
be0f705b039017473f6cf9cdbe5059f8e2c75ac93979aa5247b39fdee54b62507ecf9ae5dbfdcde85cbca014b4d501277e99bfe76393f55e22de6edbf29a9459

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
897fea66f8f2862c37f2f210b13f1c2e

SHA1
ea1716f9f7924f133b0e0f85fb73ba8b6cf0f042

SHA256
58315e7fc71f93443499825cff0fa1e28e0a62c7ceb3294929aec985e2f7f4fb

SHA512
3b97c6af7001e650aa279638602705c52ca7ebaf6bcd82d52eeb6bc3c8acc5ca4995727358a2876f89a7cb76a2f740ab4d214f1f67579576e453d223225d406b

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
c00ee8daf0406177d5056829d3549d19

SHA1
a146da199fd1a703a8ef2738e8d75cf9a2b66a70

SHA256
5b9a2dbd9f45b370144277af22686d7cc7027124d581463408f988e5b6f44811

SHA512
e8dce8757d1680e9fa18f50a2fc22bef620288e2a5ece474e4256793f8ecf385bcfc10b1ab8b89f74083bfa2447f75ea992bd92f7fc9d22c289e1962d05e4e20

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c06fa2d50be7d6b1b3d0b2d4991511e6

SHA1
460d4a946d86caa92d55cdd940e3684529679d1d

SHA256
76fa7da55608eed719d9ad3fe868a1b5129f62bce0f9fbbf96bb011c2670f18d

SHA512
00848360ba6dfb37efedbfc59eaee87fd1636c0698e965238155d6570bd5ab1028aa46b97d6becd8288707f144160416d6207c1c1b90119eb432de7a605f64ea

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
aacf787e00a0afb99240185b7782f528

SHA1
1ebffb6110ddcb3568bb267c52fbeaf26ce83087

SHA256
c33eef1afeb2efdd09a20d35ad139b3faee3b43de25d2bb480c1f71ba66de9cb

SHA512
029a5d83e52ccd55041e425ea75100c0525078ab4eb8cc38d9e5647ad79788a13894d8f471a03bb9699bc87695e12d17721b2b9c9758777b1bc547e10f356969

Download Submit
/data/user/0/com.offshore.pikachu/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
80d950afb563d41cee1913280bacf4c2

SHA1
cf81170ee5fc58e539eaa5ba945b6b784fce088f

SHA256
c53303d90e1549014a81e818c554543480c7b132292e468fa60bffaf4ab9a221

SHA512
2546d5cc5f07376817f2b0c44fe8dbfc021f0a016deb37440e808f447c55df4c1cfc6ac996d33cb23695d89ae2100fa195429596104e14bf0afe12f63397a8d9

Download Submit
/data/user/0/com.offshore.pikachu/files/.com.google.firebase.crashlytics.files.v2:com.offshore.pikachu/com.crashlytics.settings.json

Filesize
713B

MD5
24df3063138114b8735e07512465107e

SHA1
d4370bb3551e7de5d3c677c149221df8bd9c05ef

SHA256
0aaf0fd94f9405e04a499cff4fe6a9bf25e62c8f95aeb2df145fbe64f6d1065e

SHA512
9b38d4f9fe2d7a2c6274196e4f1d988f51f0b4166c50de1bf89c78cf1a584c00270f699216dc314e45cf451de0c4fdce7c6ab6cbb9d73f7f13a5ae290bb12dc4

Download Submit
/data/user/0/com.offshore.pikachu/files/.com.google.firebase.crashlytics.files.v2:com.offshore.pikachu/open-sessions/663F63AC0188000110A95DC56C7D76B2/event0000000000_

Filesize
36KB

MD5
43d1f9343e6b5df1a8f96ec519d7d8ce

SHA1
f2cb1478896c448e1bf60c108bd2f99ac1888b9a

SHA256
d6cd562a0b9e3512d0f8a60af854233c748b96ffd89f46e7374dab9e23a75c94

SHA512
7565b57f7a50130dbe3e5131c927aef59b6eca0165cefe47acc962eaffcb62becbc32cb7a9a20ebe85e14fdcef2d191a4e8a3c29968067e7d1e15938557fd450

Download Submit
/data/user/0/com.offshore.pikachu/files/.com.google.firebase.crashlytics.files.v2:com.offshore.pikachu/open-sessions/663F63AC0188000110A95DC56C7D76B2/report

Filesize
749B

MD5
994532ab3fa204ccdabf1abbab9216dc

SHA1
2a3b8d7229fb9c5778caf489277366334819fe50

SHA256
8950d3a93c518854d1482fe6a42567dc5c2e48a7f8a5544ce001567d7da52c4c

SHA512
25a36bc08473bb69ac9db434a024e9509cbf3fdd6afc613bff901c2e1f4c9f8e6b28e06e99a66a94c9c740437feb16b9ad6df69e72d8b9928cbc3c2b4ff116e9

Download Submit
/data/user/0/com.offshore.pikachu/files/.com.google.firebase.crashlytics.files.v2:com.offshore.pikachu/open-sessions/663F63B10306000210A95DC56C7D76B2/report

Filesize
749B

MD5
3d62cf29507661b9e3c95cc562b5dcd5

SHA1
efad8cc857028e72e80d3d33374953931ce70c3f

SHA256
7f00dd2b8006a7828f8b448244ef7a0c30281962f2a2168a680550e8b7dcb8e0

SHA512
613d05c3fd1741f95974fe4d18e5a06b42cb0c04a19dd29814d04cf7701d8832f6a9083c2ce79b5ed434cfe85bfd67f6e582d29455a57044890550123b400d04

Download Submit
/data/user/0/com.offshore.pikachu/files/.com.google.firebase.crashlytics.files.v2:com.offshore.pikachu/priority-reports/663F63AC0188000110A95DC56C7D76B2

Filesize
37KB

MD5
4e18efdcf6fd8a5dbefefb1a634a1fc7

SHA1
3f3283a961553e905deb3dc50326187d7c813097

SHA256
ae516d172a7c1a2c8307d1afff9fd60893f9b8f87495f4138217fca41bcdf7d4

SHA512
a1e7422630bfa884ce8c21775e92ab73e2d0c27e20a4600b2b2cac71d3ee94c6d59efe503c7769197dd1dff1e781fa71e1eca21d3493ad18a0628bab03cf923f

Download Submit
/data/user/0/com.offshore.pikachu/files/PersistedInstallation1703053064718129831tmp

Filesize
569B

MD5
1f0e8770335a839a5ad0187f6b57ee1e

SHA1
dfd921f5e11bbdf85d67fd0b055f50135601a736

SHA256
9ba13d8b5b94d4b62d6d7ad33460a699ce94a89bd9398228d59bec0f2cd839ef

SHA512
f98b53642a44daccb2cd6778cfe2b54c9d2ce4c6edc757d9f3de98484235013d9bd249f2a6710feec16689f784c74a0aaa4e6f88073facdf7d71a974ffb7ff85

Download Submit
/data/user/0/com.offshore.pikachu/files/PersistedInstallation5967205951429504133tmp

Filesize
90B

MD5
c5c70b9db4e1ab0e4facad2ac4aaedc5

SHA1
41f1dbee2dcd0490f22bca6c604a6edba8b41d74

SHA256
1f67c491d36db198ffb66a5bc0644a2d8b521159609bbd4223cf26a9974f77dc

SHA512
4610800cbdacc98fc3d6590236ce510f058d77207b34039636f4055997d519bb370ba585d02c2f8915105cb1218cf6af332903aed6564330bad12aab19c89feb

Download Submit
/data/user/0/com.offshore.pikachu/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
1aaca10d01f1aec385b3aa76d354ee26

SHA1
381113ea10c70048d449c5e559fb421d067278ee

SHA256
590830b61d4379a8c7003af9f221c2fc685fd8f8edbdc243b0466a3c964b816d

SHA512
0381d0c428341a17b9e4705c8982c2faf69de886517f5241452590b9821b740db0442647b4ca35626fe69369eafd207d4cebab97e7d0eebc52fe1c22754abdf6

Download Submit