1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2

Analysis

max time kernel
159s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
16-05-2024 01:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2.apk
Size

2.8MB
MD5

83ae44741a62282a0133cbbda73cb65f
SHA1

d2ed103e8aa54981b02eba1bd20039dcc4c3d945
SHA256

1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2
SHA512

f54afbfd1bbd5001dcbb0fc2ed7b52f1da61f31c7938181f5a892a5ff6dd6685bf337f9696381b6625d30fa01335d880477f5c2f1b15dfc21d424b6ddb4936fa
SSDEEP

49152:f/QOZrOHIERZDYQEhuErSdlHdEcHDiwy326P4vUpOspgDAT4cfO0teaHrpyId6J+:3/uDbEhuecHJeiWOspuEl5UasN4

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mycarroll.app

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.mycarroll.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.mycarroll.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.mycarroll.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mycarroll.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mycarroll.app

com.mycarroll.app
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4294
- ping -c 2 -W 10 -v google.com
  2⤵
  PID:4343
- ping -c 2 -W 10 -v google.com
  2⤵
  PID:4439

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mycarroll.app/cache/1

Filesize
30B

MD5
8a0e0e38ca6cb99521cf5b6aabc16546

SHA1
22ba8b27226a44d4e95d958ddb4dd8d778f6ed68

SHA256
ddbe28591faa50935ec4aa1eaf0dad65a35236450711525d6c83104d34173a92

SHA512
7949721cc010b0f20bb7c3af6e704fa3ae0d1af2f46f2a766ce7a3fdcfe4ea0d883f3d37c06707ad7b34ea0f8202f6383c5ceedc90cf31b1b87f8ba62fef6c47

Download Submit
/data/data/com.mycarroll.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
33ef6e4fa77f54ddd1056002ff95671c

SHA1
3afed5471f5f316c9421acceddfc7cb8a1b73ade

SHA256
89640da31916359d575fe943d14e613686e71978a3163b9aff8875cf795a9f32

SHA512
b9fd26fe35e1974b67a45623e2c8bd8615bb1a91d1161b699c1aa4657fb22e0d18b9f4bd13c66d031904c37356d8b49939b8a358595f32241ececbd40a142dea

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4137099bb8c2dd742d81d7916c5ab5ff

SHA1
2e9f141e38fae8668b93c65b5c30aabf91be4a20

SHA256
743483d209ed5f5be4b0dc308a0c975fe156284cdc22cbb045354f424ae471a4

SHA512
6766d9d3bce0e973efc3686af8a22e8c3837626e9b1522f49c2727443eff30d0a215e2afba0c07d7ae8e311a9b216468abfcdbadf70f7862327a18adb6040f40

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
058da6d2478ceb4fb344d6d32e7163ea

SHA1
33c9b7e5c3955d977271fd4fd0ff751eab713469

SHA256
fc7b365e112e31d87e7097d637a61396b6d745669be13db31c73dedd8047a084

SHA512
07ae5863995385e6af3cf2dadf632596b3b442572446e85648cec0eba90555fec0be94d823ffceea4297f8292dd03bbe77608cc6227f3530b781e9e3fd04d929

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
611401579c78a124522f06f0545ee6e7

SHA1
3693490a77894e856094c1b82074e305f45d504e

SHA256
3a3f425c2a45d0a5f861d90083a087ca6b20c310605ae1d69d6b4f8c14ddbbeb

SHA512
aefd2a855ef8ab173963819ff40319a3a72a2362d334f814845d6b3a28ecf8986f4de1e3b3c83b3112d7fc5c34dcbeb6752209bf751a5d8977b3b860ced21603

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6e51f0580a08c55cb6598dee996c9be5

SHA1
225ee2d2dc97eb5e816e7c219c2212f7ac57a835

SHA256
6de59d2460af67b546c95f2ac9d7f38945f3bbfc46645c7f291ecb1dcfe05ace

SHA512
baacdfdef9d5d6abab374878f63d6749862f7f2bee7d27ec859ba2655d21fda76721bed71d1bde0799c332b0ebb6ce317d18c08706e36b04b0c0768fabe89f90

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6085c7f90f80ebbeea3e0a577afeca20

SHA1
0818a39168b70443c940f822fea9149f0d7a740a

SHA256
a28c86a22b34042e58b40df82fee1d152dcdc6a455b295f02a7343cc49a56a28

SHA512
b3c0f7e7ab84ea5c37897747fece2338e1b8c1cbbbeaf6305c40100eaf0d9ed9753be723bcfe62b18c57addafee45a282bef50e81a79951b043f99f1fbdb3a9e

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f3e0cfdd46fbed9ce733b7d4431c6640

SHA1
7e546738ab1db65e4c79bf7adbe5c623a356aae1

SHA256
6db6426478467a7cda29743cd5ad40ad0bffd0584065fdf069b27ef6832d0890

SHA512
0f85779ea91f1287067eea2b6a9a44cadb66d15d9c1688d42948e801bd062aa51904d5269e7b844986a121bd479e1435203ad6d70b5d2da229b7b851e1c4e605

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2b7c189ce20cf85e9513e745f205c9aa

SHA1
af6aa0511d08ece806f6b1a6dee3a565ea703cc9

SHA256
fe2f1572ef5d4279f7456ea221c157470c99bb540030ad21ff20790f3ca9921b

SHA512
5d0885f7ab2b28f90bf4d647fc75f6eb5b0fcc3ba3eedd873b7b937670374d0b7e5082981142a1cc0e4a784ff1ffc68fe1498c486ef5c66a1308bb100950a071

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7f49bb428d46b71ae815509bc201c2ab

SHA1
7f8aaf063d587752ada3be7866fac99794d022dd

SHA256
5e8086b0f90e7c239e12f2a77720091961b14229c1441c9900dd1444469b0e51

SHA512
8311ee8eb7c9b1d68cacc4d92dc67954e9a9bd82114e97f039986246a45eb77d2b5f2513101594ef4e7a026f2621e2cc935b94acdf527e3b5d5ccc5b00756ebb

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4a44c14ace60ce887bdde8bd75557588

SHA1
c3e502e9899ec88553ace10f69d66584a3e42616

SHA256
4af70c24d246515a827502efc2130fd1c9b31b4bd81f233f1b43913f531ecbb1

SHA512
29d83c73ed603a8531ebf0564e1851914ed2455c7fd5b411cf6618938d069ffe39b09d8d1669f030004249966253f1066e29da9318659d43b7369d080e278646

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
39cf5abc36cf09d96c4580024c44d2fb

SHA1
8dfce3ded11a58ffa6eb8e8e002441f973d4ea41

SHA256
a6d2a5182b121b1d6e5b17f400d64e510bdea23eeacc422d3c4cbcdf1183841c

SHA512
4e526daa12158a0afada6c41e914fc3624131a1f36218148e3d9a9d200ef50301846e52244a4d5d0a347355cbcae5ac5dad97bea94259cabe0c2993b4e4479b9

Download Submit
/data/data/com.mycarroll.app/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
75ee7294d88c53309b27a02dae7f676e

SHA1
635c01c3ac7cb418ead73cc14081ef92f522e2a6

SHA256
1e2d474a1922be68a544a0779b8d2e6f0b17a4decf93ef21bd4f3d46079483d3

SHA512
efdaeffdfe837b2bc1b14d7e7030dbb7edd97fb9fa553a02d90e0336a029ca74c8298a2e71e992ee11aa8555734fab5dc3637521db76884948daca4e2dbf2828

Download Submit
/data/data/com.mycarroll.app/files/MessageId

Filesize
1B

MD5
c4ca4238a0b923820dcc509a6f75849b

SHA1
356a192b7913b04c54574d18c28d46e6395428ab

SHA256
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

SHA512
4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Download Submit
/data/data/com.mycarroll.app/files/PersistedInstallation1526369903264478490tmp

Filesize
90B

MD5
15683f2bf9472b17b65939f925bae028

SHA1
c45a749d978a05a2ae485a4afa9c18f4ddd57795

SHA256
46a365707aae4bbf182b9f1f401220e9acfbb577b87c90034c8d7596ec3d3083

SHA512
4ed941471005702a6fe0843c7255375feedfdc34ebac65e32c332a34ed73338414978cc791fa8e8b044b965baedbaebcefe4c494622434e678c876b4bfe9ffb3

Download Submit
/data/data/com.mycarroll.app/files/PersistedInstallation769603698939267176tmp

Filesize
567B

MD5
b55845a407382bd410579b55d14b97c0

SHA1
979ccddebadc579cd52e03b3d4d79fea56911962

SHA256
427d73923096d70d7c90c47e7376eb894830f3c30f35c0c0ffb5d76d62bcde8c

SHA512
ce14cca3893631663c66db7f3f59368d55a9ab6112bcb9044ca86074a12b906e3b5bfb12eef4857ef2f837e65a24bdb87562d6f84e0b846ea4ef4021b877c241

Download Submit
/data/data/com.mycarroll.app/files/port.txt

Filesize
6B

MD5
b143bb9b14c916972f31e4ce92ce9fb3

SHA1
9d365fb5be0934e134cede71eaf6c29e5170f656

SHA256
bab3ce5611fdd6dcb48e24c4a8f7d34e2f0b2eaca95418ce0c26152e8f2a844c

SHA512
89993f29ebad7daee5fe55c460082c86eab646647666d2d6113dbf8c7739bd42425857f539b1c071dba7047c590b4ae11b95b0da2f4de3ab9a95639046453ed2

Download Submit
/data/data/com.mycarroll.app/files/user_code

Filesize
5B

MD5
8bb4cf25f650a89662962a152efbff00

SHA1
cf26a52644a7b28598a852aa82ed163604ba415d

SHA256
3ff96dd3d17f6f84b4e9e82a00d8d3e2e0930950e8fa5d1b546450ea87cc60d5

SHA512
17be9dc202163f233c92a654b72ce93c424bddda537835819bcb4f0ee95e2cff9ade19d7c0059627b5bc4fbca072caa1841f84f482f8b6ddd6c4e2e739b5e048

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads