5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b

Analysis

max time kernel
155s
max time network
196s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22/05/2024, 08:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Hoda TV NEW.apk
Size

17.0MB
MD5

c53693d288c5f5891d2a51290834d56a
SHA1

a86ca601046258565d0e26bcf5c57a781b208be0
SHA256

5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b
SHA512

8bc659d6b1f00460c2d243a7403d23dab5f777d22c63915b9cc1a9d817e67e71028c58b53eec8fc0f8a25843f5bab4c0e8b43a172b8ca5ebfcb5a44ba253b80e
SSDEEP

393216:IveEHRFEKvZeGb1pJXYXpNp45O78QUFw5N:m9vEKv4U1pJXgPr2i5N

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.houdatv.app

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.houdatv.app

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/product/framework/com.google.android.maps.jar	5271	com.houdatv.app
/product/framework/com.google.android.maps.jar	5271	com.houdatv.app

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.houdatv.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.houdatv.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.houdatv.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.houdatv.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.houdatv.app

com.houdatv.app
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:5271

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c46e75899b256ce5040a56a20d88d77c

SHA1
4d21d8a5eb18f2336463e84783a57ddfc78f8bf6

SHA256
46a77490a0c2beb4f848c8042c354b672ade7d310fa93d7d267d547bed811c0b

SHA512
d89c5cbb7eca80358adc19a9ab89cd40d9dda3e82090c8555e8411f7ee685f9848f782a11266ef053eb8085c0651443e21ab015971d2351d6d974b50ffdf921d

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
61ab3253ac6906f989a44d7a5b73327a

SHA1
eab96dbf081b6629de389255f7a81bea1fad3a2e

SHA256
1fd8af4684d9a4fed8997125df977775178db47afe6295f6c16346dfb2222163

SHA512
d829c9ec13c47ae619b1a59574164c02e1c396a0b6beb3ec8ccef0cb4687cfff35de31143155cec666b5e3d017a8eafd8378ea5e96af8b14bd1ec6876a13c4af

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
12d8dee762d37b6c15af3e03b95c4f50

SHA1
fcab345ad8b224e9059f55751dbc05260280d2ba

SHA256
79f08752fc77163e6499e9210864bb074bb860bedcb2c3cb1d06c77f4168eaee

SHA512
2a1612085a2139093a6b82385454f8440a9b67c28c11a3ebc013a814a56685694a6b72b245f560c04736f16463ea9e91895e26d61e83b02fb8e95dc15b3112ea

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0ded7d5ff93b5cf7454b23264c052806

SHA1
bb6c025116d510313235828ef37ed33333397001

SHA256
025df99387cbfd25a7904f61b8a650d531c5aa1ab7fd6fd64954c5f29eac4db6

SHA512
2824e9c45dbb1e8be59c43e5a977e0d3bc45b2e1271c3f69ba3d2da91b6f3264e9cdd02a86bf9ebefd91e50c727b75d75b024b59268dbb24d48cf52d81eac683

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b4c59234a08136df65bf497ba1692921

SHA1
560f87b1c906e4a13cc60661d6e0554b51cebe6a

SHA256
be34d3e03eadb6a499cdb77f3e40edca3da5938b5baddc50a259cf1e0829b714

SHA512
bd8ab4e7a84326a193fa3fa73d197f6f94449618804c9db522ee36094322d06e268792772eb4c84c00b3bbe1b6bb2e8f00dcdcc594011a52dc849b8bca81d428

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
cc421893303d0e2aecb910698a23cb79

SHA1
0f0476db31457974b0dab0e9c74908a9ddb9b435

SHA256
36652b04130d4ccd8c831aad1077c02bff33b3c62938158ff0b3f5e332f28558

SHA512
4689f6dbcd14e74965d7739b9b04c36237661278a9e693eec8f2cabfcde269f13c129e0b1f1d9e4380a9d826052aa0fa5ed53a1f8d3d66b03a3b7ec9ecbeedae

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e7fa4634665e298f6c812fc832ac6c72

SHA1
57db5f2d1b66487edb2c1039671bbc7152e08b4d

SHA256
3f6910e826e6d21094f1670d3bcd61a27a54885d86b0cea67dcad5d5e547e193

SHA512
d425e5e8b353daae9899247f2936973614dec30dde817ea3b183b97e891eb39715fe80acefb110314dbff1db8461689f32caa260f87415fb746f07dd7fae523d

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
d863dc35a2f2d13a4b25ed49a59adb65

SHA1
bfad13ed2049f581bfce05147aa50ba85b47df39

SHA256
41104af47784c4850cd1e7e12d40e036760f1425c75a72c57c953262ff97ed70

SHA512
ab08a53d0b058f95715e82c63aa3d571cdcb2b8c0d1cd1521f15e31ae69cb2778111c9a3e2ee3737e8f3bf4c246e11f2a4523e8a25792237d77b4a1a269b3914

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b33268c9eae1302c5bafcd695104b1e7

SHA1
99f9d19cc6b99d6c49823f0872c907a2d9e0e5df

SHA256
e4dfb20bd9750d2571aeb3e36fdde62cc8894cb420c08a04eb08b2933cf238f0

SHA512
684fb84f262373300faddf8b540c79ae1a68c1a6d59db681d53c2ae9e0b667cf476eee84c42bcaaba471fdb4f080c5d484b0432792cf9054974a605a7ef77763

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
439084f96dd9ca9eec30f28b31e3b214

SHA1
2b6e1a2a89bf598443109fc80c885c653a2c3e45

SHA256
0fb24d00995472c2a267637d25d815d37041adac7cf968dcda75848a4f5406e6

SHA512
abb87125052c44b99670b3540e14e065526c93b30c22eef37aa756f2a8fa8688198bd44c11fc1438b4350063fb0d0ec35e194a76be9e134bcf3d93e512227fb0

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
64a2088b61d3218862e560895e466783

SHA1
9b7fabbb8c5ab81717668569d3919cb1260223a9

SHA256
647daf8b85b77557173e0645de5b28a6bc34abce7a590ab85ee9c1355ae9237f

SHA512
ea73fdb1e5a5beecc371866d44a547d86c6fe40bb50f93c37125d752926b493b2955c246950636dbda91c45fd7254661b95f1d51bad5d280f0873e341558c816

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation2927871787819418990tmp

Filesize
79B

MD5
9c7df430c805a254797ba73746807994

SHA1
4e64e5926adc283cd43ec171c482a9d7ce5dd9b2

SHA256
89c56f38c14e5fd103af565f67461ced016d7b4547b74437f54e09a568265d66

SHA512
eaff8b811b77b460421eb6cfec42c4670c02c434e087559a2795a38648f43c89537927f4cee68d7b560a08be08b3d3a21586030375f3ef0e03b954a10679281d

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation797293311657728142tmp

Filesize
561B

MD5
3f6774b654c8964e33acc145ca27fd6c

SHA1
046b4f876b51c2c8d16428165e4a1a596802abbd

SHA256
2c5a2597c9ca72da639e94be15281111c523f79c0c936ceab6d6cbe4798b6faf

SHA512
66bcefcd2c0085924188f328a54848205d127e0069c18b758d6fdb7d89a390d3a3c563e9adc35c8f57d425a829e4921db06b8c215e2105eadbaa84f1e916a3d4

Download Submit
/data/data/com.houdatv.app/files/font

Filesize
149KB

MD5
62027b7aa5859e5ecdf9a09a5ee7cdac

SHA1
91e36b6ef56ff61b29ddc8ff9a57ee1b0cb84cd2

SHA256
33413ebb0ff003b260a3ed3f9c6c327c0ca5f15b89a04fea1dfc73ce8e306952

SHA512
e8a09e9fb32db04a5a3b58bd47f8eafefa5e0dfb1cf9289f6bc0fe543337b13676f5700dcfb86fe277fba4179fc2febb34825b471c735ab357330eee8d642731

Download Submit
/data/data/com.houdatv.app/files/ico_share

Filesize
1KB

MD5
9769e88e084bee48eac8c479b429a556

SHA1
8bd33f69407f65bdc02453562a356bb51f581f56

SHA256
003772e5bb3502eaad74c39dcc197ab9009d9c0f0b679487b83b8c55eacf2332

SHA512
d8164f54fbadfa95d785519c622cdf5d9affac22eff67acc352dcf00266bd5407e9e2fea01d158d59a1e71744a0b28609d75763489f7b4a13fd54a09f489ebb5

Download Submit
/data/data/com.houdatv.app/files/splash

Filesize
99B

MD5
3be54e276c1ac41c4a0618f1df4e4ad4

SHA1
ba0c04e100e92a18a9d31c1da59d77e861d6055c

SHA256
be5d3cf6c8cddef930d412bc15d8af24ba654ca0961d6659b57ca7554866326e

SHA512
e1cf440871316ae3aa76e06821f49b06cc2429f4493317ba812a1cc52a335dbc7452815235cb5c625158c44dfccc5ce74de0543be7c6edac1a4bfc372639e30a

Download Submit
/data/data/com.houdatv.app/files/vinebre_ac.txt

Filesize
19B

MD5
159d3622a62dc5a41ce8302fd5393326

SHA1
4574da55e48acc26bf4efef2fe79817afb8b344d

SHA256
208ca89086526714f3758aacb1fcc14ea9b6ae7f70b01f48d9223a92c0a9b171

SHA512
ab4fa6ee4c0655a3b54fe3c89256944ba7a386f3507e89c5959ad6f03bfa2324cebdd4f5bcfc3f07a1015bd8ff8f2d7c258f07fb2b5e39a19cc780df43c2acc2

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
4d5ce448eee419facc56823e15bd9ed6

SHA1
e497e56068b249fe7bc19037dc67d5c7d6d19a2d

SHA256
e0b4bd8a53ebf7ee3e6c1acc3af0f3c69b71e2cbf147c1f4ac0445dd70c0f379

SHA512
d40a34ee313054ebd4d756b144d2a034546519f91eb0e30182c8dffd15fdaa7a0f4ce12a2516b02f8921ec598d06f10bfdc50da036806523829b5d74d2a4e3af

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
3d5798e04b0b877d89d5cf775c8e91cc

SHA1
1569bea7f0531469dbb3ed21bc1f9df4a1ea76bd

SHA256
5ded7a89df341caad4a6e92a6b993e6a1dc6407c3637476d625924871dd50f1b

SHA512
22164515c74880a71e2fe6bcb5767343ecd0f792b9d4f350b3a018722bb11370baea550cdae207e5d7bf18abddac157c3b832ce587c300c85219dfd57ea58caf

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
d2b33bd04bd262e96fa077a888769376

SHA1
e51ed88e3dbd5fc320c1dfc36d469b44164c5a84

SHA256
5aef3991ff50df69b41f42311a2bc27811e3b18cd9ab6856f7419f5affa21231

SHA512
c9e47cd95c3b704863c20c1627f6f62226ed33850d6103ce721be569f52729b6d953c1fd91893b539465c16c3b53cbb76eddff5f88ffe4de78fcf20c0f445081

Download Submit
/data/data/com.houdatv.app/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
10e9678bd6c97d778f5526732fcc5fc2

SHA1
38075b55f113cd44a2424b7134759968e3974e7f

SHA256
4b37f8a398e7ba27398d4c4d729fb43cccef584be086f633d7b3ade165711ab9

SHA512
5a560c303f45fe49ae0edd01492c7b0ba4e5b881b938acb49258262ec14e758abdf6597d752125c98870c634fc24418a66bf3fb3fb07361f7b5ab47b52176504

Download Submit
/product/framework/com.google.android.maps.jar

Filesize
315KB

MD5
4899aca36d1ed747a447dcac0d101a62

SHA1
32e43edc0bf3e036683ea8639472e6cd31ab9929

SHA256
67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

SHA512
50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads