Analysis
-
max time kernel
48s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
23-05-2024 12:16
General
-
Target
cradio.apk
-
Size
7.5MB
-
MD5
300582ae9c490effd46cb0da9d995ab8
-
SHA1
259cb0ece0f8c802c952d533bca6095a80cfbf52
-
SHA256
6a9227ed6976652f6815fa0237398393fd65e92ce38e0a8fbf9623aa8d98c4b6
-
SHA512
ed267d92f4a2e712e59750d83dc9884b1f9e313875458e13e6500cc0d500d151ab138b1234a39cbcf34cccad7323e6c51eb2af4799c1e6853615c8ffb77bd97e
-
SSDEEP
196608:J0aoSwgcCitBmIPEKBrkrcVxZfc5hwjsnkOzTHvzjm7:inGueHzAVxtcD2yTHva
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.gongjin.cradio1⤵
- Checks CPU information
- Checks memory information
- Makes use of the framework's foreground persistence service
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.gongjin.cradio/cache/1681310438574.jarFilesize
11KB
MD59be9b2aaedfbd00175da4ca9aee3292d
SHA1df4c68fe6432be3dc72f0ba4cf2b9f74c7423904
SHA2561d2c79f353a9a99d45110c1e8a86a160bf086d58662027912bdc7d1ff4776a06
SHA51267a5e085a9768aedd875bf133da6cde6ed320dece17437cf36f9d032cd96887fd3d78c5590ddf39a148835bac5d95447678c0fffa15919fedb7920eef447f164
-
/data/data/com.gongjin.cradio/files/data/0.txtFilesize
157B
MD5a470ae1420698ca211b89847459d240f
SHA19d56bda0200491639ee52921643e4edb2b2316cf
SHA256baede5ddb57b6eed38fabdd31cc932a59dd313bb8ad32fbe79e181715142c5cd
SHA512dc646382909cf137653a278995c9ec0fafe5bef9426abaef3375fd825bade777ae8af209292d2048a7515ccbf5e0ff0bb61b4b0abf2b184d6972f7872a0b79fb
-
/data/data/com.gongjin.cradio/files/data/11.txtFilesize
783B
MD5aceba982aee7fa31bca83a0e6c41843e
SHA11008251d8ba59b8310a86cf49bd6fdf73beae1c8
SHA25638d1e4b78b9ae08ef1e25132699d84beaa45d17e9da4a75da1feaf2673940ca1
SHA512d25dbb7ae80c6000371c9e9da1bbb61066b7b0dd2a08b5362d0100081a4a4de8c3187e3aa71300a30a2f2625c85643bbf8995b8cead15285653c9370a250b569
-
/data/data/com.gongjin.cradio/files/data/12.txtFilesize
19KB
MD577a87a07e79570809a0e62d62a704de8
SHA1e6082bb7ea6ac7374c0bd9c29556a4a06fa71e64
SHA256da85267a2380b4be91d8eee97c71ae4d17dd9ed89600d85dcdc1f661ae4b22ea
SHA512c21a7c705f33bd8739d15b399dee2839ca0ad52cd0548b3088c82d30d6acde16778ba485704f434446461a3f93ea7aab15cf14bf3689dd66f1291e3373ab2018
-
/data/data/com.gongjin.cradio/files/data/13.txtFilesize
9KB
MD5450ea7dbd1130f4b194ce9ad08ee3f0f
SHA121b4c9a1ba8084575b331f1782169242f5abc129
SHA25697d962e29fae03dfc8d8b1d5e098b7b734a57b21715f4c33d25d775608d79102
SHA51215494212ebab2e31a8b012e9b96c89dec89543950251effbf85c632259adf127b5339f48f8cb2f9e8985ec3af30de557ba06670d08f3896c7517e9c501f4100b
-
/data/data/com.gongjin.cradio/files/data/14.txtFilesize
4KB
MD570e7bd483e23ef8f5d0eb26755b37401
SHA17851a99d5c7603e4f8cb5c14970aaf0be5a8100c
SHA25653b2a7b912cb916978ca51869e45182e9eb591cd60c203ebbec6227d00b4d145
SHA512a1044b054d4589d84edc90b70fd394db340033291a6f94efcae6ddfbb3bf888d10380995286dd65c18b0648a43bddeb09f20c88fef8d661f1b4021ea57b181b2
-
/data/data/com.gongjin.cradio/files/data/15.txtFilesize
33KB
MD598ca2789e359f49f9a9dd7587a6b960f
SHA1f02f5489dcd212356d475c809a0cc36e63850937
SHA256a6105a96a30c33f3f5c98df9887586034076a218a0c3c110b5ecc84f393c541e
SHA512d4715df9e0df5a748c6aa47900ef31b49949194ba43adee6adf815860f3607599d95ac9f02633630fa01274208ac0c4df1152ac48c55392ef59d481133aae0c8
-
/data/data/com.gongjin.cradio/files/data/data.datFilesize
130KB
MD57bb1671a99a52db768d6b20bc637dd93
SHA1fcc2ddf499b846a4d9ceb7c1e2b65a6c2f5695b9
SHA25654e3d476de10f0ba5c96cb0bfeabd6cbdc2ac4525a7a26734ba4a239687245c2
SHA51208b8d2291e7b5552687eb62d660da8e4910914ad5311ce9cc6d0f6619c6bec660c7597bd2646a6adedc77345cdf30d2018d7dfd6dae64232a8f2d22f21afd94f
-
/data/data/com.gongjin.cradio/files/data/data.idxFilesize
19KB
MD572348f904acd8b148c1007198d578245
SHA11481cafc37d22d567beffc31f5e6a20eedeafe2c
SHA256725b257457b8dc6bc66110565086d49332ff05c41b772f2cc6f120596e6ab0ae
SHA512d7e751c1e9b04208f1cfadadd715606cfe18864fc53c5ea79ea71000a9d818b3ee8d1bdbdb12f7c26efc1c0693fde9a257859205ee96f4845a197e5b430edb3b
-
/data/data/com.gongjin.cradio/files/data/data.tmpFilesize
81KB
MD582d10cb8e6f83df378d03bc1531c38f5
SHA1907828f51ce713f3b4876626dcc52b24bb62afaa
SHA2567a0296e3a87375cc12c013c90842b5c161c15747a040261e26f1bda69c5c0d10
SHA512791d3590dbe20fdc4d9ccc96a94e6a64f67fd24d812982224bd92641b322c69966740ea9bcb3053b3b02c63b44c14385ff89a9755eb56cd75f9720a6c08baec0
-
/data/data/com.gongjin.cradio/files/data/update.datFilesize
642B
MD5dee88e78b33dc90a0ac14e7935aec583
SHA16304ccd6b911414cab1379c651e451a854031406
SHA25622b0d7326e2c5151814082428d68f29b29eae6420e8e65d255e4fa5d0d39fabc
SHA51286758bec4fb047f1e6c80dc87e7776b072cb516b9a80dc39cc6f8dab1fd5db52032bf5e91e3d5013a83da242f8d81b765c63cb9bfd9125098c082e7289c5be3c
-
/data/data/com.gongjin.cradio/no_backup/androidx.work.workdbFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.gongjin.cradio/no_backup/androidx.work.workdb-journalFilesize
512B
MD55ddd2aca5ad0efc9bb78d4b23bafcff6
SHA126bb8d3043373b190307eac508c2de76d78b4ec4
SHA2565d9d448eb94a928b1aaa51b8eb33cc4decd69ad0c4370824dd88692a54f454f2
SHA512d423e9f4e3a9a688cc6b9b1c583ac460bdca255840f9f92fb84a13af59532ed74962866c12a52bb7954f5695f84c71c2e4dfc30afbb83af8a5c852b56d843790
-
/data/data/com.gongjin.cradio/no_backup/androidx.work.workdb-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.gongjin.cradio/no_backup/androidx.work.workdb-walFilesize
16KB
MD5a319bca1014c78e8b3ed8884224b5ae4
SHA15fdf1b6983c40406a01e35cdd87f16d5e8cf44eb
SHA2566bd8b4f1f5ed90a75225ccc620c8ff11defe41061473989f6a38b8b19ca1d15a
SHA5129eb47480942d71ab501f9c9aadcf1313b1c86b630a2aff24e02042bf7ff9912c7074c1ff513ec05675a6d8ffdadd1a42c30624f94d695a2247fbc48281d08e63
-
/data/data/com.gongjin.cradio/no_backup/androidx.work.workdb-walFilesize
108KB
MD53683890f39dabcc8c29565ca5630e762
SHA19fe0257b10a132d4931798cf6f5bb64dc85d294a
SHA2568fdd1ada3cbbb7f32d282a1b3e753ec1258969bc130ca99b02a78f84aac34f32
SHA5129883f1e3512e45c0f4e13f1b9a52b77aa495932d0bdc65629a05d51dcbd7155c6c3d8453f47b6f5d33b72b3faf8fdb69c3028cab29f33acf67fa0f570de14615