Analysis
-
max time kernel
7s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
24-05-2024 12:03
Static task
static1
Behavioral task
behavioral1
Sample
SYTV_Orig_v6.17.19_r.apk
Resource
android-x86-arm-20240514-en
General
-
Target
SYTV_Orig_v6.17.19_r.apk
-
Size
13.7MB
-
MD5
5db36e313296def1c07dc9de55d5c11d
-
SHA1
bde7954c3ad4969a9840a1300be18fc9a217c5e0
-
SHA256
075dc9852527fa3b451e5a31357d45ff2fb709b741f11ebbecb6107300f91610
-
SHA512
350bf44f75e926a4302dc518c584f1efa1b9b7e4db1c26327c81f31401a20eaf5d9b4cbbe8a206e5183128c9e9481fa32942d9419d5dee667c134bd7adc5afab
-
SSDEEP
393216:VUqFZM6RtEZM4TZABnWMRm1ne6kjA5C4F4hGSt:/ZtiC4ZApWMAVRC4asSt
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.liskovsoft.videomanagerioc process /system/app/Superuser.apk com.liskovsoft.videomanager /system/xbin/su com.liskovsoft.videomanager -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.liskovsoft.videomanagerdescription ioc process File opened for read /proc/meminfo com.liskovsoft.videomanager -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.liskovsoft.videomanagerdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.liskovsoft.videomanager -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595BeginSession.cls_tempFilesize
77B
MD592e0b270180e396a211ff8bc3e72cd35
SHA151819ef537c23a9b4dc77451ac6239406415de5a
SHA2567f82da722f413a1016e040af84482436577f747ecfbc0a41d4e6f4eb9f63cc35
SHA5126b5c197c5652fd34414a53e17fe31e183bd16ae348507a8e02b8f4118970649b52521c4d5a29c7efb019c90bdec1e070b08ba9eadae9b8bb0f2440867ffbaecc
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595BeginSession.jsonFilesize
132B
MD5eefc043c1600ad23c80731b54aa7f1e5
SHA1d224076a17e4b6709e7984b8726c1d7e796f1d3e
SHA2563f2d2fd5f9592bade20cabc5eaa0a513862c0eb16e1c8a12d6f8478f68eaaa91
SHA512f5e2f9f2cd1c66d1ee4ff629ea0ee71762e934aef454d43f768cf522c72433bb55bff0f0449cad9dde1602a1091b74b9a6cbc09917ece442593be6bc092ad445
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionApp.cls_tempFilesize
125B
MD51b31370dd515a7e70b7c58a82adc4b4c
SHA109943e06d8b5bc502f5b8ebc49f49d0311936223
SHA256e3298867cc4ea59f360d79d6e4fe5ac136147e0a49157aa9ec40d6d99dffbab7
SHA51252c26b7d487724c0a9890ffad283ce4ad96716b662b8cb3e77e1b8c2f776507eb03048623a1afffc73df27a9a65db3b05bf2a88f95bf8ee3e173defc4ddace02
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionApp.jsonFilesize
239B
MD573f4627e8d1905523775ec769fe1ab7b
SHA12c2053602af5b5c42b95f574a7751734f1b6d26c
SHA2565984f461236ea4780a8eae79243f9f75232c05fdf2ef9fb90f511d6c86018bd6
SHA512665f3f9c1897d333b081a13851ced9123cf84da1f341a94cb924315bbc9e87daf82af53bef95173ecc352516e0f8b6548d57cedf0c68bce58b405c1872e5abee
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionDevice.cls_tempFilesize
48B
MD5cf9cb0612d588a1f71b63084cea67316
SHA13d035bb92fd3f8997160cf8025c40239af74d3ca
SHA2560d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9
SHA51270f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionDevice.jsonFilesize
202B
MD575db92d50c80a89e068550028c62acec
SHA1d78ea55f5dc682e4da456d26383249f608fe894f
SHA2561dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2
SHA512dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionOS.cls_tempFilesize
14B
MD59b3d4522944ce6396563812bfdb92fa9
SHA16d2a6133c8f01938a48ccc77ef86ad8ca335c020
SHA256d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9
SHA512091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionOS.jsonFilesize
54B
MD593023624eb8dff5c20050da136aaae0a
SHA1acfd1ffed752c28fb135ba83c0c6345ddf2f6995
SHA256968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c
SHA512bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tapFilesize
947B
MD5d5d12cc03cdcc64db48ce2dc58ec0b02
SHA1a43c7d8d1c076a8b8acd07018f6edbd32a4d5cd5
SHA256c910484c3f0ae131251b82462564a3dc6f09b8fd519e9203806d5995f5adc94b
SHA512c5062e3373e891fbe24c5d78fda753fc5a1a94dd3eb4a1ab8cacee061c1d663684491a203d1e0c32feddf873030286f491933c95c01b67531ef83c1d8542b649
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tapFilesize
442B
MD59a3469b4843b333e546d1deb491c9429
SHA11c4f543a7a834aaa246b1f959dbfb35685ec6952
SHA25613f6acca17510866e3da05c505f83ec4847cabcd22277341b049ebd27727adc2
SHA5120bb8b559673d1f1373074c5ca7e45e93c29c24b167d00215d56995817604e852c2462f1f81a737c24918c9410c6df8b53cc6505958472d21e00af92b2307d4ce
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmpFilesize
16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_f4e27613-1967-47b4-b8a0-9b03f37ddd62_1716552570223.tapFilesize
355B
MD51dcad34f27a3e1aa8b0d1b8aa5240cd6
SHA1e68da9eaead10bc4ff0b9222e27b9da9a5a317c8
SHA25651f51b2f372a3364963216dc88006067bf628822e12383fd7224b4e32a15ec3d
SHA5125b11659772a545b852c773584f5cd071a2c0d6da0759f8b7cd9d2f93e9e3faa3f60a84c56fbc7473f7bb5190c219665414be8aec69d2bc95aff60717fa95b722