443f401d2bd82f5f4f10e9236e89a096c0d78de056650e354bad68cccca4f05e

Analysis

max time kernel
10s
max time network
257s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
14/05/2024, 20:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CapCut-pro-v11.9.0-capcpro.com (1).apk
Size

240.3MB
MD5

241c51b7d95fc85997cd3e8c5fa10362
SHA1

dc3bd90a49d79bbd0c7019c00c6c8955b045b6a1
SHA256

443f401d2bd82f5f4f10e9236e89a096c0d78de056650e354bad68cccca4f05e
SHA512

cae142f7477ed9d5dc33c860521964a7b08e1ea4fb9af7f0235dcf05a7df6e1a563301fb56404d707bf10563480729e260a23f869606e289b53d7321cb6ef1c6
SSDEEP

6291456:JSeJ+fqz9mxQtEg/A4K4h0VGzmGMpV/GWAhljj3gXdIK:oeBzsxQtE8Ac+VG1MpVu9e

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.lemon.lvoverseas/[email protected]	4630	com.lemon.lvoverseas

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.lemon.lvoverseas

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.lemon.lvoverseas

com.lemon.lvoverseas
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
PID:4630

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
3ac37fbd7ac1579f4464915cfcb03538

SHA1
24fcc6bc3c1952d55e2faf821a50dd889e02f13c

SHA256
a4d4ec6bd1bcc76f45763dacafc44e90189a700b413949a575aded400237e382

SHA512
d537315c141ec6a23eb05bc16999c5e0736e8072a16a7e015ef57bb919a24081073584d7d7b49f59acd3c1fc8db13a68ece72f781a114d3d089f313b055398a2

Download Submit
/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
f8ecad01f6b87383ebf4a060fe724e2a

SHA1
209cfe96cb22d982118db6bfbbb22dad18f9a5e8

SHA256
c185f56171a20bc6d52ffcdd0c58fabf5ed35c5eeacd9f04398b49fc978491a4

SHA512
636ced6c217b14b86b7bc40265fa166224adbbb1ab95e75b4669853a96efa1c9ce8212cb0db4c3ba997eb0bce2487efa882e1ab600a0eddabc3400e7917f4f21

Download Submit
/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
e897e55ecb9dc939118e3690267ccc10

SHA1
78dc08fd797a8cb21af2d7ff8e17c00020d6648a

SHA256
45715e4e3e1bd3921d5930f46be061e253eded3883c1fe2b66dadb46958f812d

SHA512
78f81a1bf39e726eddb6f8abea8040571c1c20aa16a0eb78152ece979abed417042bc86fdc93c6ffaf06294459bad4cbc50d6a492dbcd6defbb0d60a234d38cd

Download Submit
/data/data/com.lemon.lvoverseas/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
91d704d654c86fcab09a2709e1a1b850

SHA1
8357ecc710088007b13e1aadd9cb489eb38d01e4

SHA256
1fd0c17e0aeabed5e17954fa815557357ec3c921c7acde27e586d2989d847b55

SHA512
716ae7484c2f1a51fb7ccdee26d03b9c7948148a5bd1eb5d24cc09f3d140f7b14dc462c70703a175435f593abd7fc89844e656c40aa2a4c62d30c25cb3e791cf

Download Submit
/data/data/com.lemon.lvoverseas/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.lemon.lvoverseas/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
6df72eb0a24bfad2445e1ba527f99a03

SHA1
11ecaaeaea1d0eb7946711bad6faed26034ab1c0

SHA256
e993b62511011da716e574eb1286ba8c4c02cf88d1ff1031fd5b2b7ea2b936fd

SHA512
6838d518921d97ac501e702ef82612fee068523bd72f9ce26a18e75c72cb199ac8a57fa3279f6a901dd3fa124996534e5365013c1ad4ca269bded1dbb1fd1ca0

Download Submit
/data/data/com.lemon.lvoverseas/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.lemon.lvoverseas/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
e091ea190f29efbc0cff415170fddd34

SHA1
d874c7c11af9d7e71535b7f680f0699c3b82d7eb

SHA256
5de6830af7ab4bd3ffacb39b1cfac41998a550b613c062efec8e421c80f44c87

SHA512
d5ff8410186d8fd002799dede0fdd0368b7c728fb275879c3ae62f0ff59fdfbcdea0d6dfdd8988d40f847d963dce2ea26044ec4300525c4913a323fb7a7eb4a8

Download Submit
/data/data/com.lemon.lvoverseas/oat/x86_64/[email protected]

Filesize
3KB

MD5
4b2325c09645b864ad67fa82f21772fb

SHA1
b9180706528c8edb82daf0fb291639b56f9f099d

SHA256
6e05e3a240578efc63b5b8142691d31d6e2434a89bcabccd8e642d144441025f

SHA512
54c6ac7bea9ac076507cc877d4ea4a04b0a8ec66f3c591dbc85bdfd0ffa457b7e7418ad8e4685cbdc2ae671928c0e7c6754746d2e273ae013e7c1b34a943bb2c

Download Submit
/data/user/0/com.lemon.lvoverseas/[email protected]

Filesize
2.9MB

MD5
520a71d314ca50619eac765afd2909b4

SHA1
7ed7c3e07dc44497b5be3c0634eab52a153d9f67

SHA256
38823558b60ff7c993a41c74cc2e47c48932d773d0cf3ac9f608d2a89040b7bb

SHA512
409c471a5856616e4401fed4a2a581f1a5779d79fccb4abee5259a347317bcca4f3404808504ae08c9ab515173b08c8e960cf3af833c9a4e80f3e53a2096adc6

Download Submit