918581b2275bee57ef1fe46920e52e765ec8a27f4103f9f5f8e763fc64885c48

Analysis

max time kernel
172s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 11:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Kipod.apk
Size

10.9MB
MD5

91efe365279c2d9df553879bb602939e
SHA1

86239a7537ab9f4e4eca4c3312a176403dc2aa97
SHA256

918581b2275bee57ef1fe46920e52e765ec8a27f4103f9f5f8e763fc64885c48
SHA512

6f230bc552d3d82ab69e0eb8ac851cbc94997bd216fc86052c3ff0451daee77cfdfc5dd35ea793e569eb9e501b81a25a5ef8aa2d61dec0ce938e58052da96423
SSDEEP

196608:xEK9KyguKOC4hwjAwA1UCcXxfPAbmZdZOZ3IBC6TkaenEnDTq3GNucYIBTH:x79KoTlmj9jxf4S3ZM3+C6QaOEnDe3Gj

Score

8^/10

discovery evasion impact

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 7 IoCs

evasion

T1426

Processes:

com.etick.mobilemancard

ioc	process
/data/local/su	com.etick.mobilemancard
/data/local/xbin/su	com.etick.mobilemancard
/sbin/su	com.etick.mobilemancard
/system/app/Superuser.apk	com.etick.mobilemancard
/system/bin/failsafe/su	com.etick.mobilemancard
/system/bin/su	com.etick.mobilemancard
/data/local/bin/su	com.etick.mobilemancard

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
discovery

T1421

Processes:

com.etick.mobilemancard

description ioc process

Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.etick.mobilemancard
Acquires the wake lock 1 IoCs

Processes:

com.etick.mobilemancard

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.etick.mobilemancard
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.etick.mobilemancard

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.etick.mobilemancard
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.etick.mobilemancard

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.etick.mobilemancard

description	ioc	process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.etick.mobilemancard

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.etick.mobilemancard

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.etick.mobilemancard

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.etick.mobilemancard

com.etick.mobilemancard
1⤵
- Checks if the Android device is rooted.
- Queries information about the current Wi-Fi connection
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.etick.mobilemancard/tokenFileDir/tokenFile.cfg
Filesize
163B

MD5
d103bc816249dea90faa00c35bf35e2c

SHA1
52d5ddaaf038dc294f92ebfbcd2a4682bbee43e9

SHA256
23140afaaadf70b6ec366795bcb7e43323475aedfb69722031185304b279a231

SHA512
2f940d6780f51ef5d951e567741098141e27e419429be58274ed269912d64b29a707581323c476b1b2796d2c6d5d6706c112ad548fce877aab94bc705e31cf6c

Download Submit
/data/user/0/com.etick.mobilemancard/databases/com.google.android.datatransport.events
Filesize
32KB

MD5
7daa8bf70cba1177c0aaa35143f5ff54

SHA1
4ddb8e3e373296808fd5a3832a454ea9c0c60b0a

SHA256
f02ded6053bd0f124da16cdf40849fb201797ddfac5536ab36e1feceb21564a3

SHA512
7178eae8e99b2f8b571bd333a3c6916bd088c96dc2c6d5b074ac388e58a345de6a82daceb39994019cbdc5c2d4065912eb0c52787ec50d9e1f746ba92bcee22f

Download Submit
/data/user/0/com.etick.mobilemancard/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
2db4a3bad985ccb25d8e146e8a25ae55

SHA1
fa8b2ec1d440120cb0ed949d57ceba9cb9c81b5b

SHA256
06b7db3e009885fc67385ede6a74626e8c27448bcdde9d1cd683a174ae4c5c62

SHA512
c160e7a87c6343b40602f03672bd9d45b7a3a40bacfedd2571e32a531434aec7f9a77967ccbad28eab5ef3bdbaf13a9727dac347120ce315c3075549ab5fad73

Download Submit
/data/user/0/com.etick.mobilemancard/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
679c160fc7c3dd099d9e21d130d48f9c

SHA1
85c600934cd28b891ec63c3900e27218add2adbc

SHA256
1d18d8dcfe251bb275e745ec254daaf0d9637f8d0b3150557995cd0be5b7e232

SHA512
a7d082a7e1ca6b58f2544765a66f6fc868de93102484792f867cacb35e11b57691115736194524156bd92fbfbddb1ae09dd63fa743d7131ba7ee70c8dd470548

Download Submit
/data/user/0/com.etick.mobilemancard/databases/com.google.android.datatransport.events-journal
Filesize
8KB

MD5
773a8765d12ceeb954364e32f33128ba

SHA1
29bb7b9f0a5948b9f586871b52d397932ecaade9

SHA256
ea3fe81a901f8bcc6b3e61212d5704abca2ffad5bb7a10907e5f46e2c5f4ed8e

SHA512
427b583f7b7d5078dfaaf92cfb64029a31111aab16ee47b005397d68c6140d20825a2250a2de833eca481a53722d3b6df9563e682b97d1f918db7807884d5e5c

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db
Filesize
16KB

MD5
0d12d36d349b6ce5ac0c447dca863403

SHA1
dbc7af5eb0750dca656bc061616bbfe1cb3f7f3a

SHA256
9ba3a8d575f3d9b854fac8ce1d7b29e1d89bbd4d2edbe9f314818ac6809c251e

SHA512
185336a84a0ea5d99fae2dc5f41de507981533864a5af292a77f7c7b5c2e37c6d977cde52640bdcd38f17ed14e06450c3350e00c756cb824dbf960d1b8f3c31f

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db
Filesize
16KB

MD5
7835ae869559da7f9c5edd9ad8e347ec

SHA1
7b2a7122d915783ad8be28ed7f14370a6b451ef2

SHA256
8b27bd9eff2133c10c8dea6677064e7f72c08fb09aca5fba258df8c345700dc1

SHA512
55e9e07bfdc7cdc6440eaadbf5370f67f6a76570d233986ca81f4a5225921c37e7666ba939f4e1be44a6f3b758927ea5f71d9e99e3aa52d4a0bf23098ca9cbc2

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db
Filesize
16KB

MD5
942dcb8446301706a85bd7ff60416185

SHA1
7f32fb1d193cd92ed09ee7f7a75c49f130bb4cca

SHA256
f5e8835cd78f430f0adb2691ee4e2c8e428c3f6d1340407613cadafb6f59e4c8

SHA512
5586ca503d908509547a1e4ad83205c8c2c0d53c67258519dafde8a75543ab3b4036e9faa2d1cf0fa4ed3890761261230008019d4d68b27f8bc3cb0ec17e0c65

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d207f1104a5664f84c8ae768b8e68994

SHA1
da6e26cb5f39325a467d62de1d5c3f6c69ba5f7d

SHA256
a6f3d8e423664544e00a9fa669c5a517f6ac42e09803fd06918512bc707c3530

SHA512
8a0b40541a50d797cb8272c19cfbeadf85ed2ae3d53a4dd468fc8c113169227b480889e92beacc538ce2f1907bc6a2904768ccc772c3d86fa86165bf1f97d1e0

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db
Filesize
16KB

MD5
d3c15143db71a8e0d9010bd12e37b99c

SHA1
36746ccfb82035d454b2e8c86ca3f96d4bf003cf

SHA256
9505098dd43b235ea13f6cb66e165582c717d70eec1319350f0059cffddd83bd

SHA512
97a1d5c1a0a88bc96d90d8553ab5d894c12cf56fbff8e7ec3a93514a820f6c078b52ed96eee2f26b8009402972df4d0e6622111e1c8f2a9d1f81136f2184c107

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
e33c3d3732454025945aaf25080a81c7

SHA1
cac0a21b27509059911acbf00425bcbb5c502f0c

SHA256
cb9e80edbb19eb0c3aa23e7f83938f8db43cacfb12954687e71e64d657a78fe7

SHA512
b35f30c3c432293b596646920b95295673485a90bedd5c915c2f67daf0cd18e038847dccd7da77e5d7b0748a2f281e65d3ea5e4d533429c4d07f963b05e6fdf5

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
43f3360eb68f2c5fd3a3e5b356db1d56

SHA1
efe0f7f18bcb503b39afe0ece78167eed99d46fe

SHA256
a806104a8903a49da853c0dc6d47adfd898b4cf4a0acd1872728fc738760c6a4

SHA512
14ec6574b6a1fc64606941dd2cbc6174b2642ca209a849d16816ade7aca932e8b51a9d887f4b16bcfa52e0c907a0f13d9a63ed0c355cab2040295e22335577fd

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
623420a5eac3488f7297298014387910

SHA1
27ff5b1c5dae48bd6cc24b791863b6c88c534439

SHA256
ff0d1ced332303deedd1c84a9af7bc7489cde95bb3746c33ccb74a531037ec55

SHA512
60c3839820bb2a7ca6171eef9cd35ee4fe43958fc1a4718ba59a0a69b8141343ccbd3a04465033c2c4ec4f8352688ec62bfacc10c1a7757b5e5592e7ac1f43fd

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
84285737576c899c6e5f6a85c39acf18

SHA1
ef83140d59a2643d2290d71ffaed90ae51f4e1af

SHA256
2bc0164c8fbfa23cb5ff035df282b52692ec94dc623c4f698d5a45a17fc1df41

SHA512
efd3469c6c832c53ae8c76d76c222a6241ebf0e106ed0a6cfa1bee4037271eb22cce16ae5b1a1e067631e912656fe06932e5f380e8c7b4bd56dd8b34286d3a75

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
80441dd52daefb081bbea78c2ba6e0ef

SHA1
2f9d8fd9d4ff9da7ae322c2df86f733d5bb946c4

SHA256
d2e3cda9cf47245e8de1edea151b107e41ea8ca6e6736b73ce51aac6dc73ae96

SHA512
af4676c4ac5a7ed36f1b8d31750368cd9e6e736bb7b261b80380337de4946c801a39b37617fcc8b7a40008b430b4646edf3f08600662f643bc554cf233a471ed

Download Submit
/data/user/0/com.etick.mobilemancard/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
2ca10f491e84653690dc27af358d4ed1

SHA1
5b23f9199dabe71da78ef9a80a55b09990bc4350

SHA256
2f9a76695be5337813eb3565be1b7aa8395025ee1d75b90c75b1318c20149c90

SHA512
fb7ddf2b3877c9444b5714bee9d71ab4d7681523e31b738a405d1cf371acdb27d4fd91c9ce70dd9b20943319ddadf572cdd447ee202fc0566746dd844aa07eb7

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk
Filesize
36KB

MD5
c2a37f54338a86b2a54cedc36907a3f3

SHA1
a2b9fba105a8701a022525ee721f1cc8d51de4ea

SHA256
f64d84ba182bb65128c0f4b39c9d3aa7e48e1353c3f69346df47f26493c432c1

SHA512
940d5a336aa30d3dd82d256fa13b1b90c249f893ecb186c474d240a0ed4704fc5ddee873833228e4be049bfb374a9d3a8f29bb9f3fd32c23862d903ab2c25f55

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk-journal
Filesize
12KB

MD5
713ca79e96378342cfcfdcb5693599db

SHA1
5aacf4e9789bfee72dad4097d716ec7a80587713

SHA256
f775f1325d4ec8330abe2a8b5d06aefafacb1101fc0e212eb10f331321c95947

SHA512
eeddac30c52498ef483e90a658b83ede9c34d4b7a740e8d671652372955fc3cd3bb71d189b5de537538370f06bfd7142820f38738769a4c4f34911f8a0e92a46

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk-journal
Filesize
12KB

MD5
3ed1f14d1718555ce6aa2b52d242a8a2

SHA1
a762e7a455f030a0b66c4dcefb515febf2fb72ac

SHA256
fe67105bb616448edd15fa7f8b8b3f2486723b3b46654eb16920201b2f95a081

SHA512
cffe9398455661d834cb3f2022096beea309d199328a4324d1b7d7934fdf246f9316147a7d1873bba9506c9ce60a0062e76a5bfa5976daeab4d633c788533a16

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk-journal
Filesize
12KB

MD5
d4b6497e799f6e9abd4f832d76d609a7

SHA1
b6317a85071e393920270cd40162951ad2faf4ea

SHA256
bf6ca188f054914894a7ed8cf4abe3695a1dd3f106118a35abd8d587b1bc3358

SHA512
462dcd8f7570e741b05da83a6d62686792395ce46c5ae87cc854c94def9caa4632b55b7ac123738254084fb8160751f2e2cd086a20ef2e3d765d2dc69bc165b0

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk-journal
Filesize
512B

MD5
7f589b3df8779f0bbf23908530a47658

SHA1
a95a4937bf5c8333afc53191e0db1a44174f0e3f

SHA256
de387ed2cee12558af0a93b4355b7dc8316d7fe6564ffcd05c59339bee3bcd0b

SHA512
9619b2cc089e702eaacef46f6042d9d9bfa2492cb10f377177a9ff619e418f42ca8df9edc13d04f57cb0bfbde0f52acd497d9a4b63d3926dc2f502a70792423b

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk-journal
Filesize
8KB

MD5
fe054a49309ed8f824ef168fc51b4f46

SHA1
2c009963d48e944318c8a711609381204cfb5edd

SHA256
6d8d0f99c41e4a6206b630dd9fe4798653e77a1651e23c7b17be4e706099488d

SHA512
3ddc391ea31a1ff7f6ad2ab09c57d60de55cb06e24132b82da0ea831b7949f93acf5803349027ad00f75db04c14c890b4d8d98676c514d6ae56a2b355daf188f

Download Submit
/data/user/0/com.etick.mobilemancard/databases/ir.metrix.sdk-journal
Filesize
8KB

MD5
60fbae480e8ad60161c9b2b7daa4d5d7

SHA1
756e8f31beff7eff658f4dcce43bfafa30f57c52

SHA256
7ae9dfb3961ed5f1ca853e43cd37cf7832250255d85d5607ed7bf3ca8cbee0e1

SHA512
4decef684d4c3541cd00898720125e2c23f8c8459cedfc6d2f21b1b5770a8d218cf796687a8a8a345e9f57ee3d8cfc22ddf0470117ed8e3854460ef506bbbaec

Download Submit
/data/user/0/com.etick.mobilemancard/files/PersistedInstallation7919326195516800142tmp
Filesize
90B

MD5
0976fd8e16b52103c95007f51d5f7fd9

SHA1
1fbfa6e00091dd553d2c45cb6a32725b815432b0

SHA256
57c38a5547f5fdd95fbecfb3d6eb7dedef7a70e81b130d3b4b0511e4719f1c08

SHA512
c1d896db3ccc7c3152415f8fd002bbb902eb9a12aa01a70df28e101164bc3a866303fa22c9060d1b74ebc328d73c733199ff5f43f02b0dd8962cc7d5bb41d767

Download Submit
/data/user/0/com.etick.mobilemancard/files/PersistedInstallation8457806975850986913tmp
Filesize
561B

MD5
5860a03dd7b4ba13bfc82fbbae0bf338

SHA1
d2658a9402b3167ab116eb9cc08d9eaa388b5eaf

SHA256
8618f786e15b6fbfa031ef276a52c37a2d26deab6a3b09b87afd8a23a98a7c34

SHA512
bcb797e6d4f9fd4c42c0925bcac608a98681d5f15f2fb38e1f95f0726dcb00da5567c0ac917a3c445c7f07eccc16f91e21bc7851cafe97f6b4c8f51531a13e25

Download Submit