9b1d0060f0f5b0cb26eb90a50ef3208ea75d137ad1a8aac87e70d354d1dd26e5

Analysis

max time kernel
9s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 12:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

FollowBegir02.apk
Size

3.8MB
MD5

5104526aa8ea72e6b87bacce18cd680f
SHA1

8f10eee41f1fd2197974ca4738113b2412209dcc
SHA256

9b1d0060f0f5b0cb26eb90a50ef3208ea75d137ad1a8aac87e70d354d1dd26e5
SHA512

0098c514df9c3c9e0eb78a40cc2649423e3fe3a15252226355e87d8f81c57fb5abda818d3575d425b282f865155a739f440b2fc47ad361e59c4411b899153a3e
SSDEEP

98304:Jc3BLTJTo1JrbecEqENn/R3J2UBTIPD0J/Bml5yJ:JcRLybebBpJ9UD0dt

Score

6^/10

discovery impact

Malware Config

Signatures

Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

service.api.insta

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo service.api.insta
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

Data Encrypted for Impact
T1471

Processes:

service.api.insta

description ioc process

Framework API call javax.crypto.Cipher.doFinal service.api.insta

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	service.api.insta

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	service.api.insta

service.api.insta
1⤵
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4621

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/service.api.insta/cache/com.batch.tmp.52924366-fc20-4b96-94d1-1f665afbf33b.json
Filesize
77B

MD5
0339a29a628767e683b366fb30deb52b

SHA1
75ebee0aec8a4270b38c6d1ce619a0430584c96a

SHA256
e6a969e2c69a21a38a7eb17146f8bd4b80083454927c97e241b0a459574148f5

SHA512
859cc910e0caa1d9371ff0f1f0698c2c23161c6c729f628c2115cf11b8a334e0f2ae303cd38b8c507f21622256a8799f4b2e63bdb84ac8d433fe2c024a0bff6d

Download Submit
/data/user/0/service.api.insta/databases/LocalCampaignsSQLTracker.db
Filesize
24KB

MD5
78dfb71ae220ffa608f09caa1a85920f

SHA1
cb55f39d84d78d4426837c25944ad9d114d0fe4e

SHA256
831c5da06e12d1e9cf69797541d0f0b81f5a2cac69fb883e59c56630d83d1e59

SHA512
397721f0447e4853edd947c3a8b9f2762e8f192ead431c8aa391d499fab6f013a71c8277b40eb6388695b11111b49bef1bfbb1fd8a24b25a0cd19977e36b0c78

Download Submit
/data/user/0/service.api.insta/databases/LocalCampaignsSQLTracker.db-journal
Filesize
512B

MD5
736833a0b86e422f9c5691ee3d62cb63

SHA1
9c36b8f587336ade1685559bab2e2fe158775989

SHA256
b46b03b9099ac7c3921760943061cfc8c08f17feb72ddfcfa0cee21ed7b33144

SHA512
ce57f96ff0d6bf43fcb201b9a2f6e829052be0a51cca5a2d3466ddefc66c32cfb20a0533ee8040618cbea64d4a22eb8e46c40af07e63cb9cea32aa8328a6ec21

Download Submit
/data/user/0/service.api.insta/databases/LocalCampaignsSQLTracker.db-journal
Filesize
8KB

MD5
e9b4c436b267cf3164dd6a6c9fc1fcee

SHA1
3c25a167727acc262eec63e61cf8cf608891900b

SHA256
7e771f99c5ad8e77e285a9dcdfed33c30bacb5a3ff6b845490cd1de0c9e38cb9

SHA512
347925227aec0348276c10ec65dfd5b96a43f6a2333087bc0ce27a8d710ba60d3e87980f7f38d140da1e64b38ebd841d19384122a5ae051760c6f8f2c24e311d

Download Submit
/data/user/0/service.api.insta/databases/LocalCampaignsSQLTracker.db-journal
Filesize
8KB

MD5
a7f605bdd91a66edc6d43f53c77bf67e

SHA1
dca9eeb2d880556921df2b3a08ee352f59085574

SHA256
23fa6d433c5c0054b3388cc1e1ed7e66d66ba651d89d55e93f4ea80fc7aa7ac3

SHA512
087eecfd58a5b4c72bfb5a2c811d818bb23320fe0b533763a8ce42c3834727e05389719d117835db89454d7a2b38aea6458d520a08c825bfc6bcc9520b3f524b

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db
Filesize
20KB

MD5
c920a07b750a60a7f0c9a3d123c9a670

SHA1
906b175ff00852667299321dc770d1a25c4a03a7

SHA256
f38d18b51f7dd05b6438a00957b548b1ed812e0d1b1455286847f5c0acd9bae1

SHA512
b9e74949a5181d1df4f5080b04e78feb73bd48db5a9562eaac768a631adc457ce360833c1a73abfa9f3fd1cff0c1fd719920de9b102094cea975a49be5a9aae4

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db-journal
Filesize
512B

MD5
84a4091f39f9a2028a88e091c1e981bc

SHA1
69975cb97a5b23b395d22ab83300954f11e8e50a

SHA256
721217e8b2d23abd38093c6c376f5f8f782817c9e108a896cf92e778fc94a73b

SHA512
e9a6201a29cddfcfb6ae6a9680f72530c766ffe5d532bf81a10a1a15bb6c7d03bb272aa48c37150750f0d43368b86bd5413fd849dc2b6598b092e74e715b8639

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db-journal
Filesize
8KB

MD5
efe8ee605d0babb3bfc1485b95d2ca46

SHA1
91f5dc0e40ffca922137e9dbd7852c6ea0b9b210

SHA256
c149ff312162aea9f157badd2ad10d2341f24fa3e50d727a9c4b2745ea90c711

SHA512
8557dd3e545943ed60ea5b3b50b377d90c7a1b00696d1118e569be2e6ce4d1fe2a63c103f0dcc6d71a765ed851357cc16c685fa1840a88da6c28fb87abcd44a6

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db-journal
Filesize
8KB

MD5
a4361e6a9f5e654ccccf6c91a1599b2d

SHA1
6f78d62b4c4430b510cfd383449ff88f700f14e6

SHA256
5ea88099511f6826410ca0012524945380f1af70b1b27af5c9fd798b609f0fd1

SHA512
8ade36031db60a0f8224ac7f7d137b38d8c139287582224417ae8882a93545d336a38943e5c79dcb20699e09c74851bacb46b7cacdceeef95e02864913ba1c9c

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db-journal
Filesize
12KB

MD5
5618e0ad59a6b486e3b77dbfd54dd09a

SHA1
c278cecc2e7a957be5128c19e915c742064f10f0

SHA256
abe1431dacbd8d1c42cfd91ae6f0f44babf13a6a40a0340fa9350c6d18722529

SHA512
cf90a2d3f23ad2900b7740435e49869b05a12d6cdde54f57bf92b7804e5ca195e8e81cce444a550b1ff11af233b85446e110a237575f36c105daf3374eef6779

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db-journal
Filesize
8KB

MD5
9dd03da592c5165ec4a168b2d2b0226b

SHA1
6209ed86203945eab2808263b7abf369a969e585

SHA256
dc89a935059a0fdff552136c2ac8cb8803c9d2a354ebf67f53f4b2e288045872

SHA512
3b0c0c8af2c628cb6013d0be28a165c720ee3b635bbcccd025ba73b3af696982ba30cd83838faa8ba177534c14a98ea506dbce8b21660757a097ed3326a37c06

Download Submit
/data/user/0/service.api.insta/databases/ba_tr.db-journal
Filesize
8KB

MD5
9eece8e621f477487839f7f19abb0f6c

SHA1
18fb0324262e8e87f665f217b7b1d110ab9d542d

SHA256
729282e24677817cc29dbeb9f50ed439cc79345c803919d5c7fe83c5050cc12e

SHA512
79b166c6e8558a1fac70765459172daee3c79fa18f614ef336b8d5a25c7e5d8e016eeeff265feb6b3fd2dce82bd71a861cf8b94dd618f4fbd64cf52cf4b047f3

Download Submit
/data/user/0/service.api.insta/databases/i_user_accounts
Filesize
20KB

MD5
09a6926c399a760f83b0de3e7e0da5d5

SHA1
9f05d0887829fdbad70daf7dc4d3324111be8060

SHA256
baa824a3c9c829d19a4d89fe0daac534a97f0a7eebf6ca15d9e12a24b0228e60

SHA512
d9b26a548c91e0cb3e54d997bccb7a01ad951231783dba79b10bf5a9e14c05efd6e29afd3006ec17dee93d69ed7cb6394da9ff96c099f475ff72467190d60bf7

Download Submit
/data/user/0/service.api.insta/databases/i_user_accounts-journal
Filesize
8KB

MD5
bcedf819b571aaf87f9648077e52d52a

SHA1
83908b76f713fb0c5681f78e0ddb2301fa604e92

SHA256
b7c16b43988f4196b9e9b05b77d04a245fd54f58412f22edc1b78c5d2dd6088f

SHA512
baad9c6132c4a894b499ae19dce525a0565539366a38956d0226d0deed05522c99d514612ec04b4c9f2c036c5cb1d5e465782a2d44ce6c8be7a6d329700f1e9b

Download Submit
/data/user/0/service.api.insta/databases/i_user_accounts-journal
Filesize
8KB

MD5
ee7b0aab95f6ae277c1bf379dd9bab2a

SHA1
be41922c9bc3e3d0f0f4781ab66840e0b984aa59

SHA256
450945f63ab3c553ef6f8709ee460aac82b4ef9b502ac9d02226d26549c7b8c5

SHA512
3f00b96f25924bfe6bb577b07d59bb7690339c5032a04acbe87b0ebbd53432ea3454849cd2465023c091ec7ec5f5a2bf4eb2a37c2419eb141a81d4748bfc3aee

Download Submit
/data/user/0/service.api.insta/databases/i_user_accounts-journal
Filesize
512B

MD5
aaf3fd018a8142d871d02dac781d64a0

SHA1
f5bf59af0985729572e81abca88fa46c55ce268d

SHA256
4507ebbbd8e9e62f4315d34b1a35955b6584d57f23e7c0831aa1e37ac8e8410f

SHA512
5a2db598b97b7fa19db2bfc4fe7f51dfccd732c90c80f89f4ac49156951de56457fae5526679011d60b03b0bb8cc63c43955c52ff93c5ce7e8bf7ce92bf46122

Download Submit