5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b

Analysis

max time kernel
179s
max time network
185s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 08:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Hoda TV NEW.apk
Size

17.0MB
MD5

c53693d288c5f5891d2a51290834d56a
SHA1

a86ca601046258565d0e26bcf5c57a781b208be0
SHA256

5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b
SHA512

8bc659d6b1f00460c2d243a7403d23dab5f777d22c63915b9cc1a9d817e67e71028c58b53eec8fc0f8a25843f5bab4c0e8b43a172b8ca5ebfcb5a44ba253b80e
SSDEEP

393216:IveEHRFEKvZeGb1pJXYXpNp45O78QUFw5N:m9vEKv4U1pJXgPr2i5N

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.houdatv.app

description ioc process

File opened for read /proc/cpuinfo com.houdatv.app
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.houdatv.app

description ioc process

File opened for read /proc/meminfo com.houdatv.app
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.houdatv.app

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.houdatv.app
Acquires the wake lock 1 IoCs

Processes:

com.houdatv.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.houdatv.app
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

com.houdatv.app

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.houdatv.app

description	ioc	process
File opened for read	/proc/cpuinfo	com.houdatv.app

description	ioc	process
File opened for read	/proc/meminfo	com.houdatv.app

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.houdatv.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.houdatv.app

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.houdatv.app

com.houdatv.app
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Checks if the internet connection is available
PID:4632

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
aa57e3ced9be4d715bb02bd3904750f1

SHA1
e0fdd5c6f8b3263c198eac9b83c07b09a9217425

SHA256
a386f1dae500dcb888a82d132da4cc9b1b4f3c6ad809978945de88492b92ca40

SHA512
77ca09df9868905a2d1eb73675461da305e12e4990b4d83fde9693208b67707865b67940c432005987eeae9c60c0a664dac7aa532e5b3cfb9aa3454a7d33ea09

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
c3da0e7887a9a2545b9883a1e35ce5b0

SHA1
20fc743f7cff0e9b424fa2f618c0a970f1ff4310

SHA256
f14b253f233de7fbe3702bf77278c80c29dfce22523a6611584261818d3d5104

SHA512
8fabd2380418cef193f74a12e2135b6d7e0c991723b0f70d0c423f85b8977e249bf751c8f267027eebb1198eab03f3d82eb14f6d48bd76a07e781f445fe5f561

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
38a8a8684294ee1f4b1c323cf40d88eb

SHA1
50b82ba65be13bf4d84f82ffa838f2d1242f0794

SHA256
49bfd09046f914484721a09fb1721e8bb38dde09d39f9fbe99043ffd53c8be0d

SHA512
24a61b0732cede0a91ba25a05aa8fd994bbeedea1790c352b699f6c93a2845c59c91c89b62ff5bdf20c3515c02727958ca61155ca85dccc18d833b087d10648a

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d529c50b20eb13d051ef7cb1a302f42e

SHA1
e198f9c4d6c97dc930ff6530681ba9c674f722d0

SHA256
35cfa2d54e9a0823a5f387aadfdc7db01000e4a9b69806b5ef9e3b31c3eceb6a

SHA512
81057bc2eceb2f906c13833b36504b216c7ce9292f0a2ccb7f1804790849f8ff5c245db4cfba7593ea042abb93960c970ba148b77b6646ebb9d7eac16248a949

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
75430622a43555d46553fbb88893335c

SHA1
dd99b14798fe149b598cfd897f74d09e2b789f9f

SHA256
a2e2aafd8db8ab0f85c84e10b27abd126383e444068b4f33361f901622e92df1

SHA512
fd7f1793eeb0fe851da22285434f3c34c686893364867190b1cdd66a8ad801ca04ee374a5d0a05795c764dc371875d6d9abf4d068f6765da1985b13424ff7219

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
dc7c2c3de60e21c87cf2f5e7d64c9c57

SHA1
87f1eb737a301e4bf49851e5b8f0a6fe813d1887

SHA256
57e67d60d1fc9a992d1a18b2c3ec9f463b605860169c2aeaeecbd0bcaf0b2368

SHA512
aefd66017a5547d464c1abc7558d6aae81c788d7a298c3ab44831721afe55013c0129adaa4ecc27e8918b7a2b99b6842c3f82113fb0ab839d179f015d6cb498d

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
65d26622c33d8415c756cd95dfa0b132

SHA1
6adc51d9e19a89a637f22491e36e78e83f1e14ef

SHA256
9205c79448bc065da1331250b14b6a3a334161d73b010f73af6922e0ed61a2e6

SHA512
ec0e5c4e91f0905479f7a14ef58cf15938f353d79e0ec7ab6dc129e0c54d4fd69178d58d5b54f5c6705085cc5df76c1c610a9f8de227a16df0ec292a9f75210a

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
cbbab4f3a8aac605e6d919316a3a6a00

SHA1
c4f2818a27659c63ce32a41137b62d888b630beb

SHA256
0c730a169b5a06e3cdcde513d98c08093f17775a5a2a8be2bbb2aa242037ef3f

SHA512
f8a11953249493bf651837f6e4e68f9304b4fcb98938bed173125bc182e9b3c298940f63dabaa1c1447fbe0aac6fe07cb23988630a584e12af839abb02c5be5f

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
6d2e63d8c7635e89cb11f5df42f7e8eb

SHA1
02427372ad718845241c45c07fcd02336b675db9

SHA256
dc75dbc351a5b6c9cf8482f270d2928961f26f52d1f353ea05fecf323e313a5c

SHA512
7980e4996612b5265ed3843bb61e4c8dd0ef9a352426c8bc12c3b94a5402813df2d7877196850c52d9171d032a43106e599b85a2c1d91fbc2a8a9b51fb2166ba

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
12067de5cbc6446775983de65fa3157b

SHA1
b957b702d7559e94d60ccfdfc3d81c773322bdd6

SHA256
6815bfc4fdb581963b454b2adefebcf29cc5dbd66ba1b9eb79f78f5eb4a4470c

SHA512
3e6f5f70d28096b795a506732034e310a7b0e291ae96c800524b663b798c8f573dbf81cbb1c02837b62fc9c14de6e3ce5b875c943c5b137fd4b0022fc8f7a852

Download Submit
/data/user/0/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
8ffcd9d2554f038c64311b3ce2cd574c

SHA1
bf7fd8058f6be9d98846d1cf3ffa3f0ca0caa1b8

SHA256
1e56d589efaec9ff21430f5aa2fffa1e33722ab20283a2c81958a7136e84cd00

SHA512
c3b1d6711d05c43cc01adb8cefe4f7f6e7c3ad319640271635cb50fef840e9d76f5af36e0fb8524c11d5185276ba686b42e2c9e808c55055a55594c95c1b581c

Download Submit
/data/user/0/com.houdatv.app/files/PersistedInstallation1046980665300924631tmp
Filesize
79B

MD5
9e3dcd0a4443d6b52fdbea939f057c0b

SHA1
d623341aede52827eedc95f2b82e192521def8d7

SHA256
9c377937411a540d398563ed4ac9c56a8e313374316ee2a9ac2d913ccee30c1b

SHA512
499837e60bd912927693857a5fe046df0fa89e211410c968c736963b7aa531d76e1d138bd002f609031c49929c20a5c75a2f01bddbf1bf111de72373e27bcc41

Download Submit
/data/user/0/com.houdatv.app/files/PersistedInstallation1333176649690050906tmp
Filesize
561B

MD5
2de31eab7bc1cbe72a41c87ca75881c9

SHA1
497f748eed42e1533de7931733b8d717c5d123cc

SHA256
9f47f9a90db2cb853158d6fb0d379b5d63663be6ab6168a0bb42d4f55d49e9ca

SHA512
b756d9fa39feecd4307cbe2a05f4160d778c72b9de4b64559e2857b279154ef86fe6182e00c05b58ba99efd787a0c8f2de4586825f7a0e3282beb6d084c4a458

Download Submit
/data/user/0/com.houdatv.app/files/font
Filesize
149KB

MD5
62027b7aa5859e5ecdf9a09a5ee7cdac

SHA1
91e36b6ef56ff61b29ddc8ff9a57ee1b0cb84cd2

SHA256
33413ebb0ff003b260a3ed3f9c6c327c0ca5f15b89a04fea1dfc73ce8e306952

SHA512
e8a09e9fb32db04a5a3b58bd47f8eafefa5e0dfb1cf9289f6bc0fe543337b13676f5700dcfb86fe277fba4179fc2febb34825b471c735ab357330eee8d642731

Download Submit
/data/user/0/com.houdatv.app/files/ico_share
Filesize
1KB

MD5
9769e88e084bee48eac8c479b429a556

SHA1
8bd33f69407f65bdc02453562a356bb51f581f56

SHA256
003772e5bb3502eaad74c39dcc197ab9009d9c0f0b679487b83b8c55eacf2332

SHA512
d8164f54fbadfa95d785519c622cdf5d9affac22eff67acc352dcf00266bd5407e9e2fea01d158d59a1e71744a0b28609d75763489f7b4a13fd54a09f489ebb5

Download Submit
/data/user/0/com.houdatv.app/files/splash
Filesize
99B

MD5
3be54e276c1ac41c4a0618f1df4e4ad4

SHA1
ba0c04e100e92a18a9d31c1da59d77e861d6055c

SHA256
be5d3cf6c8cddef930d412bc15d8af24ba654ca0961d6659b57ca7554866326e

SHA512
e1cf440871316ae3aa76e06821f49b06cc2429f4493317ba812a1cc52a335dbc7452815235cb5c625158c44dfccc5ce74de0543be7c6edac1a4bfc372639e30a

Download Submit
/data/user/0/com.houdatv.app/files/vinebre_ac.txt
Filesize
19B

MD5
8674cfb072b499b26d4e480b3a57f477

SHA1
87047716c5e50219fa4ded280f2d066fe2c59b80

SHA256
afafbcdd2f973c55a951d030804e1eb0aeffede480fa471b0bcfebdb84c94fed

SHA512
4ab1e482ecd40cbb6a0ef3c274b9db8435af3848772a2027f9afa61ac5c9c197120f40838316bdead8f2ee4e57caade3cda5bf74af08cff1998e85e43a5b6529

Download Submit
/data/user/0/com.houdatv.app/no_backup/androidx.work.workdb
Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/user/0/com.houdatv.app/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
8aa361559be1cac73491e576a15a3558

SHA1
bdad5d0eaf6a79563aad27f9f634cda3d5cbdfc9

SHA256
f91c04b8720d84452ceaf02db957be46c680154f2f1650d0a9c9442e9192d785

SHA512
15d728d1129e31c218e01196c8ef370871985df255281f86cc28a9d08c5d8223d5b101852cc7da97bde1936634724e26fa4e8542e452b1adc61a997616cc77c0

Download Submit
/data/user/0/com.houdatv.app/no_backup/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/user/0/com.houdatv.app/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
757b95457c0bd6f02ff5b0a217774e82

SHA1
663d74e5aad3ab1321e94ac69e3c846f7cbeb25c

SHA256
d2577353d0a2b59047330505f082d591267a322b82a16f06066354f08a6b3820

SHA512
a35a45963878aff29e006a076804ec45d437fcb194868c64a8d511121dfe101bc6640711cb8a01415d88e2ab311790c50141d8bd82bbb8c459352922343d1822

Download Submit
/data/user/0/com.houdatv.app/no_backup/androidx.work.workdb-wal
Filesize
108KB

MD5
39aaf5ca95f0b40b2e769f087a4bc5af

SHA1
6fc99360c4d7e524a3610baa3e59bc21d1eeb9e9

SHA256
ee4dd66572514afe4c2eabf9b4191c411caecf899d389ad77d66af25b88e897e

SHA512
341da103af4cef06281d585f55d8059d897728843df13120b8d8fccf204440184aafe6db6424c7ea212db1ab189ec26c6f6e258067a2a4cd1fef7816b25ad86b

Download Submit
/data/user/0/com.houdatv.app/no_backup/com.google.InstanceId.properties
Filesize
2KB

MD5
3c354edf1eb0b1fa4679ada2321c2d37

SHA1
ebfe6656ead8648e0acac7f8bda704cfb9d07a34

SHA256
551e786c6abff18d27dbd5005a01d812bc68963442e28c7c9cab7fca9885583b

SHA512
052d0b2d226a999c590d956e4634a7e8e6884c3d923942dcb3b90e48b9201819c8a48b2dbac70d76e9dec8e263f7d7fc8f1e318bef2a8a05f3c2c354bd63cc4c

Download Submit