02bdf2f45ab0c1e3e786c6aaec1fe4382499a8c544c0c3c88b91d3cfb3c93ead

Analysis

max time kernel
9s
max time network
1831s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22-05-2024 19:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ru.zdevs.zarchiver_0.7.2-720_minAPI5(armeabi)(nodpi)_apkmirror.com.apk
Size

3.0MB
MD5

a897c042775a0b6b58e29435ade381b3
SHA1

7f35b1630de42fdc4cc143e8c18dabcdc7926cb2
SHA256

02bdf2f45ab0c1e3e786c6aaec1fe4382499a8c544c0c3c88b91d3cfb3c93ead
SHA512

e76b4889aa56063e8517af3079f916dced1f885e74463f587b960c213bbe662c59f6696a447648f982f05cb8300548f85576b797b431832a0fba546cf6244bf0
SSDEEP

98304:3gqOweO4GKV27tSVvI/Y8Ix08CHGIWf6oRKS8:QqOw2t9ivKd6GzA

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

ru.zdevs.zarchiver

description ioc process

File opened for read /proc/meminfo ru.zdevs.zarchiver
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

ru.zdevs.zarchiver

description ioc process

Framework service call android.app.IActivityManager.registerReceiver ru.zdevs.zarchiver

description	ioc	process
File opened for read	/proc/meminfo	ru.zdevs.zarchiver

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	ru.zdevs.zarchiver

ru.zdevs.zarchiver
1⤵
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4331

ru.zdevs.zarchiver:Service
1⤵
PID:4365

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads