816aa0e670012ff7a9e91fbdd65c56754c32ca54ea1793b9bb6921fc19ad98fc

Analysis

max time kernel
11s
max time network
141s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 02:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vivounionapk_v4.2.4.0_d74cb3a_201808271150_signed_aligned.apk
Size

4.2MB
MD5

3200674229ed57cf762fc3d8c5137b55
SHA1

0896d5f138545dc9ddbf0003518880d745c8fe0e
SHA256

333ee74803ab4b114d6217250623869c751a00f4748c826c19ffcd7b29476195
SHA512

31c96314a2b0d80ef3d6c04c0a6894b6a8ebff7e501fd48499ea0e12969ba4ac00cdd844caf839a16cdcffa5b51ee2f33af36a578dfd450c79c7e2bbc0c521ff
SSDEEP

98304:aQn4W5hESDzkY18DTTcDPPIKGPBhFI+sqFkSOO:aQ4W5hEIkg8DTTcDPPIK+HFknO

Score

7^/10

discovery

Malware Config

Signatures

Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

Process Discovery
T1424

Processes:

com.vivo.sdkplugin

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.vivo.sdkplugin
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.vivo.sdkplugin

com.vivo.sdkplugin
1⤵
- Queries information about running processes on the device
PID:4265

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1424

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.vivo.sdkplugin/databases/unionuserinfo.db-journal
Filesize
512B

MD5
da41123ca200d7dac778141508f2de94

SHA1
8a4d9a1144187290802b45578600aad4f2b25f2c

SHA256
ae75078e74e99075d63b3debdf23634b556333cac6a000451b78d02c97e0381e

SHA512
24ec3a77b0c586bcc362fd47299a51387b3d6e719be63f8461d480a34ab93ca5da3a7586010c834734d1d32e2adb32a066b81138d4fd595fd7962c238406d61a

Download Submit
/data/data/com.vivo.sdkplugin/databases/unionuserinfo.db-wal
Filesize
28KB

MD5
a7286e6d6c3aeaa5e004eff038b6b078

SHA1
8c7483c9083bfcbdb3dcc8e2d78b4dadfdf9fed4

SHA256
0ab13f0e7563c2b50a82264594e3e620f175c1e1bd2b6094009f7b87efc6d8a3

SHA512
e3346f462c81dde758091968b01b22ad1dbeeda1c7937d0a5e7681e29716af6512170c53a0d04818a1ad05ca42258eece7bf8b1bb02c8b3b21cb0bcbd529be69

Download Submit
/data/data/com.vivo.sdkplugin/files/vivo.crash
Filesize
515B

MD5
a002527435407a0ac01670b715f11084

SHA1
674cd8d833d324875ff7f2950a9c39345a1465ce

SHA256
c6b8a45871b5b03fea3c82c43a32bf82f4cc92be54c6fb0ce4300fbd44bb0f29

SHA512
93ddba5c97cb389faad5eeeaa5d9477cad4548606ef7d04b4548611bd4190074504fded17f685bc3656e67100ed0e987921a3d74411be3d5bddc84673d9c4c53

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-journal
Filesize
512B

MD5
5b947b043291c20e2c3d22d359ea629a

SHA1
9188cf105c4c33f2ab1283521913c4a4f0da0e47

SHA256
15e2ab10bfce0db49e4d3864b99c1b12fef78422de055110c158cf927b2c4f94

SHA512
4f9fd4dd4c2a46893b91af073c05ce03934a6864e7205a672d548537fef6536478b599b9ccfaf333173448a2e40769c3d0974cefc26c595b6e3ff5ddad5bc844

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/storage/emulated/0/.vivoAccountsdk/sdkaccountinfo.db-wal
Filesize
28KB

MD5
bbd52bfb995afa62bd4ef36719ab456f

SHA1
4032fc553f05a2d2e4899b3a3807f797e55b710a

SHA256
7ead11f0781f62a9eaf5f9cfe2855f3a0d7b92886d85059a27a71b9c50733790

SHA512
51d6988f7c10de351ce6f48b2ab4146e81a05991102dbfc9e8d9f1b673b28094a8d2a96169049634d725d745d248734d9d16862273a909e8eed0da5331174a14

Download Submit
/storage/emulated/0/.vivocrash/com.vivo.sdkplugin/timestamp
Filesize
82B

MD5
83abef49ae0975e7a5fc34bcf39a1752

SHA1
4c37b316ed212f3c0f3cef1c2a7f29a116165a63

SHA256
d115cb16f6cab304711115476a7f6796471ac8eb3842a849f36b67fa55bf244b

SHA512
c275f4784eb1c1a38a642fc6a9173778401fcf2c1d948d9465b313a3361c1c9f08354bde4b2dba1a2d88aa5c1cca0529487fd15d6541d273586377a53b8d6b66

Download Submit