Analysis

  • max time kernel
    48s
  • max time network
    52s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    22-05-2024 05:43

General

  • Target

    base.apk

  • Size

    3.5MB

  • MD5

    193a62dcd89032dff96dcd0c6a756e69

  • SHA1

    104b70fb2f8441ab335cf9cb4fe0e607e2cbb575

  • SHA256

    b1716b11437276c5ed72367862010bd399b382e790d0ec3e77fa51a6c421eb5d

  • SHA512

    751db3f074513ef1ac468ee54130203ba5a61cda79f7f24b73a2e4e665155aab3684d8a82e46b9df550806e3722324872662b5df5684468eb5ce3d75fc850f10

  • SSDEEP

    98304:1OB/VsYoPDoq9sEpoMPtqTuqL7g/sIDatEXhgHNOVB5oTwrLfAV:1OBjkNoItEui8Ce3N8

Malware Config

Signatures

Processes

  • territorial.io
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    PID:4667

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/territorial.io/files/indexUpdated.html

    Filesize

    475KB

    MD5

    0dbb525498e7881e2d7dba6cb43b0d2e

    SHA1

    953776f122da96459c2441c5f8121635c17aebe7

    SHA256

    1c8330f97452a01f92f1f2e7d2cab969d95710936f82127a2747f01310025b08

    SHA512

    dce8301fcd4dd4c1bb357548d70dfb6378161eb451a751edc68a8cdaa9af60c9d4dd8f5820fee201b16f1238fb3b7adc595c395ccd9e3ebc68c79987cc849212

  • /data/data/territorial.io/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    6cf470ab6b98ff5e5a5b112852dd239a

    SHA1

    d63568f16ded7fa4981c71880591e3187e95b2d9

    SHA256

    65fd7012d2e1c61aeb2bfee7421fb3f0e76d9cc54c2e899ca9b89a66218d84f2

    SHA512

    8777a72ee6c4815d87ecdba61881e6387e666eae74c80e0db122f4610305913cc41e92198b9fee748753e0df5acf29274758e82b686dc11cf8446424368cde28

  • /data/data/territorial.io/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    7e858c4054eb00fcddc653a04e5cd1c6

    SHA1

    2e056bf31a8d78df136f02a62afeeca77f4faccf

    SHA256

    9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

    SHA512

    d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

  • /data/data/territorial.io/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    106609d662da116db7504b17f185c180

    SHA1

    19c84f2651c5b4dd99885abbb4d07bfa3e52917e

    SHA256

    e4572c0f286472f3cddc99703eadb9e444073951fe72f53e05bdd5153ce06e35

    SHA512

    07325330772f224c558ea8fa8b89cd0a7738a2d7374c04cb47edcff20dee581277735249a0e5139fd19375a06a17f040c96d1813a2a4ea17389382032fef6ae9

  • /data/data/territorial.io/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/territorial.io/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    431c7660b8e4b8946e5a9a366a7f4361

    SHA1

    9dec58cf941615e6d932de4c8132fee453696317

    SHA256

    d037ceb01a8d1fe9fc01d235eb59eba450d9a37a2304b21a9af9dc9a3bf516c0

    SHA512

    f5f5a253f8dad1f067aca826dc8f1af782823490640f6c139ec23306c1a50ea7f38fadc558af1f4e709ecda8ffee53ac43a6d5df1d1ade99b04ce615e09b2467

  • /data/data/territorial.io/no_backup/androidx.work.workdb-wal

    Filesize

    108KB

    MD5

    8499e169668982bcec91520441c76d49

    SHA1

    f78a51a02beb408688dae0a2b2b553d796f7a7b7

    SHA256

    9fbc4737e6165605bb99162acf66c65c88a61b79b5d227af6443298f7069bef1

    SHA512

    e7e275b759f9a0632fe86c5ad22764e8b3340735233b2f054619f89adbfcc3c2cad62cea8b597201d60eee8aeacadfc8b5ea33fec1e20f166a73fdf6aa7ee7a9

  • /data/misc/profiles/cur/0/territorial.io/primary.prof

    Filesize

    930B

    MD5

    5ff3ab152ed8e0bb6127427f8a6bd559

    SHA1

    dba449a9b9da2c601766da3180943c830a79fd3e

    SHA256

    56434102fb84308bdf7dfef415ebbb0c7a38b6630f1b97ed6c3cc1db47afb143

    SHA512

    206386af05c0b3364beb20103181545c52a50ca0e2a873f6746d63fd2d3dbb63664345fb5ad19a8e430ebe0cb0c524116ab66d37736c01979d701d849d4f1422

  • /data/misc/profiles/cur/0/territorial.io/primary.prof

    Filesize

    3KB

    MD5

    765d1c61c94041d4b273fb6bdb49340a

    SHA1

    f6a515c0326056fc082c3189e97830b272736463

    SHA256

    e9228f97c699780f34bd09832a2d2fa246fef5e462c034716286cc885eed1c73

    SHA512

    2bcfba7503996d0e1258924c3daf6d712f52732be383c642469cfb034895af878f06593a92c167af18afdc1e84b65b3333986ea53e67939aff76e10a81b46c0e