Overview

overview

10

Static

static

6

upgrade.apk

android-9-x86

7

upgrade.apk

android-10-x64

7

upgrade.apk

android-11-x64

7

childapp.apk

android-9-x86

10

childapp.apk

android-10-x64

10

childapp.apk

android-11-x64

10

Analysis

  • max time kernel
    47s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    21-05-2024 05:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    upgrade.apk

  • Size

    8.6MB

  • MD5

    879341f5413a5c3b7c2ae9cb1dcfd63a

  • SHA1

    09115e34bb0bfe8d649237993f995c5161363c54

  • SHA256

    3cff417e481167c5065842c64f44b070538d993381d8cee8313ad1fd211e8999

  • SHA512

    05ac12cdc81561107a90029eb83a6fbf249ea67beb4c8a282b71046c0438a37e6dfe34d0e95d49e738eb63812631af0a833c6ddecf489eaf407eab749b2c75c9

  • SSDEEP

    196608:/J1eEIs5uMib8n0QKpVHlEmshxNJgYpnnrEjc02:B0Ed5MHmmsZu4nnwI02

Score
7/10
evasionimpact

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 3 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.appd.instll.load
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4284
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.appd.instll.load/app_ded/kQ9qiKvhqbaZvEga52oZSwe8453ZV0wn.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.appd.instll.load/app_ded/oat/x86/kQ9qiKvhqbaZvEga52oZSwe8453ZV0wn.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4310

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.appd.instll.load/app_ded/kQ9qiKvhqbaZvEga52oZSwe8453ZV0wn.dex
    Filesize

    4.6MB

    MD5

    e65bef9966515139314174ea44f7ac8f

    SHA1

    ffc3a9107e89b927a32a87c5ae04c0baecbe89f7

    SHA256

    fa08514b31f976b2459aacfadf6ee390a1cdbf542c3c0d706e0469a134eb7188

    SHA512

    c96f857500e3194335a8e9a89bd91de97415d4f483293f5b972b158f759d53562f6934fb9032045fad6bde82e2525a5fc39c7a4b6006e622b3de16f494a5c0ea

    Download Submit
  • /data/user/0/com.appd.instll.load/app_ded/kQ9qiKvhqbaZvEga52oZSwe8453ZV0wn.dex
    Filesize

    4.6MB

    MD5

    b0ca0bcd8e45b0e4aab6c2eb31bd81a5

    SHA1

    691c9f488be4257d20bbb7d04eb7f59fac564ba5

    SHA256

    ae2cca68e06e89bbeb3125e9f6acbb50b2ba09d97019455cc865555dfadca762

    SHA512

    9a1173a3355341b674778a090d804ae2ff564c1fcd57a3de522bd137f9612c7e21178c0047c637060a2caaf46807c9dd82042d3c5920dee4c142a438c490906e

    Download Submit