075dc9852527fa3b451e5a31357d45ff2fb709b741f11ebbecb6107300f91610

Analysis

max time kernel
7s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 12:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SYTV_Orig_v6.17.19_r.apk
Size

13.7MB
MD5

5db36e313296def1c07dc9de55d5c11d
SHA1

bde7954c3ad4969a9840a1300be18fc9a217c5e0
SHA256

075dc9852527fa3b451e5a31357d45ff2fb709b741f11ebbecb6107300f91610
SHA512

350bf44f75e926a4302dc518c584f1efa1b9b7e4db1c26327c81f31401a20eaf5d9b4cbbe8a206e5183128c9e9481fa32942d9419d5dee667c134bd7adc5afab
SSDEEP

393216:VUqFZM6RtEZM4TZABnWMRm1ne6kjA5C4F4hGSt:/ZtiC4ZApWMAVRC4asSt

Score

8^/10

banker discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.liskovsoft.videomanager

ioc process

/system/app/Superuser.apk com.liskovsoft.videomanager
/system/xbin/su com.liskovsoft.videomanager
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.liskovsoft.videomanager

description ioc process

File opened for read /proc/meminfo com.liskovsoft.videomanager
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.liskovsoft.videomanager

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.liskovsoft.videomanager
Checks the presence of a debugger
evasion

ioc	process
/system/app/Superuser.apk	com.liskovsoft.videomanager
/system/xbin/su	com.liskovsoft.videomanager

description	ioc	process
File opened for read	/proc/meminfo	com.liskovsoft.videomanager

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.liskovsoft.videomanager

com.liskovsoft.videomanager
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4284

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595BeginSession.cls_temp
Filesize
77B

MD5
92e0b270180e396a211ff8bc3e72cd35

SHA1
51819ef537c23a9b4dc77451ac6239406415de5a

SHA256
7f82da722f413a1016e040af84482436577f747ecfbc0a41d4e6f4eb9f63cc35

SHA512
6b5c197c5652fd34414a53e17fe31e183bd16ae348507a8e02b8f4118970649b52521c4d5a29c7efb019c90bdec1e070b08ba9eadae9b8bb0f2440867ffbaecc

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595BeginSession.json
Filesize
132B

MD5
eefc043c1600ad23c80731b54aa7f1e5

SHA1
d224076a17e4b6709e7984b8726c1d7e796f1d3e

SHA256
3f2d2fd5f9592bade20cabc5eaa0a513862c0eb16e1c8a12d6f8478f68eaaa91

SHA512
f5e2f9f2cd1c66d1ee4ff629ea0ee71762e934aef454d43f768cf522c72433bb55bff0f0449cad9dde1602a1091b74b9a6cbc09917ece442593be6bc092ad445

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionApp.cls_temp
Filesize
125B

MD5
1b31370dd515a7e70b7c58a82adc4b4c

SHA1
09943e06d8b5bc502f5b8ebc49f49d0311936223

SHA256
e3298867cc4ea59f360d79d6e4fe5ac136147e0a49157aa9ec40d6d99dffbab7

SHA512
52c26b7d487724c0a9890ffad283ce4ad96716b662b8cb3e77e1b8c2f776507eb03048623a1afffc73df27a9a65db3b05bf2a88f95bf8ee3e173defc4ddace02

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionApp.json
Filesize
239B

MD5
73f4627e8d1905523775ec769fe1ab7b

SHA1
2c2053602af5b5c42b95f574a7751734f1b6d26c

SHA256
5984f461236ea4780a8eae79243f9f75232c05fdf2ef9fb90f511d6c86018bd6

SHA512
665f3f9c1897d333b081a13851ced9123cf84da1f341a94cb924315bbc9e87daf82af53bef95173ecc352516e0f8b6548d57cedf0c68bce58b405c1872e5abee

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionDevice.cls_temp
Filesize
48B

MD5
cf9cb0612d588a1f71b63084cea67316

SHA1
3d035bb92fd3f8997160cf8025c40239af74d3ca

SHA256
0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9

SHA512
70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionDevice.json
Filesize
202B

MD5
75db92d50c80a89e068550028c62acec

SHA1
d78ea55f5dc682e4da456d26383249f608fe894f

SHA256
1dfc488309883b61beb3462567a9befeaf36bb475a07a7ecef2be60bedb4b5a2

SHA512
dbb81daa5fab357f087dc295e7861444f945eb4c3883a09926b47312ce526bc069266a8a24b2a5b4921fb13e797696c5824195f0a79317e279ccf7855ca2ee13

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionOS.cls_temp
Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/66508379033B-0001-10BC-8DC9C3C21595SessionOS.json
Filesize
54B

MD5
93023624eb8dff5c20050da136aaae0a

SHA1
acfd1ffed752c28fb135ba83c0c6345ddf2f6995

SHA256
968bcd7c4f1abed89a09cc0e6dadd238a81e8655e64196b39a86be49ceecd39c

SHA512
bb25dfa144d3f0e17203936c503c5fedec5f9ca710e177f99e273010ba4a682199d4bda5684151d65f3cb1549f4611b3a645ce39646d3db9a1b2c17d6b160579

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
947B

MD5
d5d12cc03cdcc64db48ce2dc58ec0b02

SHA1
a43c7d8d1c076a8b8acd07018f6edbd32a4d5cd5

SHA256
c910484c3f0ae131251b82462564a3dc6f09b8fd519e9203806d5995f5adc94b

SHA512
c5062e3373e891fbe24c5d78fda753fc5a1a94dd3eb4a1ab8cacee061c1d663684491a203d1e0c32feddf873030286f491933c95c01b67531ef83c1d8542b649

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
442B

MD5
9a3469b4843b333e546d1deb491c9429

SHA1
1c4f543a7a834aaa246b1f959dbfb35685ec6952

SHA256
13f6acca17510866e3da05c505f83ec4847cabcd22277341b049ebd27727adc2

SHA512
0bb8b559673d1f1373074c5ca7e45e93c29c24b167d00215d56995817604e852c2462f1f81a737c24918c9410c6df8b53cc6505958472d21e00af92b2307d4ce

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_f4e27613-1967-47b4-b8a0-9b03f37ddd62_1716552570223.tap
Filesize
355B

MD5
1dcad34f27a3e1aa8b0d1b8aa5240cd6

SHA1
e68da9eaead10bc4ff0b9222e27b9da9a5a317c8

SHA256
51f51b2f372a3364963216dc88006067bf628822e12383fd7224b4e32a15ec3d

SHA512
5b11659772a545b852c773584f5cd071a2c0d6da0759f8b7cd9d2f93e9e3faa3f60a84c56fbc7473f7bb5190c219665414be8aec69d2bc95aff60717fa95b722

Download Submit