f3f4d70049d3157bff485b929076defed0efa6e607afcd02306845b831e1171e

Analysis

max time kernel
48s
max time network
152s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23-05-2024 12:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

op_abs_smk_1_1.0.apk
Size

131KB
MD5

5b14debb0c303ce6fef227d3c3f1d8e2
SHA1

c7652b8dfbb187e54438e9381af5118e0df5f7cf
SHA256

f3f4d70049d3157bff485b929076defed0efa6e607afcd02306845b831e1171e
SHA512

d46a85a937360b796936a95a839d9bff9972a54ec1aa1285620eb612ba8d2103bc608cd80cea033d269072324d7cd8b13cae69465895dda135d1309d54fbc4c7
SSDEEP

3072:NvoY5iq/p6rmNdaZjPvqoMj/73hBi0kjfFcXIiPT:1oGD/qmXsjhM540Kf5i7

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.smkdipo2rawalo.opabs

description ioc process

File opened for read /proc/cpuinfo com.smkdipo2rawalo.opabs
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.smkdipo2rawalo.opabs

description ioc process

File opened for read /proc/meminfo com.smkdipo2rawalo.opabs
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.smkdipo2rawalo.opabs

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.smkdipo2rawalo.opabs
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.smkdipo2rawalo.opabs

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.smkdipo2rawalo.opabs

description	ioc	process
File opened for read	/proc/cpuinfo	com.smkdipo2rawalo.opabs

description	ioc	process
File opened for read	/proc/meminfo	com.smkdipo2rawalo.opabs

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.smkdipo2rawalo.opabs

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.smkdipo2rawalo.opabs

com.smkdipo2rawalo.opabs
1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4232

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads