5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b

Analysis

max time kernel
160s
max time network
193s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 08:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Hoda TV NEW.apk
Size

17.0MB
MD5

c53693d288c5f5891d2a51290834d56a
SHA1

a86ca601046258565d0e26bcf5c57a781b208be0
SHA256

5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b
SHA512

8bc659d6b1f00460c2d243a7403d23dab5f777d22c63915b9cc1a9d817e67e71028c58b53eec8fc0f8a25843f5bab4c0e8b43a172b8ca5ebfcb5a44ba253b80e
SSDEEP

393216:IveEHRFEKvZeGb1pJXYXpNp45O78QUFw5N:m9vEKv4U1pJXgPr2i5N

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.houdatv.app

description ioc process

File opened for read /proc/cpuinfo com.houdatv.app
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.houdatv.app

description ioc process

File opened for read /proc/meminfo com.houdatv.app
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.houdatv.app

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.houdatv.app
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.houdatv.app

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.houdatv.app
Acquires the wake lock 1 IoCs

Processes:

com.houdatv.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.houdatv.app
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.houdatv.app

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.houdatv.app

description	ioc	process
File opened for read	/proc/cpuinfo	com.houdatv.app

description	ioc	process
File opened for read	/proc/meminfo	com.houdatv.app

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.houdatv.app

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.houdatv.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.houdatv.app

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.houdatv.app

com.houdatv.app
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4305

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
499bf9b0e6fbc02950be687e4ce3b1e9

SHA1
e033164d0c9c48697dfc3614e7cf74013ed4d492

SHA256
f1f75a70abcdfc9bb79f16ad65e6d6d09be87bd7797a6cc5c19a25e1c5bcecdc

SHA512
05fd529baa068b2390fd0c535b087432ca2358360f3969ed43d710ee4c1cccb4c1314e2aeac97affc1c8d1f75551f8c219308e82f1820700c0a6ae431af41a27

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
5bcce84ff04f8e62c97e0968b26f6183

SHA1
217c25d1138da0c59fcd73f79b3b571570043be5

SHA256
2188fbb0d479becdc34bedbe5127fe6ffa0df3b975e541a6c9250a22f597e9e0

SHA512
953e86e6298364e9053cd01ad41c54c5fead1af2eee301aace44fbe91aefba92837170526e08479e63ca26741cce4ca15138f00cbdb0d97388f532cc67d32dae

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
17d19e4dae8554414d3db9babc20eab8

SHA1
87b28951ab89fb147e41df5c77e0c01594dc04d5

SHA256
c80b87017be4cffbf79c45ec57603ab2e1e14dd24204ee249bc52c13cd684cc7

SHA512
299188cb9c219ee127c4f1a798a981c3dd34580eab3cb43fbffbb5fc23ed3670927cf34b72ae8ec86e759348567945d1301974d5f80db5b4e086ce3cf5b2a71f

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
c871f60aca62b8617ce05ba2afee0a62

SHA1
201e11a3886799cb12fddd8a48dc517089e5c3c3

SHA256
284895d1cbedec1729a253e72e7ae45a55b0f11b41342ca62088ffe6d67031ab

SHA512
776fcc3d0bbf2eca83210830311e7508da1b65a23b2df5b75bf4361f16a41d2dc978270ec29cc54ea60c6e1f06df915c29842fea16fafa7ee01ddfdaa1e02cc4

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
3d99a96f8bcaa0b7da2c95b2222266a0

SHA1
fde1ddc0bfe55296213674da57bd0e5e42558951

SHA256
3f6e9cd5276ffda5ce846a5098c17acd0dae90932d5c78b4f62c6c3a1fdb74e2

SHA512
aa3491749fe151e6b8039c8d542e8ed7350a381a232142ebc97090badf100ecf0e02c9812771de7a7b8c4366a931466df7d4e3f9fd1c485ba3c92406070ca314

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
08b7072e5217804599317554a077e07e

SHA1
7377f24a7b472f50a4262814fd16a7ecbd81943f

SHA256
c328d5e2cc60c825fb5062ef9f671a600b8e24b1d10d7655cb0454b51e6c0aa8

SHA512
3f5f4095fb82a22aeaa87f8da34e109af86515456fcedce2e56d718841843ef53d0f3f387abd475898d3e821ca379a1a9cbaa1a4b87e8c15e2f162a0407594f6

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
f823a47e97cf03c3d0ab1c04e17e86fe

SHA1
d1b3ec937b91807fa033a1def9e1d2fc5f320c11

SHA256
f431d1f722693c85601e212702bc569f5f8044ba59f168cafa53a05fedc7cbf8

SHA512
35437601206fe3e8fd0d002c5d9a556566f38eb0a4c6c222ea18b1c8bedf16ad3e4029a0d90b78a703456ed41429807b47f8f43a971ffed796595dd54cf63072

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
f65a06d53335dfd60a359d795bd043a8

SHA1
646164613a3036013335073979bfd9563bec5b10

SHA256
6ad1833dd768ac3826114252a817618636a87157da312c2a70330aa513101c20

SHA512
d5f7c9d861de6fe12a2808a23feb9653f02d09a4c96e887fb1ab20d443a5d568029ed4a21a6ad32c639073c894f7c05678de1a06a39e846adf8948e7e4129d32

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
9623303ff50ea22bc37cc90675786a4a

SHA1
76d83ad63bcad1f0dbb509b9663a7a3a78800eff

SHA256
c81eab14e707e689f8b59832ebfc245fcb0235f911b43115091958b2e77ad39d

SHA512
d56318d30a18726ae357db98acab92fda488d7b3c5454c9203e43e2f42de9d95f0b036a0ea4387bbd163e480e148315bae615619934634dd61a5c5646abb506a

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
61f4d1e5798583d3a1b605d7c2290ac3

SHA1
514682a234f609fe7c2abd8511c29e1f6ba2b72b

SHA256
9ae9227e7499f72e149a4095eddb8544fc6f9ab46438c50c2a8a1a801e452502

SHA512
c57755e6ae3abeb614e785b603d11b3d34af9eca83d547dd9ddd4e68acd74d0d060149f727ce15e0c42ae7530f08383f1bf29ace3289134eae82760d3569c5a6

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
90d56a5be6ec66da1f90bb15cda406d7

SHA1
a2e158fd50251c3952fa8ced64067e204fc0a6bd

SHA256
198b3a6e4ca44f768f0850fad1c45a487f3d97cb6edbdf6a2687eab99957c937

SHA512
9549c6e2e1d8a07f3cf41db87d2e6d9270bb1069a1356d05b822ed0f91fad49fa571dbbcd4ba24ad86a2d35038aa59cff75cb07c277e558f33705287271f7566

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
3f996a5f2ad592905d2085a6cf5b2a7c

SHA1
00f96c0c9612130669d8d3dbec6b6f9631e89b8f

SHA256
d6934530c5f18a56beb21a71e261b5f3795486438ab96bd451a959ffdd732a6d

SHA512
b64e8a0df1ad5be3a81bc4f84035a7cc86bca0165218f98fe38f027e6889700be91b633889926d450ae84cc1b3dbfba62a1604b3c1fcd9906db9892c4a4e16e2

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation146112741131025927tmp
Filesize
79B

MD5
dfe6870127001af8308ff16a23db0cfb

SHA1
85f700124e9697213022a6dc8e8857a921965944

SHA256
18a1bab43603fce8cf611c3d42835953d629445768233f6ed5737b7be017ec10

SHA512
aa4a23e753bf7ba49eb791a886b59341d2ab1ec0960aec81171f5b4d5f9f1eb437035ec064397c8a65fd24a78afe674ec4809908cb660abb4f7325d594a27945

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation3235323646126407314tmp
Filesize
561B

MD5
976328f3454c103bcc23b47fffd34da1

SHA1
828aa40ca85848a31b0ead2452bc6f7bc2b5c3b5

SHA256
c39bcd875f33dd188ed53139f4abbf4bf3c51700bf78e444eac7dd7ff5f6650e

SHA512
f0317a60f4358139aa649216740964bc625aea7b5e5dfd511428cb51cd680ceaf282adb22810e88380b21bf657dd4fe043231696c9007c6c06af7472fe857499

Download Submit
/data/data/com.houdatv.app/files/font
Filesize
149KB

MD5
62027b7aa5859e5ecdf9a09a5ee7cdac

SHA1
91e36b6ef56ff61b29ddc8ff9a57ee1b0cb84cd2

SHA256
33413ebb0ff003b260a3ed3f9c6c327c0ca5f15b89a04fea1dfc73ce8e306952

SHA512
e8a09e9fb32db04a5a3b58bd47f8eafefa5e0dfb1cf9289f6bc0fe543337b13676f5700dcfb86fe277fba4179fc2febb34825b471c735ab357330eee8d642731

Download Submit
/data/data/com.houdatv.app/files/ico_share
Filesize
1KB

MD5
0eae458ed1d8d82ce5a8bc928b7cf2a5

SHA1
14cc1c11188c08019572784d5efc733f2b47bfd9

SHA256
129d1099fd8af34e7ab77b852bdbe981667a04db6ad01e455d0c7b5de894bbe0

SHA512
4629b7f2339bd71dd429b8e6fcd51ae1015d12a09e1e963ee4529b034b85739379321cf5315d48fbf34fe9b133ed5b36d8a3d4231aabffe3d3924f4a7ab48115

Download Submit
/data/data/com.houdatv.app/files/splash
Filesize
86B

MD5
29617f24b987ee71e30d61b85b3ce724

SHA1
67933da59449bdf537e26790486acb0246ac1df8

SHA256
7ce78e46a0340f336b19b46c5ae401650bd9ef87073dc096b22d8f523c8e9ca3

SHA512
72eeb8bc60eb2ac8acfff9b54840e551177075eced4f685e24a3100e835510a629b3d6d1091a1b492b5fb0fce0beb2822f68bf4bbe4a75612bba0e16ffc1f732

Download Submit
/data/data/com.houdatv.app/files/vinebre_ac.txt
Filesize
19B

MD5
3f3bef23274e12ec2a5257ee8ba50e43

SHA1
b8cc746995d328d25090a7b967d095e0b2f14aa8

SHA256
697f1b0ac4cb4a2ebddd86a29d4807d22f0a7f1d04981603d90b74370d6acb0b

SHA512
5cd110a09b13f49c29a769bc71cbb4f44251e6b8ec66bb44bc53a9266ed7f27028953cd7bcb8ae76837a81fb7ac2f8aebdfa86b62924c2bdb35a6bebd955a808

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
c2215620671255d51166945dfc5f3614

SHA1
ce58222f28c92f87cc39c36b0e628b65276f5126

SHA256
6e9fb8f171498195b64bc3ea197bb3ebfe92ca6ab50da557335a71d05ff77146

SHA512
9e7c1d8344794b86c692e62a8bd9c0ea12227307d7cd72a8da6a6d92929b6a2b4e8bb2117437b8c29eaed2a53d312b4f062748f71ac7823fa48179b7e3986ec5

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
0ea67de238a790870525abd99261aac2

SHA1
93b9f42a5a779d0977636114b6c4fba269a13737

SHA256
6aab1a0c583bb876e1ff90143643f121e4c4e1270d8981ac6a35cc161ad13633

SHA512
1a80cce012698174576d75069bd602bb61b7c3f55ec47a267509b884f138efbeb1b70690095b25f9ce4119cd71884e6b1ba3ad8cd1523715e291c2fd289df19b

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal
Filesize
108KB

MD5
59fd93393ff85ea9c65c6f565598d9ae

SHA1
566cdc44588b886108fcfedeed66f9c84be18d95

SHA256
4763c757bdf7f7639058edacc521187df7492d449f342f2b6f01ec73356e74cd

SHA512
188c817b6ecf9a0d6201b42759886ba2a2c913fbadc4079cf98cf1296403af520f6edb0527b364c95547845e225b45634a2df2abc41e525e8908141df6e861e1

Download Submit
/data/data/com.houdatv.app/no_backup/com.google.InstanceId.properties
Filesize
2KB

MD5
470b045b3ec8e193407169aa197a7aeb

SHA1
6bac76d963d26b475f32b78549bd9aadc673c9f8

SHA256
e82687c1304717d4eac3e92f1431fe9c31b5f4512eea1e01de2ef3a18558c0c6

SHA512
ba860afa7cd8a75d517a5573cadd635c72c42e16d7ffb4347e29f55732480b523e1364276b4df65c7957550489ce268854a2d7225371d8a19c19b0ff6e32ed06

Download Submit