973fdd824febfc51daf5a910df2a374df9dd9690d89a667ebc51dd978ff32b1f

Analysis

max time kernel
66s
max time network
187s
platform
android_x64
resource
android-x64-20240506-en
resource tags

androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system
submitted
13/05/2024, 12:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Adguard_2.7.215.apk
Size

8.4MB
MD5

ef5bd2cd0637e9939e9956b0c8e6b89c
SHA1

2bcc7ad83c7a0e419200fe37c38bb9851047cb38
SHA256

973fdd824febfc51daf5a910df2a374df9dd9690d89a667ebc51dd978ff32b1f
SHA512

d0464ac3efe07a04fa489ee6a392252ebe141305b319e5abea1af3c3befd3b683970796f78fcf37258ada570212a87abd5dedd4e0fa0cbbcedf2edeb95deaf9e
SSDEEP

196608:3Boh4SsQceCv2g9zQwMfvuPtlRNS4FEQUs1TueNBa9UyqvoQXF4Mn:Roh4SrE9zQwqvYtlRNS4Frnvh9/F/

Score

8^/10

banker discovery evasion persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.adguard.android

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.adguard.android

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.adguard.android

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.adguard.android

com.adguard.android
1⤵
- Makes use of the framework's foreground persistence service
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5094

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.adguard.android/databases/adguard.db

Filesize
84KB

MD5
407d0c1e8d3d94d9599ddde6d33ed0e3

SHA1
46fd73407e90c7825b515d77b6034365c7359657

SHA256
33972649d431701e243b92c10ce44c5ca752644ba955de3a05e88889bfa410d1

SHA512
fbae11d12e3b4cfc0b1b2f3e6a6fcd4c0683792ef6358bdb934a5acfc7d4eac1e52b74635606917d80b8ef60ef04bbc278daafcbbf277b791322869673c92509

Download Submit
/data/data/com.adguard.android/databases/adguard.db-journal

Filesize
512B

MD5
6c93d3d75df1bd6d71b3aff731c4aeb2

SHA1
5ebc32705abfba7343ebdd875027476fe3a6bc17

SHA256
918bd257e927638a50648185e8f83f04487e9ae983d393766349e423713165c4

SHA512
23637abafddffa9a4475aa28dafbe4340fea2250408095582f2b93302a41df17684db29a3dc7d36823fa9da6cd127d6baa7a1ed37a6f96e118f0ece73128327e

Download Submit
/data/data/com.adguard.android/databases/adguard.db-journal

Filesize
8KB

MD5
e0052596e924978b63d890cef593ece9

SHA1
1faf5bca244d1f9f753da3ed308a13284a0bab8d

SHA256
95fb4b746752bdeb68d65984cb1de56b7797c8d11e0ba8d54b10a6a8c7ec90b0

SHA512
9fcd93783337c11cc27c6a52ff7ade43af0c82aab9f0570adeae69fc839285e74a3fd23dbe91b94dd4bcd24286c87c23a68f33f0546fd2734cb1d08a8703a1d4

Download Submit
/data/data/com.adguard.android/databases/adguard.db-journal

Filesize
8KB

MD5
cf69201ca08f6b783cd4fcf63006adc0

SHA1
b93c5f53f295ca8d82617c4d92d11299e0278997

SHA256
b79840d26b21ad397f83ad6017bb73d54d4a952e837916af1598e87b9e8db2be

SHA512
b09a2cedafc9c4dc22651f7abd2f711f96104f8005a0145245a373a5e02988ea2202c1467ba9f85b217e6997434798e3425a99f347f4cfd3cbeb302b8bfa52e5

Download Submit
/data/data/com.adguard.android/files/filter_11

Filesize
36KB

MD5
96b449645b877afab18dc16c23e49221

SHA1
f6bcb0aa6a9a6bd78402fe248b07e27e7a14e335

SHA256
78742dcc706efeed906b3e34e6f700bb505b704fa16fbd3f535fbba693c05c47

SHA512
0d26342866135c8739d709063b7a74713202d5563ac575633a02e0238179cf35a06cd9327d061fceaeaa28bc24503445e0e03ac99dd017a4e68ddecbe558e2dc

Download Submit
/data/data/com.adguard.android/files/filter_2

Filesize
1.3MB

MD5
3e3374c12bacd2b0418447a242003f79

SHA1
06182b80232b9fe68ff4bff9bcc6717fbe600928

SHA256
2cb803f64754019df75cb896060ed7d4f6e19ddbe790ee5bb806c6d3e49ff498

SHA512
a449e7d0a5ee3041991e94864cefd6d3c1b177ba1e2389d98789fb00cb4abac33dee8bd5e64bc6b6939ce3e59b1b18bc24070d42a8167304f7888309cd4b8a24

Download Submit
/data/data/com.adguard.android/files/filter_3

Filesize
113KB

MD5
54a4a934a13c9a4aa348bdb680c61c57

SHA1
4881f349fa157aa5ee737d4544bc2b04232fcd2c

SHA256
3bd2ebddb662f253ac67f36fb96086cb216ad63b80538ebb87c1a826207fc1ac

SHA512
2b962c0502bd74c73604102d6cb548dcbcaac8e42dcc1ea3993a6d43aa0b68ce484670e867e50ae974822d83344beceb4cdf5d82f8019c53abd94c58f1b07fea

Download Submit
/data/data/com.adguard.android/files/filter_4

Filesize
65KB

MD5
f920729e9874a997d0c05379a94bf4e5

SHA1
4b2e118b3177cf980567ea6811a81e978a3cac9a

SHA256
17702bf69e653665bc6961a5838bd4a94be4762bba79e3494e85f96f0bdd1d03

SHA512
4955e8d17db4e1d794af36c22d5d159fc04a2c06234a0f3c37f897d292d397c3775d970cdbf66d51fa1e238ad1749e1532620d2f00c5b2b6e237eebb37ce635f

Download Submit
/storage/emulated/0/Android/data/com.adguard.android/cache/log/adguard.log

Filesize
14KB

MD5
4181adb76b41ed9e5a673ffc51449c90

SHA1
58ea415b30e49d5f715cb47fc7c2b6e82c74f2c4

SHA256
18c387f643a14d02a01b912bf08d53ed53156e887502bd91f19803238e84dfde

SHA512
6a0790dbb122da05baba7cf2a462884c02fd463a411654bd02f68725b0128374a153ec1d9b83ad3453097af601693fc2888290fd74b4ddee8f23bdb761f013a0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads