54583791e1d906c2f77b10feec1d842ddb8afebc14f4ceec0483e89fccd194e9

Analysis

max time kernel
14s
max time network
140s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 02:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54583791e1d906c2f77b10feec1d842ddb8afebc14f4ceec0483e89fccd194e9.apk
Size

1.7MB
MD5

edc01a21edd133ad5bc5aa55b3ea69d8
SHA1

ed8fafe6d124ba507a5fce9ff85d2f86fb27d8e1
SHA256

54583791e1d906c2f77b10feec1d842ddb8afebc14f4ceec0483e89fccd194e9
SHA512

634f5d0b1f0feab2664dbdabb98349132f00c1fe2d23081b0eaf6fa6ac2798ba6dd990b673e20604c3f61e5b270be9c6b8ed5b7d136cc25fd90a4f546e4fffbb
SSDEEP

49152:zLs/83DZwPJ9KsCC2VxBTFnovCnWhlvF+LclM2r0:yhPJ9VMxB+v+Wz0Lcy

Score

7^/10

evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

Download New Code at Runtime
T1407

Processes:

com.epasufob.kybavfgt

ioc pid process

/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip 4241 com.epasufob.kybavfgt

ioc	pid	process
/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip	4241	com.epasufob.kybavfgt

com.epasufob.kybavfgt
1⤵
- Loads dropped Dex/Jar
PID:4241

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.epasufob.kybavfgt/files/449741.so

Filesize
145KB

MD5
a5840239547e86ff7233c95bf43e3fd1

SHA1
a76f73100e88f790bc4c802f08c3ce94ec11e8a2

SHA256
8d3357f889f5f96aaf4dbdf854fc8585a72dd3830174ca6a108aeec0e067b973

SHA512
efcf40e66faab794a3c88aecc9900f26e060d259902517550228c404a05d9e386d4e95642fb35c4e16285f324e3c9f36a0173e6cc3bb63b96357d1ae05a0f926

Download Submit
/data/data/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip

Filesize
451KB

MD5
b4cffe9e1e850db674b8360c64b57d75

SHA1
f538393f3ae2c14bb6f1f0aa33b0544709fb56d9

SHA256
6c5834655a200497a66f0b7fa6fdccf4a0803e940789c1abb54501148fecf435

SHA512
cf15e56af5234447f1caf357ab8659d70dffd2ef2cae9596d5f510037ba0a00712316db58ff2dd6d8348990176f56d5b5027fc2b4a4123b848602455e451ec56

Download Submit
/data/data/com.epasufob.kybavfgt/logs/Sistema1716344224943.log

Filesize
2KB

MD5
5c0e4465489750fb211fd14791c259d8

SHA1
a5eb65f623131256639e251864ba461e02cd0393

SHA256
23a57803a69d72e98d0b1d8e023f213ec0e7e877bbb8d45c54e15c1e9585289c

SHA512
c00f3775ae2d56e020c544e03b1fd1deebb2b7cef2f453628c38596d07d9c1b4fd51a42604d58ca9d05c5154204b9b025d22c1895b4fd5473df3e66e135c378c

Download Submit
/data/user/0/com.epasufob.kybavfgt/files/dex/5ba6eb5002f180c9.zip

Filesize
1.1MB

MD5
e0d7369df2ea7ecebc70205bfb6edef7

SHA1
2c39cad387047163608aa3a29ae978b7252e6448

SHA256
3f52b585382c52dc33eca0a533a3fae045457fc23a7966958c9379d88b6dd617

SHA512
d6efcf5ffd7708a855fde8a366b15c84272a0e6340c30d2688ae6bd80997f3ec78747b3f10a6ba5bc7bfe3597988f19d54a31c0831bf8923a09d70da9673d7ad

Download Submit