1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2

Analysis

max time kernel
4s
max time network
144s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
15-05-2024 21:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

83ae44741a62282a0133cbbda73cb65f
SHA1

d2ed103e8aa54981b02eba1bd20039dcc4c3d945
SHA256

1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2
SHA512

f54afbfd1bbd5001dcbb0fc2ed7b52f1da61f31c7938181f5a892a5ff6dd6685bf337f9696381b6625d30fa01335d880477f5c2f1b15dfc21d424b6ddb4936fa
SSDEEP

49152:f/QOZrOHIERZDYQEhuErSdlHdEcHDiwy326P4vUpOspgDAT4cfO0teaHrpyId6J+:3/uDbEhuecHJeiWOspuEl5UasN4

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mycarroll.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mycarroll.app

com.mycarroll.app
1⤵
- Acquires the wake lock
- Checks if the internet connection is available
PID:4309

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mycarroll.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.mycarroll.app/files/PersistedInstallation4602034540091940447tmp

Filesize
90B

MD5
22a8d963ae417a3b6a33dca42ab4bc37

SHA1
70c49eac6de4cfec6b30a5e2161bb5a11887eff7

SHA256
48adb0e979469474e042c295dbf4d34dfcd9f387649c7189a217496eeca15afd

SHA512
5f422b3c759cb0de64bf304105ba6dd3cc988bfe7fb2aae3efebb4daf3d1949cd63d85d1c6025121b48c06588c0ec195105323fa3545ce0bd4bc520013d33761

Download Submit
/data/data/com.mycarroll.app/files/PersistedInstallation6168216280106235365tmp

Filesize
568B

MD5
928223248db972e32835a18f5bd8d090

SHA1
302ff9ddc7f29d7aae8e3f82803afc449a2fa7b3

SHA256
31ac47c5c857228b283db955e56a917e48bd808527e854a28895fceaaa2366ab

SHA512
d9aff4b3d5218bbbd1aacfb9fd012f8e2faddb76df7fb0e95a2661ffd4d79c0adca4f6b49f29c23164e3e1950793e1ecc14b1151b67fe7a53860b927d2e4af65

Download Submit
/data/data/com.mycarroll.app/files/port.txt

Filesize
6B

MD5
b143bb9b14c916972f31e4ce92ce9fb3

SHA1
9d365fb5be0934e134cede71eaf6c29e5170f656

SHA256
bab3ce5611fdd6dcb48e24c4a8f7d34e2f0b2eaca95418ce0c26152e8f2a844c

SHA512
89993f29ebad7daee5fe55c460082c86eab646647666d2d6113dbf8c7739bd42425857f539b1c071dba7047c590b4ae11b95b0da2f4de3ab9a95639046453ed2

Download Submit