9aaab216f4a485006475dfab6e275b3a8ba9adb2439a3d7baadd14abc72c921d

Analysis

max time kernel
155s
max time network
167s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 12:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

honeygain_app.apk
Size

8.2MB
MD5

ed3a52f98dee0e529b4df3cd6505bd02
SHA1

8b358b1484693575364f95803b39e3ffd9ab62b5
SHA256

9aaab216f4a485006475dfab6e275b3a8ba9adb2439a3d7baadd14abc72c921d
SHA512

11688bf82de60ffae79ff14b05a39894b1703e4c579bace3c713c8dce98b037df3cac0b2adea0819ca20dd6e6f3fdf5e5366ae205a116a54ac9322724d37ba87
SSDEEP

196608:WQorOi96XSiHqs3i3jQct4P34JyWBpUKIBLvFl:WHQqHjQHoJyWnOb/

Score

8^/10

discovery evasion execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

com.honeygain.make.money

ioc process

/system/app/Superuser.apk com.honeygain.make.money
/sbin/su com.honeygain.make.money
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.honeygain.make.money

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.honeygain.make.money
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.honeygain.make.money

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.honeygain.make.money
Acquires the wake lock 1 IoCs

Processes:

com.honeygain.make.money

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.honeygain.make.money
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.honeygain.make.money

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.honeygain.make.money
Reads information about phone network operator. 1 TTPs
discovery

T1422
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

com.honeygain.make.money

description ioc process

Framework service call android.app.job.IJobScheduler.schedule com.honeygain.make.money
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
evasion

T1628.002

Processes:

com.honeygain.make.money

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.honeygain.make.money

ioc	process
/system/app/Superuser.apk	com.honeygain.make.money
/sbin/su	com.honeygain.make.money

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.honeygain.make.money

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.honeygain.make.money

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.honeygain.make.money

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.honeygain.make.money

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	com.honeygain.make.money

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.honeygain.make.money

com.honeygain.make.money
1⤵
- Checks if the Android device is rooted.
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Listens for changes in the sensor environment (might be used to detect emulation)
PID:4277

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.honeygain.make.money/cache/7d9f47fb28c3c8fcb9cdeb2f0c4a33ec.0.tmp
Filesize
6KB

MD5
e3e5816595d31141aed7eb0647f4213c

SHA1
0fe05a8e76aad76e68216bf0467d227f59af5d53

SHA256
2560abb3ec4c54638353e3e27132d90b842a5b04dce942931f667081fbc963a1

SHA512
9cecb75124def25621f3c5355526312814aa0058b3c21915bd325bb2c340f166a9760bbb6636df1685ada2865f3bf056940ea91839e680887da5822916341dc4

Download Submit
/data/data/com.honeygain.make.money/cache/7d9f47fb28c3c8fcb9cdeb2f0c4a33ec.1.tmp
Filesize
621B

MD5
34855cce4483dbfda18ff335c46ac67b

SHA1
77569ed8410c79fc69d8b88612521d19c8fee369

SHA256
b16062e686ee191b4fe6a3fe21db27537a9927ccb863fd84ccd7243155b8e970

SHA512
4bdbac4bf3679e16936e28a6b52b33136e59a85cf05f580c468e3b4e7f77f73d271c65c7d1ede1ea08c00fd296ee41ceb0dfb94e2623dd42ec377b074a7cc618

Download Submit
/data/data/com.honeygain.make.money/cache/journal
Filesize
123B

MD5
9bc6c74d2fe6d8ea0101425cedcf036b

SHA1
3a1bd2a2dcb52ec2561f176f3f2b2cdabab82062

SHA256
386c2c288e8a205a451d274a55b31c20413191e2998080c1d5190b1d1738d305

SHA512
1083d1ccf93c11ed77ab60b019b54ec81541de3b023731b8993542b46b25072c23000e1e13891dbe6e6093134edc0a4a768508c6dcf2c3caebb7a52675fe72e6

Download Submit
/data/data/com.honeygain.make.money/cache/journal.tmp
Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.honeygain.make.money/cache/sentry/e9dcf26a139bd3091e36ec8a2b6c408da3b2c29a/90cadf6a-7b19-47e2-80ff-5b36fe33caaa.envelope
Filesize
1KB

MD5
62534952eda2e6e590e509c52e51c924

SHA1
9169927e46eba6271053c599f40c818eeadb98cc

SHA256
a75508ae25d817a1e7f00993bf727b73a96209962b112c5fb1fe4f70c89c175d

SHA512
0a11fd0de5f69a880d415a0e5d460f8eb6afa375e33cd8ebf492642e932eb14a351c9430dbcc82b4489d3dfb6190c4903606ecacfd69978343f609308b4d72ac

Download Submit
/data/data/com.honeygain.make.money/cache/sentry/e9dcf26a139bd3091e36ec8a2b6c408da3b2c29a/session.json
Filesize
291B

MD5
4f05583bf2fac946948e88a3cba4d254

SHA1
aa95ba0587e7e06105daaaeacdb135ec4054fed9

SHA256
a59b4677cff65b7ef9870852210324d81b763145152425c36bda2bcc98254699

SHA512
f4839b27951f4f488081cdff14efa832ce369cb3e7ca77c92ae6868a5cb58ba87bab7008dad8caba55461f5c32aee69f7aca80a9461ad93f4434bcea2eaa4a63

Download Submit
/data/data/com.honeygain.make.money/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.honeygain.make.money/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
ca15d06bea4d8ff11ebdd694c30bb07a

SHA1
3799e97c88b7768f1c966147a508da4242a05a86

SHA256
6094da8110b63131a400a62d9216fbce12248526cffb37874b6cb50a228fe2a1

SHA512
ea196826d64055be3e785557756fa28daf313baddb776c11527da5c8085c8e010b7461ec50437269a942fd805dbf05e772f32b959d0ae1ca7861211f86ab5fa4

Download Submit
/data/data/com.honeygain.make.money/databases/com.google.android.datatransport.events-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.honeygain.make.money/databases/com.google.android.datatransport.events-wal
Filesize
354KB

MD5
d957c1c90b20d8a88b48033dbb6e47bf

SHA1
085ef44c5bb3ba7d0492858fff0a22915b0948de

SHA256
bc0f8c35e34b986abadf6b18fa8492252595ffa523a206c98a0311ef23335316

SHA512
4dead68351ad4ee7a5c2d0de1a546fdfde5cadcfd20139c60151db6b22abc744c63ff9318183970776ec553e23cca0c9842b29baa7a354913e10e384a17f060f

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db
Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db
Filesize
16KB

MD5
42671ddd0176aef02b3999d840103c4a

SHA1
93d374114974ab70e18cce635878bb48012f2b96

SHA256
ec7c0a34817e9170cdfae5048c514b19006eb35e5f8c6ee4f4eb891c9db15f8e

SHA512
12f93ee4751a2d1c5e4ecf6b47fd9b83d87f6cf15b3374784530ff98910a7a65923af9cd99a29e1e6349b136494211790625784ba1ac6a780c26080d424a7fdd

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db
Filesize
16KB

MD5
8c76d83bd25c33355436821bd130fc63

SHA1
d69438d08629f5faf54e7f93076965e75c86dd46

SHA256
a36e2a08e54d7d170f24ef7ddda7d9d0a30e936d362a6c66f6e1a6e94ffef8c5

SHA512
8ad7236a45cca1d80e3aa354a1b9b90abf88bd774141108ba983a9ad2ec5a707b9507c1315d16859e7ac0070e603571c9a675405f75e693f4e7d272af02d490b

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db
Filesize
16KB

MD5
1ff7802101d32be2e98d01638b74db26

SHA1
c55ee1a7ca80822a503edcea232e1ba1030028d7

SHA256
4c69d11bcb86096cbb9876171801682ae7584649ccfdf504f5a75a8c01fc1ee3

SHA512
2108e00cfe8de5386a4bbc3a4eacc21dbf7d7649c594bd8348499d7824fb4b6b4799283534669b353066c07d8846e7a1fd30a2b859a5e986f84ec556b479339a

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db
Filesize
16KB

MD5
a732b3fc5fd4961552c6dd08235c9e11

SHA1
fb4f74889e0328661a168794f5cdf0727eb89bbb

SHA256
cd4a385b6103b91917440f530096ab118b8547f764c978476ada911a5d6ee25f

SHA512
b74ccd1db4aec7f05043ab0800574205e22b0fa71e1dc628bf0efbe0d44f2305164b910f8e27a916d78deebe1d00c0c5daab49ee75ff06a0c818cc7d7ff37685

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db
Filesize
16KB

MD5
5a120ff2b891ea46395fa81e3ac09738

SHA1
afaf5c32068e5a7499a8802fc6074211af5ddd94

SHA256
d7ae60b836f0e9b12c519a2b0367913aea50dc8c74290ff4bd12daaf9073cc59

SHA512
a67eac812b297b5d3346305e6480303e27e4aade534da790334bb898c447402de17c8af1506662e562733f65e4f7777d60c8d2b25640fed54173194f8b084781

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
76bda54b8d262662847234118d5204c5

SHA1
01b099fe637c4b13c900169ad0310a3733527dae

SHA256
91ff682b5720c2e8e86d058d56e0733d71379347dba2ec93c777056775ad4c5f

SHA512
21d00ab8d2e196130e3760564d4a0e8436b043a16f5daf9361afc758f96936905f2396a22ffa5505a50df52d14d29858ac7d7e35516ff730a83adc6805307502

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
88fa52ac62632900b27f2e71b37470d7

SHA1
dbaa19b01cc2454d24b4d349bee0aa8ca44c6a95

SHA256
ce4f2e6e0cb3d4e32099dacb3a2e3e5105708e8b3f462aa7e8dd6d84cf290628

SHA512
a596b6d5b2db4e67b219af0368e025bb7ef81e9447c5d5c53cb2fcb7078fb10b2eb9aa5ef6be73668a12958b969d76f82fdd075909bb16ddb7b0ed54b1502044

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
38558c3b474c4c61902b246d0044dc2b

SHA1
e527037481c852682aca224b6f81c5c31b7ad2f0

SHA256
950ebb99e3a3a18c738f2d1ecba1fad2af40c3c87e4395181a0809b15f757659

SHA512
2b10880a03afccca8cb803775263a97f7671684ff2542215f13e92014959e317fbba07b9bf2e5fdf7e7b0937f1c81711533ab809e534872758b4cd78c63e1b8a

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
350d85d4085a668fb92f9d5eef4c5e61

SHA1
baba4dffe2cdee5a60161bba7b43689db9e5d16f

SHA256
b9c2e9883a1f44e9e27d4cbacd4d86c6005a9f01e0e141826da5b3a0b6d947bf

SHA512
97d2413ffded49c2246e212360978b02d44d6e60957f050707950b0587963d8b79c934f18fd71609bd00a8f6714e9ec0da69169811b51157baa04977cf4b5149

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
0afdcfd77e77b73bcc23a8dd0ba831d4

SHA1
8addad3fa8dd3eefc9dbc1473cd34b1026100001

SHA256
bff855c8e87c7e1c06c3f06a97dc265b1521172ced95dc529a749389a8311b04

SHA512
b633ece7dfc4ad942d7df2b54b8a9e27f917d48a58b9a7e20d5307294139a2ddf26619e8d8dd0ee3ffdfe34fc8b2b80062db25c6158b973fe0fb04cecc361abd

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
b13e8c44bb9ef5850a729a921f0f4d37

SHA1
b73e00036eb2d185cb9a6dcbf5c5bbb05d124b89

SHA256
9b379970cf27dece15572b629c68db8510d421dada60b8f393f6169a511f348e

SHA512
faedd03bb4cbf5bde246461f8fb8314252a708b5de017bb8846b4d56aafda680c30adcef61deddf1531113defd16254ac1340fb088c2b3733d74549bd29ce14f

Download Submit
/data/data/com.honeygain.make.money/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
6700b74952b164e5449666a5f06a0bba

SHA1
0e2cc50cdfb56114ed6606a87eaef23348612ef8

SHA256
b8765b3ce2b90b3751d8e2747c165cab5225f407324febb4fc830740b20bf47c

SHA512
0c2e17bf9c3b1be56f0a18bcd9b6c86ca0119aa7b8e6ace8b4343c293124149382fd1dfafb6e7d6cfc4f6b9573e69cbc4fcb7758c1d7674245682577a8e3674a

Download Submit
/data/data/com.honeygain.make.money/files/AppEventsLogger.persistedevents
Filesize
511B

MD5
9d26a076380df268a108a9d389a78dc1

SHA1
20a3f29eb76d0236d9064624e59b57aa4e199924

SHA256
bf438a2ab9ceaf75d69e792f69a5f225f0084fdf949f6a17836593d419b9298c

SHA512
f1ba4ecbd74b94e017e946fda4830a5e8f366c4b8a6d5936c11feb147dced14469efdfd1057d8d2f5968b0b6dfb2cb01d100fd08de6f5fe368a484f888c8e634

Download Submit
/data/data/com.honeygain.make.money/files/INSTALLATION
Filesize
36B

MD5
733e252e5deb1dbac44db562ddd80b3d

SHA1
a029a2481dd718c0ba3143e9fc953563536b800d

SHA256
a1c0cadfbdb4d1e52befdfcab73ef197179b1e86a8244f1850220ce68de1da08

SHA512
a4d9b2abbc8e767ac8f896cc9b2d848264aa84807501e19b195179cce93b1b365965c84254f24c453cb8518d63a70047c76892954fe93a1364f93620021b72e1

Download Submit
/data/data/com.honeygain.make.money/files/PersistedInstallation2005231687526714180tmp
Filesize
561B

MD5
b710b0fad833f17e78506a1241b8d8f8

SHA1
916683de937a002edb260676337d2dd22f6ad640

SHA256
fe224411bf4c6332c40413d6a326672bbaa1bc66e9155c2f460398ce735e0541

SHA512
829d112bf95863c9d195ea67bbf8a6de5bb189b9a8cf9f45bddf615a5423a13619b05a5126d2614787f4d3971e5ef921357f09977e05ac91417d116be4b119b5

Download Submit
/data/data/com.honeygain.make.money/files/PersistedInstallation8534877368007636708tmp
Filesize
90B

MD5
afb0fb16cac26ad00b713b318b5134a5

SHA1
291a66141e22addcf205d525a6e7b8949757f495

SHA256
570982cc347c76d6cd0d7bd91e80a6ec6d0654c24f0db138457e11e6e0fb2c2a

SHA512
2cafa1ef1af59e2029ee3660444552cd5636105517f8e4fd523f41888beb726f8cd8b4cf941de1423cbff8241415cc423ca0e5d5bb883a426c701a0697374690

Download Submit
/data/data/com.honeygain.make.money/files/frc_1:866932844520:android:3e2ba4026413c68b_fireperf_fetch.json
Filesize
1KB

MD5
e6609924aabf9bd8510a24b37e26ee31

SHA1
a1650dd61742fb904889533fbc54a0bbbeda8c26

SHA256
2261357862f700405a1f3b95f46ded5f9fd12038b14ba9ab1a0ea142cc752efa

SHA512
cd51a5bbe6578f9429795e2470c632532639bc1d395c65599da26b3dc3b8069c6635dfbfea9ee852057fef7ca0c7216154aa8987cc717a6d7695bc5ab099e0c1

Download Submit
/data/data/com.honeygain.make.money/files/profileInstalled
Filesize
24B

MD5
15d7f698c8fede7edcc6139e60fe2d68

SHA1
2c38d8a25fad5bc5893df94723ac02ada54534f8

SHA256
8c4645c8bd221d396dc61bbc433550388574f5e3ec7b6a71d9a1e7cdeba97be2

SHA512
cefc44db6055fbfe20dbc4be60f728ea7bf12850b796579efc44b2dac7f525a5e2a073192980c729b8b449cba5f53a9cc6285e362cd12dd5e4f1252c1c681652

Download Submit
/data/data/com.honeygain.make.money/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize
8B

MD5
7f8050fb277620d0ed1f93e3963923c5

SHA1
90d4f73ca446229881e4003b8b3898bc906c3d75

SHA256
cb07d52837391bd2b515574ebafe096b049c87d909e269ebdb223dcc403098ce

SHA512
84d1eff4119dc985f7921ce68683f7dd1006cb3b9ce6af3a3bf3d39278be59dcbe3e2a15bf89091235d324fd6e4ae76f3e8946b2fa8d5b1386f7b286f9f3bef9

Download Submit
/data/misc/profiles/cur/0/com.honeygain.make.money/primary.prof
Filesize
2KB

MD5
d3839436c5a031a399d8013498d1d8ca

SHA1
8cc86d288b2fde3fb8865aaf5917ebcabe172e35

SHA256
5cfbe4510533731713977c8db762f3593b8bd9946952337d48dc8bb4e94b93d6

SHA512
43e1fe1f4956389fa4d93133730b4fd3069f3fe52e6cd911d6bb364b518fbb1abaa42efe06ffdbaaaea8dd852529ee35ca6d2f2c7046439dd3e7e22e6d5ffe66

Download Submit
/data/misc/profiles/cur/0/com.honeygain.make.money/primary.prof
Filesize
12KB

MD5
59f9d1e32d04c6c53ebe0335acddcc41

SHA1
92e2e987f968f84f48238fd21ca89770cb6572f1

SHA256
5389d8ddc6ed04d6488dde8cd2dc42157c57750039a711b22dbeeb58a18747ff

SHA512
7a0c38da633a41eea9db2d305c0483bdb6be339926c043df4a296c54f79cf39b056154ced0f15b65b0c3f962c0cb96f65dc30a2ffe01c6a4802f03e959283f34

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads