ebd087cee8d99f68726643c90cc4fc8c48645d262cea6b577e3629808e79d996

Analysis

max time kernel
103s
max time network
179s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
14-05-2024 20:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

box.apk
Size

7.0MB
MD5

234c80631776ab147b67e72dd99d80ee
SHA1

7a54c1f4bc0d5cf58a21cb2dce177851a660ab7a
SHA256

64a84251f525aa4e5368b5bf4b87aec5ffa2f5907cda0005f73505c67f978280
SHA512

3a22ed0f3b4ef71d5a64fb66a9d3d12c4d2dde234cf3c5640b3bb6d5929ad1b23cbba0440ceb43113331fe0e8f826297493c358c7f492e7db400cb6bc224d29b
SSDEEP

98304:UAQWC295gIeXkMUaYfeNjgc70fGCgyVDo97NELpYWTS/RCVH0LZzvNcGGxpeVk/G:eq5ggaYsjgceGreDaup6RGHC1+vvG

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks memory information 2 TTPs 2 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.a3733.gamebox:pushservice
File opened for read	/proc/meminfo	com.a3733.gamebox:pushservice

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.a3733.gamebox
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.a3733.gamebox:pushservice
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.a3733.gamebox:pushservice

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.a3733.gamebox
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.a3733.gamebox:pushservice

com.a3733.gamebox
1⤵
- Queries information about running processes on the device
- Checks if the internet connection is available
PID:4296

com.a3733.gamebox:pushservice
1⤵
- Checks memory information
- Queries information about running processes on the device
PID:4425

com.a3733.gamebox:pushservice
1⤵
- Checks memory information
- Queries information about running processes on the device
- Checks if the internet connection is available
PID:5075

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.a3733.gamebox/app_crashrecord/1002

Filesize
227B

MD5
0c0c1522921af0c70bcea2a49ee30aca

SHA1
2d73ad80b1d32ab748700b1cf07cf49af62686a8

SHA256
da0de4e52c42778e5b82d083cfb4270157bb62a09116f015d48e1a8cf10748a3

SHA512
aa86a36bb253c89cabfa96ced7ef1fd5f3197b90ee258f1e1a766262911fe35f2f78f2c8179f122e8c430022dbd650a53a224083efa701b39c4ccab0ad8115e0

Download Submit
/data/user/0/com.a3733.gamebox/app_crashrecord/1004

Filesize
58B

MD5
0d210bfb2a0e1f1b4c082a6a0f79de07

SHA1
bb8ed9e364db79d1d9f2fcde3f15091893222faa

SHA256
988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

SHA512
536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

Download Submit
/data/user/0/com.a3733.gamebox/app_crashrecord/1004

Filesize
227B

MD5
d2f9ccf019c0dc1f9a6e88fcb249c16e

SHA1
10a4550e56ef9c309b34b40ea34d086132669d89

SHA256
98468d2cbaf7d8b0ad58ef51ff166aae9ac9f70bf7e6b3d293f572661d675715

SHA512
bf16bec5f2a6d9483527e9ea2ae5846a03fb534b9133611ed35b0ac1d8aaa7f11715b83b363ccd98fa63b39989fc30b4b7ba9f73656033f1f852600dd7f89681

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_

Filesize
52KB

MD5
a0eb553b2ecd43ac5a3949fe105a5aa5

SHA1
6e8be7b400a2ffcc773974468774cfecd21d4899

SHA256
8f75605513036da9bcde018ce29ce1843d689da488223824823694a5d486bc9f

SHA512
47ca536a16be3b4d720ce1aef08a450b5a207ab3c9f04121400d288ac0d878db6df112c7e4931ffffd2618ab4f106327306cde12fb7e108773e1056e87012b6e

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_-journal

Filesize
8KB

MD5
de0d6aae6396ffba30a7c92802db7981

SHA1
f8867c56c0b021b2c3d0a1310c1cefb6bde0f653

SHA256
bb884e7fe345613045cbfc7242046428759916037d4ba761d1908ab6f7e0ae31

SHA512
dc10741b7e42750c2ffe27cabaf4f8bf99347de1f8a11e5b963697199e89fa18732313d2a0013afa08adc2bb7745ce6f98d69be4868d65078e974a2b0b2709a9

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_-journal

Filesize
12KB

MD5
56a6f0b35b29b0c5189e26a2f2ccbfa2

SHA1
d2eb65473bff307631e7e887b09bdb643979d7bc

SHA256
7833f427ca42d29f2691a69e578efe8783ac3dbb909fcfdb840b6bb138a029d3

SHA512
602fbd864a5ce15ce4075095fc7053aa7ea8c6f33588b5c7de78e411459e8b89701124330e1e97b9667b5028eedc7030f54507ca1ff89a833632b06fe821033b

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_-journal

Filesize
8KB

MD5
91a2fc1c7758fde20b29e7f1a6869783

SHA1
f3cb42738c733f7f716c772af28f6bee694e6cc7

SHA256
e57b693daa6da85f1a4e33d50b2b4218c0649f43eb2368df9a5047ebc8f95e72

SHA512
260f70ba69561385b67867726e39802a04936835152419aa44c4a29b7bd8daa929b500864e1299265330205c8e6411ae500a976cb01daf02797f166968d4d959

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_-journal

Filesize
8KB

MD5
d882fc234ad80448edd93e6456ed5aec

SHA1
99ad9674cb468184b354471acdb042e0ccc3d40c

SHA256
86612b7c25db17a4445ba9dc6f548ccc3dbebadae454fb9463f2f20e9c94466c

SHA512
44a2b784db76acc8f4a6e66140ee448a7b78e21f13a5fd84ecd4bff4d57f4ebccb15e381aaa4daf3015466ac2d0a4d4a983f895568c9c5f9c8f99aa340098ac0

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_-journal

Filesize
8KB

MD5
b6fccadcd4a7d1e03998956255d26307

SHA1
86acb922aaf2c01708981c9444a0a17333953448

SHA256
ec043040e2d47d2b0aeafa4dc15165a4d0c6eee2ccc7c1f1415584f0e60ae929

SHA512
a297165fd079116ad0927f9e29a049753dab5ec4cd3b23456376b6d8125cbd59cca3731b5a9eae106fba4ec0366b8ba7662e8a175ff3281a75946744295cf8b6

Download Submit
/data/user/0/com.a3733.gamebox/databases/bugly_db_-journal

Filesize
8KB

MD5
b181d43bbe1ec17fafe137481d2e701e

SHA1
a483e2b4dce6c3b74791525d845467590a08464f

SHA256
14e28a448996cc5d65798eb509bb2ae2005a0aca1fe44ec546c8e362d339ba08

SHA512
9a0fdb0ab70bdf58cd2283a1f1a94c8cf9e0ea7350d57bd2c50f589507fdff7710d9ef8d7dd3f5e97874202829f716effc6ac4d8388486ba8092ecc460fdd91a

Download Submit
/data/user/0/com.a3733.gamebox/databases/green3733-db

Filesize
76KB

MD5
0fedbe359dfc9c33cc788742b6909dc8

SHA1
54b96af6dc2a428b0585ff5031ce0908324c6b84

SHA256
5267e8fbfe81c95359205cf8beac9e384a09f7f211889a73c52995df8fb300d6

SHA512
861a2b66501096381347bf3a57735980f91315428fb34ca162496cd4e576f0af75aba25749df16a2a4d2e5aa5b4eacf85145c1caecedfbae856c32a4ac481c76

Download Submit
/data/user/0/com.a3733.gamebox/databases/green3733-db-journal

Filesize
28KB

MD5
c9ba44a6b48be6c6904f6c7ad3194e8e

SHA1
4a77e4757dc135dbd1050dcd8a274c81c0989ec4

SHA256
c1d4cee5cfa13b88cf215dd8f489fbe94aa98f631512ea7fda5eeeceb98066c6

SHA512
788aa4ea251641ce4f6e818bde2f0b87bb42c99f05defd703caa0e34e021138501d416db11ebe7a140b3c2dbf00355cda729ca19aaa46904003dc87b9ccd29e0

Download Submit
/data/user/0/com.a3733.gamebox/databases/green3733-db-journal

Filesize
12KB

MD5
5a6da9440812f00f4b84f5f4b3b1b8b3

SHA1
b8af0c8cd7e68d4b46909ab0210cc61c710bc3d9

SHA256
ae0b4203d51ff09d9684ec9a30c2ddd53e9c67ae363613ec5a962fb2c133f636

SHA512
21689a69571961a3f5382ee0e9d6a916b60edf9ff608fccb8f65dd1c720c939e0a45133dff8c39757d62944c129f1f440b915f72fedbeacbd309b8eb6b5fa083

Download Submit
/data/user/0/com.a3733.gamebox/databases/green3733-db-journal

Filesize
12KB

MD5
8ff3be41d516eaa9210763e341b250d7

SHA1
606b1efe41b31caa1f549890f0191d822c173495

SHA256
861af378c72e5557646f30961d66a32ddb6d560e8a490df9e8dc1ec30afe80bc

SHA512
d560ef3ab9b979fdfc4ca07d917a71a0e7ec7442cd99bc31d1c25b4756ed541c1b637c63ec3fd13c3ea7a724338362926c1399ddc6f688d0255454e5e9affbbe

Download Submit