e18cb4c0831a53eb38aaa0e5a70ba81f343a836f19cfe21a721068f80f467751

Analysis

max time kernel
179s
max time network
143s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
23/05/2024, 12:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

V7.6.6_ActualizacionVersion.apk
Size

5.6MB
MD5

a1c72e84a40e17c78288a7c71369530d
SHA1

4424328d8d9b2fe44e1d7db80db4ba2e42163b3b
SHA256

e18cb4c0831a53eb38aaa0e5a70ba81f343a836f19cfe21a721068f80f467751
SHA512

a9d8a3782dd31723ec745f2df360c4736d4de97f3f05e220dc015bdd45e88998e3951a3ba591d80801569271aff900175dfdcdc15738fbf53248ecd1e42f65fc
SSDEEP

98304:L1gKu7Qlu1m6DJ9/neYZT21iyfDUAkAejYbyt4b1mSyS9/xOTx:SKueqzjZTAYAkAe8byt4bX/xO1

Score

7^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.fanasa.fnapp

com.fanasa.fnapp
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5109

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.fanasa.fnapp/databases/dbfnver20210309.db

Filesize
292KB

MD5
386082a97bfb355842a0f571b27ac343

SHA1
b052c02dc75376286e4352b2e9a4d3d5085af836

SHA256
a801ec90c753a978b93e04d901f97dfab372297a6d525c0c33a0575021ec7564

SHA512
80a3527e015c266f9d9988caff4d466b2fda0dbcb5f8b5686816cf4ce5a22792b0f97f568fa9d167c5a3cd064d680e6f10e35a4f56c3a7f2ee3c7baae1fb9570

Download Submit
/data/data/com.fanasa.fnapp/databases/dbfnver20210309.db-journal

Filesize
512B

MD5
61368c08d5ea33eee906c0e768596b9e

SHA1
96fc86ee9fb916ad90e4b96debfa1c086a175ce3

SHA256
d1201d34e021c5bd7782b3a73b0fdeb06a41791a7282a937fc0c087060e01f4b

SHA512
66fa4d3bcbd6db92a92a467242721998e373c05977378fa85fa93b0b1b025123a8b454d7b1f3b5e8bb7b5d4d131f437189fe7d2a5a85d66b59a228cc431c25a6

Download Submit
/data/data/com.fanasa.fnapp/databases/dbfnver20210309.db-journal

Filesize
8KB

MD5
f44b7d5fa9add6170d04ff3d148250db

SHA1
1729ab763b6a8ff1bed1473bfd7109e5fb5299ab

SHA256
ff5ff813464978a2715766b3611513ea0d65876609eb3ae1f45b2d97153ddfd9

SHA512
c0f8cc56d1ba39ff41e1bad55e2f87f491a49bb7d6fb0f6359799b4de8267c51a7b3049297d923628a2d3e6c4e99db2b26ae70ee6b2a2e316694668e75c1b2cd

Download Submit
/data/data/com.fanasa.fnapp/databases/dbfnver20210309.db-journal

Filesize
8KB

MD5
614ad5a65cc2fda4573aaaa801bc004b

SHA1
196ba79bbe303f1446b226b46d0705dad499e7f1

SHA256
5c201240c06d9d6a8ac3d9c924a7d1cab014bf742dcf547ef189c814e5339ce2

SHA512
487b4ecc30de2136899752935debfc36d09a58298defb36bda8a79df86869f1970b51c1737a5dad8c7df20f461571f7fb5ca264750f4b4d0df86e32150360cfa

Download Submit
/data/data/com.fanasa.fnapp/databases/dbfnver20210309.db-journal

Filesize
8KB

MD5
0b2298c0bf93226162ef6475cbc5f6d1

SHA1
44e338340220f2a6c02ab4b407802be294999ac5

SHA256
7c1324deff92664fb2740e43e56094624bc59e4d6580f30792ac0122e04b051e

SHA512
93656e65764c6a7b855531c70c280924b56a464255fdb1c22ec6dc547569d2b02a6f488008b514bfcf24c8165da617c37a30c9be0e17b80dbbcf0775b72da646

Download Submit