b79dceb65824ac7c9fcb3c11b9a009d6934ad0da5dba4c4550f8e7110c628faa

Analysis

max time kernel
6s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
19-05-2024 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b79dceb65824ac7c9fcb3c11b9a009d6934ad0da5dba4c4550f8e7110c628faa.apk
Size

3.1MB
MD5

42c5a855abe66a1b833889d4820754e7
SHA1

20c1e64accd4e2ed6791beffbc2e0d0fc525b911
SHA256

b79dceb65824ac7c9fcb3c11b9a009d6934ad0da5dba4c4550f8e7110c628faa
SHA512

ccae3c8fd113b70517e673f204faedf3662295da10d2565739a6ee3ad464613dd06458800eca7c043090ac47eb26944040891688b413cd5de2f5920dab152490
SSDEEP

49152:UthZD5+Km1uUKmCNP2I1qG71IgT41ptesLNXcnyUCPFgyivE9N5Hl:0/MuUqPt71Iggte8bWvE9N5Hl

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 6 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/year.gardens.runoff/[email protected]	4264	year.gardens.runoff
/data/user/0/year.gardens.runoff/[email protected]!classes2.dex	4264	year.gardens.runoff
/data/user/0/year.gardens.runoff/[email protected]!classes3.dex	4264	year.gardens.runoff
/data/user/0/year.gardens.runoff/[email protected]	4264	year.gardens.runoff
/data/user/0/year.gardens.runoff/[email protected]	4264	year.gardens.runoff
/data/user/0/year.gardens.runoff/[email protected]	4264	year.gardens.runoff

year.gardens.runoff
1⤵
- Loads dropped Dex/Jar
PID:4264

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/year.gardens.runoff/.jiagu/libjiaguv2.so

Filesize
277KB

MD5
ac7c38994ccae5da411d9dfac19be51b

SHA1
3b30612a7f9f3bcc65dbf0445ee91f25e55392a9

SHA256
d242f9fd458c1da022e2bd8b967f167e5e35c460cd27d035aadf55bfa83c6738

SHA512
08a10496349960ea7403f698e7e451291d362bc7e2b1a8eb8348745d947500af732af8d87a96f0884b668272e3eedb7f84e6d01081114fbbd46d0357fc12c9fb

Download Submit
/data/user/0/year.gardens.runoff/[email protected]

Filesize
745KB

MD5
89860c25da085b5a266562e9d5fd7761

SHA1
4e5b4a5f8a29f52bd489e22d50f2a71a5e3e2d71

SHA256
e4198c79cc2bd74ee8cf43649de9fe228d5435d9ac8a1545a32a6d7e4d033a71

SHA512
efd2deff46ae0fc77c336eb654b6287c90ff2d4139d435e90c59a2d8bfc02cb5a456a992ec44becd9485e51bba1804d7bcf391038906104ff836192fd3f5eec2

Download Submit
/data/user/0/year.gardens.runoff/[email protected]!classes2.dex

Filesize
739KB

MD5
d17194a894e95043107e35302a4e1860

SHA1
0940c7af3447a3bb68476a04ca261971362382b4

SHA256
313cb7e466eddf07bd5ba686758cd160f79efb9a508ff09afa9678f6e156f8f8

SHA512
e39349be907443c2a956e2bdee03e25fae7ee03fbc166b5a4277275e9e31ef702cc081527021a14f9557b35ff6b3e176f0339e53ee0471cfbd814a801b723767

Download Submit
/data/user/0/year.gardens.runoff/[email protected]!classes3.dex

Filesize
675KB

MD5
8b7df5f44d439452fe1ac959959b198f

SHA1
84c7c5a17011c9c897a11efac0de2405c1f72c83

SHA256
8b88a94f98c691d3d6430dc67fcfc56d408506fa569cbc59e15c65808b2c29f7

SHA512
926ab38d714c832fd39755b5350950ab6df0f950dd063b0c02be4e57c4b10c3459c775a636a576e3f0ec6355100524584714985bbac3e4c4d447ea6a12b95ccd

Download Submit
/data/user/0/year.gardens.runoff/oat/x86_64/[email protected]

Filesize
48KB

MD5
bb7350ebd4941fc5a59af7f4b7b12d72

SHA1
8d153c8866110ddeb72d3ae14af44fc1463c850c

SHA256
a9bfff1c94253c816ee5bda23fc3a206383d45f72787886e91cdcc91e91b8071

SHA512
02b0122c33146663679c282979ff0f9ccaaa3ca25f2ca091ed1cd7d279686556ec6b4e579e9ab7241e56268abb0937fefbf2b517891c849128f2395d2f19db4e

Download Submit