Overview

overview

8

Static

static

6

04b4a9000f...39.apk

android-9-x86

8

04b4a9000f...39.apk

android-10-x64

8

04b4a9000f...39.apk

android-11-x64

8

Analysis

  • max time kernel
    179s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    19/05/2024, 22:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    04b4a9000f8935c2cc63b751c6b91f13cf1e796432d32e80ae3c8e474b902f39.apk

  • Size

    933KB

  • MD5

    fc31703b08031ebc2eefec5d70763807

  • SHA1

    6b32a1b35f2cf2bd108e07288390cad70f4b6f37

  • SHA256

    04b4a9000f8935c2cc63b751c6b91f13cf1e796432d32e80ae3c8e474b902f39

  • SHA512

    bb5b2c32d58f0f185ffe271fc2319bf0ce24b78fb39a943b7b5f0d13014c036a8f15f632da2d4c2fa4275cb06baa2ef4165abb52b0c3c2fa964eeabb86334512

  • SSDEEP

    24576:O/Mg/1BUjYiJtWK1Eja6TAqy/6PlS6SpJyS/HZvG:/gNR+t1EjTsGms

Score
8/10
bankerdiscoveryevasion

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs

    Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).

    evasion
  • Requests allowing to install additional applications from unknown sources. 1 TTPs 1 IoCs
    evasion

Processes

  • com.spacex.runner
    1⤵
    • Checks the application is allowed to request package installs through the package installer
    • Requests allowing to install additional applications from unknown sources.
    PID:4535

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.spacex.runner/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
          Filesize

          8B

          MD5

          dc4bf1acdc3846f84fe5b06c0827ddfd

          SHA1

          442e8dcdae998ac27203b6b8f04de3d74626232a

          SHA256

          635daf72074999c88fc21edca8372031fdb5d79a2c6f73eebc3b48c55c12cc25

          SHA512

          d1369cc731a5c944917b0017f2edd3734b45926fe84e593629fb7abc86eb71f30f7e09c625225aa1a2f62ea02ba53c659cbb55ef8ac92e578b9afecaf61d3183

          Download Submit

        • /data/misc/profiles/cur/0/com.spacex.runner/primary.prof
          Filesize

          468B

          MD5

          a904cca0007b564ab23550068b91a4aa

          SHA1

          14d78d938e6a270b7012b272fbc4a8e8e5274b7c

          SHA256

          7f1dfbc2c757dc2e552a905730b78438b82f0b67576b05c970b1b856a35951b2

          SHA512

          3e74c5414f72912d31028b22426eb7689c1daec3d89b0c88fea9ad9561227a73b76f6035961ca81c44ebc0fdc1c3765592118acb5af5515bab7ea4a11cda83a1

          Download Submit