Analysis
-
max time kernel
80s -
max time network
132s -
platform
android_x64 -
resource
android-33-x64-arm64-20240508.1-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240508.1-enlocale:en-usos:android-13-x64system -
submitted
12-05-2024 12:10
Static task
static1
Behavioral task
behavioral1
Sample
APK Editor_1.8.20_APKPure.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
APK Editor_1.8.20_APKPure.apk
Resource
android-33-x64-arm64-20240508.1-en
General
-
Target
APK Editor_1.8.20_APKPure.apk
-
Size
9.5MB
-
MD5
e538dd06ca86150d6ee88b0a7e051cb6
-
SHA1
990e7077c7a4d9bcf0682fc2de8c15acc3a685a1
-
SHA256
c8e5cfe61b7c274120ee803564fd70783e5ac3bc6c1d5e1668356180fe97ea14
-
SHA512
fee04fc1bf8226a26d54ab9e9e99f900cdcc236597f6af604302c55bfdb812682cec01a008749626664bf680346995afd1bd771a31ce0614f0ca424bed1ae876
-
SSDEEP
196608:tES/GDith4A0Tdrsha70k1eGvzlXsQFhiC67Xc/UFsJ:tES+DiX4A0TdohaFzeIhip7XCUFw
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.gmail.heagoo.apkeditor -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.gmail.heagoo.apkeditor -
Loads dropped Dex/Jar 1 TTPs 5 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /system_ext/framework/androidx.window.extensions.jar 4297 com.gmail.heagoo.apkeditor /system_ext/framework/androidx.window.extensions.jar 4297 com.gmail.heagoo.apkeditor /system_ext/framework/androidx.window.sidecar.jar 4297 com.gmail.heagoo.apkeditor /system_ext/framework/androidx.window.sidecar.jar 4297 com.gmail.heagoo.apkeditor /data/user/0/com.gmail.heagoo.apkeditor/cache/1664557424545.jar 4297 com.gmail.heagoo.apkeditor -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.gmail.heagoo.apkeditor -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.gmail.heagoo.apkeditor -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.gmail.heagoo.apkeditor -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.gmail.heagoo.apkeditor -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.gmail.heagoo.apkeditor
Processes
-
com.gmail.heagoo.apkeditor1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4297
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
10KB
MD5dfb68e70e8eb84d844c9ce623ee069c1
SHA1369e761858a904fe9fb89efcfc9bd3e6e56ee44f
SHA2568ba015cb192f34326e6a46f765c6712d87c3797661541275c84b9a30ee449eec
SHA5120d5f8ff91d3cd5c976cadf774b8d5cd6f276793b9eb9f3d8e7168eae122b0bfcffd833be9762de441d4b52f7bb3eb3850479aea37ac327be9b71910c6fdc566a
-
Filesize
21KB
MD5722310b17c81cc3d780d23e1a63eb450
SHA10a0c1a939f923570e5da88aa5c7b105052f056e3
SHA2569f2d7ff525ca785553557c351812252c0beface31440517e2f19929fe76472b1
SHA5121a48e9383a0befb0c6b4755a8b56f352fba317910308f701e13ce8189c465cade6b0af510165d586745f1913a61cc68f91395949202394336a59c34596691a91
-
Filesize
36KB
MD5ddbc3a54dc941f5eec5d61b46624ff68
SHA1e4a3896382cec2e2b37bbc4460b526910ca717ae
SHA256a3e269fad88050c07ebd6356a1d58817b329f567a5a37f1d0352e7d7c4abd43f
SHA512aa059e4da5efab8ec1c5f7c2377ff2bc0e4a5e39271d608fe4d2cfd373061d4a802e49cd96744fc5ddae1f235fe4e0487b945e98c674aef3b0ae2870e1eee471
-
Filesize
512B
MD549375639f558069505049c27842971f5
SHA10fd8277048befe5e49f326ce67c107085fc71226
SHA256788bcb3870c6ab03b770346cffa93a7f452269e23d651639e7234c08fdfef942
SHA512cbe6605b23fee8ce99f0217a25156670e20df43d44dcfa8010c80ae1999bdbb1ec0117b7620c29d02f3f8eec1865f6aeab084d74dfa0ade3290a538b76f42134
-
Filesize
8KB
MD5b7a71a9451ad5a0fa2f5659fc9643a3e
SHA1335185d23ef9badee38a722f4d473a34c62b9d67
SHA256b6aef43cd7c2e9179a7f276ad449267a9adb0aeccbcd51a7b92c506486be501f
SHA512d28132675101cd0d19c91e2f97bd02038525bdd30ff0b916c3586a7b9260ffe45e3f142c281ddf1db9110fbd4e0cbf60842a8b9438e5b2f27869a835d71a78bf
-
Filesize
4KB
MD53a69c4f97a0d7fd1e1144b072fe62057
SHA1b837b662edd9a0e4517114544436bdbab86e485c
SHA25677aea6911a3c9c59166dade63163c32c60c88e85729227073120bc9ed835474d
SHA51258ed7a03dfde79e36cff6d0defad5a36e03ac3ae132f017ed90db61027cb3abfd34de309689173f1f9b0e39f956e6d0d052074c470868f4064308d1036f252a7
-
Filesize
8KB
MD55f5ea4703088f0bde84c2f099729bbbd
SHA13fbd103fd5759107720994984f5a8ee86f051fd4
SHA25665f1a31fe3933c9d810e31a5b65e3892721a3ea06238cc662c47c6cd2fe1303e
SHA51275a02b6fa0949afe6a924cbc2b9ee226e25dc54918280233c8d89cfc70ddbccffb61a6ae16735ecc44b8311b721228b7e84182d3a28817d72299d246a74ddfa8
-
Filesize
8KB
MD5eb46ea10f2277102148a333452b8f040
SHA18185f08a4b1586f35b679957154675e595dd3db2
SHA256593a7373ecd2aba8b4c016a0b943b7888d209329f6917e9bccfaf8a9e1d893db
SHA5123d10ca87ad6f5bd5f17a9060412e7b461d0ee2741dc3eee0414c596539921220092e0ba9a0ee31066709b20ad54009584f77610a2ed34d962195fa3f6b7a4c5c
-
Filesize
12KB
MD59e3237699bc0bb3ac2a4842631534335
SHA19bdc72f1c2acadb4b8bd17f303c442a135f378e6
SHA256247cb2a79cd4dd63a0de221dc094be05b5e491fdf0b59a209e7060fd662417f4
SHA51201dc6c92c5193b385d1bcd2e9872a39f20260338b289b96350fd058efcc0031e6389185bc6b408b956190596f468da101f1fd8cd86c8b29d1253f0b0c71aacb2
-
Filesize
16KB
MD574b83ba4ecb26ec884cfcee7a70068f2
SHA1f73deea55006b7fc35e384b10823bbda4ddf127b
SHA256463c59e88ae4dcc878dd9d472dcd1a6979a9dc51accd7db90a5560e624987433
SHA5127dc6c26604fed9379ef1847e9bb71e41ffe93517b240b3af33e59e26e486dc087db4f689852a3cea07a2e8bb3e09073f3a94711f74c6c073e08e0df1cc595d1c
-
Filesize
16KB
MD5effc05e3201cc2598b56a125132c39bb
SHA1ec47a6b65b1c8b91736e40bdf15c1a94c045b262
SHA2569416fe679dd3db6d59a7fbd9a0b1faeb0a71b86d32b610c1eda1e5fae26615fb
SHA512f8139d14a1aafcf0e40256ca1765df2aacf5dc80015a3665fa6d477d3c5171a678126997ca1334194701f7da36bbbfdafdb6f9c509394d8c039fef07d9839f98
-
Filesize
512B
MD5324e0a624cde6044646e7992fbcadab7
SHA1aed7fdacc3b1e3e8ccc2c1da8f99b5e8f04d539d
SHA2560af820cc5ba00df5e707714534aa5ed0ac333f37de331ac02ab3ff9d1c6044cc
SHA5126a7b939b6113f4c7abcbcb2f7dc59e5155e6e9aa23865939ac860bcfa5f52f609a498d371f4575bc1965115e3627b211048c138f0db03c0b6dfa8e03067eff21
-
Filesize
8KB
MD5ccd9e89ff2037184b30295158ad749c5
SHA18f661eaba9a735a3cf2e6a15b2edbc2c450bbcea
SHA256a5b50b2e1b04fef4feb472a8a68b8800971f214d8890b943c5bbd6d610eb0edc
SHA512e91f0ffe2620caa7dfd76b3079cbe9f57e2b609109b209cbc7aa1cc0ddbcd10c9ff52b0f4e2b7a86868f1487bb284201a303f30870da06e12cd1898111c5a5e7
-
Filesize
4KB
MD52ea3f2b924e0cbb39f07f138ab047a1c
SHA119660f9154e93131f4968795d59ba60b59a012af
SHA256b73bc77501f8d3729ec8fb97892bebdac500e4d31305456ba27e76746c7ccdfc
SHA512c4e8f9cffe8392b899d8897b599bb4b6aebcc3cc247d5569a0c3b0f2457cea61ce13b5e4896c211e37e84fc38c389d0a39eae5ea4684dc50c64bc27d8fb83c73
-
Filesize
8KB
MD5250251bfd638f13d5ff71bd14ef13585
SHA1200c936e4bc9eb234d5585abfb1595f0d1960812
SHA25628b18ac8bed18002e79a86f67ee83e830667ea28dc0fdca0e2a608442af56c60
SHA512634ca713c75dda8dee74e3842df420c52ce58e842dd79818caa6cb27ee6b8c8a103a74c8bff403af43fcd993b8c2bac03d8ae173eda9a885fded522fe3cca953
-
Filesize
8KB
MD545e1fc39b1389fe177465a0aac6ed411
SHA11a175f38081d332f03fb824ee8998980f0f58a06
SHA2565559ea1aae090e654414c87a61b48817dccbfb9a38a5d7250166f7eeff68eaca
SHA512caedb519dc8489378d81b9b4c2fb25c1243a4c21084db1d5627460bc98a53f02ff6855a9027a2b4ec8c1e9d4ee60600620ef8fa924222cb31063b5f52e07bd40
-
Filesize
8KB
MD5faaa229f26b96edea2cca9a8ef2222e7
SHA17bca1e4bac139f5fcf28ab4745218ca2f5129a84
SHA256d78a633067c582c34f552a3728dd56c5a4397f79b5e8adcbf0978b1a5767f867
SHA512d2a651049ce9239f58cba39d1f2cea9d7dfefc1a4e85dccba1a9d28aa1e5b5e3e669320422411ea79de6d7592bb35980bdebd2e12c755ce2e5a4662f9508113a
-
Filesize
20KB
MD5f0145e343b5fd4f51ecb47e69eefe07b
SHA110e50a76c3c87ce9c32839c1d0243a155e740284
SHA25611ee08a9bf269af44bf71a1a9c582dccc972c86dded1967a019a3fd866daea32
SHA512308d0c5bec9e50be0b7fc07df46f83257573059e8c2d6c56a0e105aab68d0c7807d043b5526cc3253fd1ed21867a5a7fcadca238c6939587f5b1e87863d9763a
-
Filesize
512B
MD57196406dd5da7758a37a1b7eb6f78a4f
SHA1c32d594425e9d3b64b483c27f8466ae624c63659
SHA2560a614ba8ea3cf2df26d4a38156b25d8954c91036294e81bc1c4f45185d6bcf9e
SHA5123f3ab726b2b63a29345cbf426104dd4599436f773c237853ca3843964866d44550259ee60def7a18a96713ac87233a402ccbb62ac959fbf17f65ac041f2c5c6b
-
Filesize
8KB
MD562ea8a73d105d42f91d56bcdb5b04057
SHA174469f4aa1e837bf385f738f5a17f647e0cc343e
SHA256a1609c0c2c3eb1b43c35a6899922a92c22e9bfae77fef19ccf93d7da5a09e25d
SHA51284b235c360cc6fe77d0d673bec7c20adc54eb7e67be66096e8043db09b64898b60ec8ac08ac3950dc428ed5183b89c00bb377a7fd70d209a42a850ea5d4eebb0
-
Filesize
8KB
MD5d733a673fa65afbe630fc8dba3176916
SHA11e6b406373ea3c6ce8a6fe699912977f19ac30d0
SHA25659faccf746f830d2a1c54f673c64a836407a6740ee3e5d80bc62e67dbfd94cfc
SHA512ac6108d03027184bb499ef4bf19d3ac3a935ca0ce5132e76ce80ac2e0131d25c05f49b13042b1cf3175e0aef1a55f32c91e5be873c06ac5c4135746d0e046df1
-
Filesize
332B
MD57a3d8f93175c6f643f8304a715519ef3
SHA1b02973923879cc0d85e721d4e5f30e5b870bf7eb
SHA256c7b6f17b4b37740904bc797c843e563c58f4754210230c7972adce89492ada14
SHA512c84d8520563cee36e8c94e1917244c3041aa007bb25b58c82e75a3c9fb3086ac33f530c54d8dfe84b4780e58a98a75f6e2c19990f24868ff9943e1ff48afde27
-
Filesize
3KB
MD54da499549eeaa5e59c7ae343abe0a1bf
SHA1ee798a6265bacb06729f73497a2fdd1b58103a7c
SHA25631df58221ceb3ce3e31c2786ea1f238529960fcc7a5b4f6a111303f22b371fdf
SHA512b79220c33c766554d2e6d46eaea7ad83a65120bcf7df3eee9a948e5be12bede3ca5957cc02cad5f1d4bc3998ff4b3e7aec59eae7f3e5b0afed2b6ba368170981
-
Filesize
4KB
MD5c172b6ac27d6fc771b14db8d8a6f5cd2
SHA194c51c0a67862d23612488e036f0d59d9ab4e615
SHA256e5b7c7cc5683b2d0cc414e4f9806608d4855962b715c11bb56732246a341d938
SHA5125ab49e2b2b085e8dc051eeb5238cc11ab300911bf235c9740cf11e7696291070af2b5ae97b99a86b77867bbe5e1d2280dc062d542a8c8bfb25cf8c6bc15a6f63
-
Filesize
3KB
MD5cb777df652f8c26319d2e30fc7674785
SHA115df795840ffe17ddbf191cd08a0c4fed107ac89
SHA256818e1624e9e2e9dc4de286e98f7aa3754c2ed59c5c737d046fbde9b851ecfcf7
SHA512c2ea5b75d05cead41a25df4c4032ded815942eaa56d2571e53c0e7cfa8a92dc1ed30189aa186869c20270b55518957b0cb557e61e8bc5c148515006704fcc17d
-
Filesize
4KB
MD52af91ab6fd8ef6abcae4869bfc783eaa
SHA13d8ff36c6e17a05d3317c76192facb8ad558c4da
SHA25620afbf5ce2fd823a14030dd975aa1cfffa5173e28c3d0db2603bc8b295538d73
SHA5127c7477b03918f2fff69315f851813a03fda51043b25b08c3f83a56a2fefe92e36e8fab03ce007e040ff46beeec43eb2edb3aec0d50ce94dd804347c02fd1b5d5
-
Filesize
222B
MD5224de776e916d342500eb2488a128f94
SHA1ed822cbf1115cac063bcfc8217e312f7029daa6a
SHA256f215ae486c66e87871a417391e3aa6a56e6006ff2ab2a44e204cbec68f385d51
SHA512f3bf846ceaea79598a5c0cec61502e63472e6c74a79850963d689a6fcb3070a1c42d7c5f9e60cbc71c830209c1befcdc11503214005b9cf1bf9d5057bac5a748
-
Filesize
2KB
MD58f7aef3b9d9263bd1373cb3e44d88dcd
SHA1968c76cf2b76085631ab3745eb745f89292f0bff
SHA2560679785e50271789089f075f9ee80334f8041a61664b69dc01d19ba078763bc2
SHA512a161b013d6b41a790b516ff25432e07e9821f4f68fa0142e4119b6e81bbf3635b05ae2724043021cbf3276e19ba742675893f38331b4db6c04bde29d9ae91598
-
Filesize
707B
MD52f2fd6b8e6532e670ce67fade77a5536
SHA1ac7e004668819b9228bc5d4f4451f3e11ed0beea
SHA25636dc32bfa02d90533c6ca4de69a448c63e51166df670e1f2a2782ae0a582c612
SHA5127046da2bd088acf8ab2cf8e7606af842e23d9645df05f38852ce895f3fc35b00ab90e1c61e03db3a0f5d4f5af5a979bc201b8cc3e0b535a321f918539775e500
-
Filesize
223B
MD51467e5561efce06467784eef669d4bd5
SHA108a5a85bd94cb10d43dc8ede73a2de80a5e1305c
SHA25606795a258ceba3b343635860cac86c612ec3da610f3ff7b65184b84e66bdd733
SHA5121b11274c9806c70048cfaa203c4b463ec535a2908953f1c55797f0addc92697964e6671fd55dba4b01f520909e7540be152a60974f869639a4db89235e918114
-
Filesize
123KB
MD53056e1bdb7d4e19789d0319eff484bd0
SHA16791ae47aa9466fe0bca27ad6643f846853bbee4
SHA2568e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0
SHA512c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658
-
Filesize
25KB
MD529469324e59dfcc052f24b5af4e7b2c4
SHA110c1e17ac6f598037bb51baa07945663645de4eb
SHA2569195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a
SHA5125e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2