5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b

Analysis

max time kernel
173s
max time network
195s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
23-05-2024 01:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b.apk
Size

17.0MB
MD5

c53693d288c5f5891d2a51290834d56a
SHA1

a86ca601046258565d0e26bcf5c57a781b208be0
SHA256

5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b
SHA512

8bc659d6b1f00460c2d243a7403d23dab5f777d22c63915b9cc1a9d817e67e71028c58b53eec8fc0f8a25843f5bab4c0e8b43a172b8ca5ebfcb5a44ba253b80e
SSDEEP

393216:IveEHRFEKvZeGb1pJXYXpNp45O78QUFw5N:m9vEKv4U1pJXgPr2i5N

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.houdatv.app

description ioc process

File opened for read /proc/cpuinfo com.houdatv.app
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.houdatv.app

description ioc process

File opened for read /proc/meminfo com.houdatv.app
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.houdatv.app

ioc pid process

/product/framework/com.google.android.maps.jar 5245 com.houdatv.app
/product/framework/com.google.android.maps.jar 5245 com.houdatv.app
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.houdatv.app

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.houdatv.app
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.houdatv.app

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.houdatv.app
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.houdatv.app

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.houdatv.app
Acquires the wake lock 1 IoCs

Processes:

com.houdatv.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.houdatv.app
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.houdatv.app

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.houdatv.app

description	ioc	process
File opened for read	/proc/cpuinfo	com.houdatv.app

description	ioc	process
File opened for read	/proc/meminfo	com.houdatv.app

ioc	pid	process
/product/framework/com.google.android.maps.jar	5245	com.houdatv.app
/product/framework/com.google.android.maps.jar	5245	com.houdatv.app

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.houdatv.app

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.houdatv.app

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.houdatv.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.houdatv.app

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.houdatv.app

com.houdatv.app
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:5245

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
77d63680f977f52aa8272221e595a02c

SHA1
c1f54f8cb663563ba99bd8df1a70c03424bb1070

SHA256
aaa888a8f4365d2bca8fe7664f2f1e21a3b545ddeef0b7eef67a7a8d3f795858

SHA512
2d619e67d44044317eed77ff963316cc64adaa9e0ef50e4bd381e7488c40bff0afef2df6c7f9cf3f88d7f005963c18f75eee24a246b913a8ad2559465c90604c

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
813262304b2bb7bd7d6b3c223d0b7273

SHA1
2418172cdab6d8c7c96dad2dd534679453884e22

SHA256
31559246783d59b3bba69e9e7fb5cfa69bd775d0cbbb3120facb928e575e5f39

SHA512
baa0d885aa6f0bdf4900c4d7132ff13e17461cdae2f1cea7b6275c54aa969193239e1c917d0783e659d3354348b672d4b256a346418050e1b5de964db2efcb66

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
1470eb0b611e78734a71438d7dc1412a

SHA1
08dd4fc0f46e837b70d1e0b6ba93cd20babac722

SHA256
377cf66d7392dc7b988762a20c8b06e9846cf177128756e24b2e29beed8f17b2

SHA512
60247731bf4f336c1c52c090be47680eda50f510d5441e6eadad80155081b37bf445d80e5aaf6ed58a0725558ce1d797178151a38682c29e3b69efe1e799ccf7

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
805fb988c01ce5889f18894bb7f39088

SHA1
d03f15dce19c051e0e2aeaa77ea839dd43e076f4

SHA256
4cf7dae32a1930d2d98378b264709f97d077f4687c672441f1a591da55b2d09d

SHA512
219c15d57ab15d923909cd699444a5e8bc2af912aa79afe363e30bbd5f123cdc27271279034f60841e53368d6d80bf7c8f212366d63232718b65b9df18d5afd3

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
b4c59234a08136df65bf497ba1692921

SHA1
560f87b1c906e4a13cc60661d6e0554b51cebe6a

SHA256
be34d3e03eadb6a499cdb77f3e40edca3da5938b5baddc50a259cf1e0829b714

SHA512
bd8ab4e7a84326a193fa3fa73d197f6f94449618804c9db522ee36094322d06e268792772eb4c84c00b3bbe1b6bb2e8f00dcdcc594011a52dc849b8bca81d428

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
3d515c114eebce77ae5dd4b22c170580

SHA1
677baa09f3cb61a5c0b93d39c20a83439b2a5be1

SHA256
a56dab51f494efe369b66ee505c375ae820a3edef2a1a5149a52b677cb4bfdec

SHA512
3bd83b07a984462f859a658a5b24af160557769189ea3e43a6435e2eac3bcaa88fba351a655eb3bebbdbca3284ac97ca57d09147b953fed78d04e8a7df5971b2

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
e10de24353cb5d0600acd6ec64674c2b

SHA1
e35c2ba9521b178c325e515ce48f9bd92f604f10

SHA256
eeadbb8b2b2315c9b093f2044ea6acab6906d1bb4385ed08c8e1d88e71090054

SHA512
32d766f2737d75a0c7b66d20092a606f5853da18b147da86c3761248c721135eb17ea01f36a8cd47042187d1016ff46f69de92500bad79983462feae04fc02f0

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
4KB

MD5
312771385f9e49ec8a72608b4ad0c90b

SHA1
395234c94c3af70a5c845ad48c29f0b42361c026

SHA256
497a4e74f658f0fcbd63006e34b555a8f8c28cbc2d8fa19167ad349bcc379542

SHA512
1399db85b4c8fafad7627ef4ae13baf2ceed4b719f9a23fc3eda2ee0fa65018b4226bdcfd2286496d0ba2c4a6dd87f5b0f32de7c28487c963829edb0f3d1bb30

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
5c1f93c326e0b36835861b8b2d6ffec6

SHA1
df8fd452b38802ffa21a5a905c34bdba0a95f178

SHA256
377114c4ded9e5dd8ed30ec707669a8b391014abf6cdb22bb00ca6839b3f6761

SHA512
93f64d8350e5b434b4b2e8d4cc5fe37f9f9756ba7139a94a23c3f94e82db7c5aadcac2141465e768ad9a82d82180d8e1afaa20c9d2a24361e6939b3e2551949b

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
1b36dc4bf4a82d6b36b09b9433332f9d

SHA1
e7bd9a215e5971f33bf0b28b406b27d5320c3e3c

SHA256
f583f57a421eeb3c3ac7b60dc1197706f6cb40b18f5eac1b4b07edfc328e61a4

SHA512
ff78ace4d42bfaef4bb1a62d2a0dcc13464248342215c808a87b08e741abaa532349791d9f0b2f1ef07ce6a8933298a9310df111512118df1074fb7cf0691cf5

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal
Filesize
8KB

MD5
19530a4b3539524eff3fc422de698371

SHA1
7c5a9648edd89b18a1762c896fafe6e5ed79480d

SHA256
c6f29ceb72b4ef2bb65db4a105cdee6a378ff2e29f5b11b0fc63e26614fc2bb1

SHA512
f58098fa78adccbdf28e26e1c3d2e9d4d6b7c78f6cc8f2c83744989f3646bbe404a566c6a2e0c5dab9373163cc7ddf0913c2ed01f3862777af02b45fc3c76a6b

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation1766822582454971229tmp
Filesize
562B

MD5
aefbf18e8ddaa64fd4ed48991cff238c

SHA1
f6eccb7f480a47fe6681fc919e8e9f86909bd838

SHA256
be800020ed59b58b9c21f9468679a141b320c5f20232ae7dc9705fa678361dbf

SHA512
cdc00098db99544298a79c5eebc41d11d97354b916190a5065380defbd672fa86595fa5a9f1343172e3678c32c29dadd31df2d21a9e86558b9a97edd836f6ef0

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation3779380433518286654tmp
Filesize
79B

MD5
70f7fa9026f60e26b1a7015fa8193b1a

SHA1
197355030f36bdc8b16c238b18fa6ebbac735c76

SHA256
c80776bc821fcf808037a5708c252cb7070289364050e63be2441aa9a7a82fd2

SHA512
49ce726b566a4d1b4256a9b9f7963a69ec974d53c46323c65584032c952f30918fc3df0fd7fb35198213e2be4b3b6f9b11f55b116b9ca7a8c90b3d2574279b64

Download Submit
/data/data/com.houdatv.app/files/font
Filesize
149KB

MD5
62027b7aa5859e5ecdf9a09a5ee7cdac

SHA1
91e36b6ef56ff61b29ddc8ff9a57ee1b0cb84cd2

SHA256
33413ebb0ff003b260a3ed3f9c6c327c0ca5f15b89a04fea1dfc73ce8e306952

SHA512
e8a09e9fb32db04a5a3b58bd47f8eafefa5e0dfb1cf9289f6bc0fe543337b13676f5700dcfb86fe277fba4179fc2febb34825b471c735ab357330eee8d642731

Download Submit
/data/data/com.houdatv.app/files/ico_share
Filesize
1KB

MD5
9769e88e084bee48eac8c479b429a556

SHA1
8bd33f69407f65bdc02453562a356bb51f581f56

SHA256
003772e5bb3502eaad74c39dcc197ab9009d9c0f0b679487b83b8c55eacf2332

SHA512
d8164f54fbadfa95d785519c622cdf5d9affac22eff67acc352dcf00266bd5407e9e2fea01d158d59a1e71744a0b28609d75763489f7b4a13fd54a09f489ebb5

Download Submit
/data/data/com.houdatv.app/files/splash
Filesize
99B

MD5
3be54e276c1ac41c4a0618f1df4e4ad4

SHA1
ba0c04e100e92a18a9d31c1da59d77e861d6055c

SHA256
be5d3cf6c8cddef930d412bc15d8af24ba654ca0961d6659b57ca7554866326e

SHA512
e1cf440871316ae3aa76e06821f49b06cc2429f4493317ba812a1cc52a335dbc7452815235cb5c625158c44dfccc5ce74de0543be7c6edac1a4bfc372639e30a

Download Submit
/data/data/com.houdatv.app/files/vinebre_ac.txt
Filesize
19B

MD5
1f0701267a3e69dcd7dee13a4c3c7263

SHA1
86f0a4f33932b1d2e6eeb467e55fe2e3564b2250

SHA256
55cff20d1f0a2074cfe9b2fe79ee094c3b6103a0841cb76837fd69f10e6eb236

SHA512
3e4dad03f475d2a54ff30a0dd6c0ff479a2c64f8cf21d9f935ce91a0995af5af184e00662cc51152bb23b596f26bb2a08a938191630f8b1e0d347255278c114f

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
e4b450eec2a4606c42e0b92ddb0939ab

SHA1
7137d6fc4f10440eda55387eee4961d2b4bc7c9c

SHA256
8d7066f86f523dfcd0baa05ca98ec9edde506dcebd3f22b3bebc358440786180

SHA512
edcb980a898258a934c56cf33a917f8c2e3f56e53fe5e9bdf664f327e01962d930e1a469da2d13bfffe5f211eb211dcbd8294eb990cbcc1fccc7c8e29ec22609

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
0577ddbe16fe4bd2063debbc5b9e2f02

SHA1
6748a4ce79e21481411e241d5ac9686c1bf98e27

SHA256
bcac48bbabed6753f764ebeaf9edcc6241074afdefbd0b18654522a20e60f0d7

SHA512
36e65d440fa56a1a9ef947d65cb57cff3b8b1c94942344a9ab9d293850bb5eeafe49b98a6672ffd0abd8d8015ffef7cd8e51d73283e35cab529893af33e058c2

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal
Filesize
108KB

MD5
6e2f2ce8f6b8c4cb2519ef3b350327e5

SHA1
b6535b398e28ea23033ba0d9c9a72eab6a16a420

SHA256
4053ceea84528b0aa373cdfb3bb31874ac60f609062bb5ecea29cc866b263d3c

SHA512
b033366b00e38f3a10f80c011c7ba513f201d1d91faf0db4c81f465a1fac063eea23cd43765e2909bc1363de1411365b40fef2bb17686742a07d167fda26802c

Download Submit
/data/data/com.houdatv.app/no_backup/com.google.InstanceId.properties
Filesize
2KB

MD5
e41339563a47d72303ae7301e3b72ff6

SHA1
5aa2f26bb6d8f18a7bade0f339cc3354daee6c80

SHA256
60575d0eb827489104487a58b7c820b7e7655f052a52bbe80d60facd25ce9fd1

SHA512
dedc52ef4ad910ec88316de10604c1ff6e2ee6d6a0191a87036256834851128d0f1187185ce19af5a535b5d827646443441effe6b87a5a62db20cac44f211064

Download Submit
/product/framework/com.google.android.maps.jar
Filesize
315KB

MD5
4899aca36d1ed747a447dcac0d101a62

SHA1
32e43edc0bf3e036683ea8639472e6cd31ab9929

SHA256
67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

SHA512
50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads