075dc9852527fa3b451e5a31357d45ff2fb709b741f11ebbecb6107300f91610

Analysis

max time kernel
7s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
24-05-2024 12:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SYTV_Orig_v6.17.19_r.apk
Size

13.7MB
MD5

5db36e313296def1c07dc9de55d5c11d
SHA1

bde7954c3ad4969a9840a1300be18fc9a217c5e0
SHA256

075dc9852527fa3b451e5a31357d45ff2fb709b741f11ebbecb6107300f91610
SHA512

350bf44f75e926a4302dc518c584f1efa1b9b7e4db1c26327c81f31401a20eaf5d9b4cbbe8a206e5183128c9e9481fa32942d9419d5dee667c134bd7adc5afab
SSDEEP

393216:VUqFZM6RtEZM4TZABnWMRm1ne6kjA5C4F4hGSt:/ZtiC4ZApWMAVRC4asSt

Score

8^/10

banker discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

System Information Discovery
T1426

Processes:

com.liskovsoft.videomanager

ioc process

/system/app/Superuser.apk com.liskovsoft.videomanager
/system/xbin/su com.liskovsoft.videomanager
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.liskovsoft.videomanager

description ioc process

File opened for read /proc/meminfo com.liskovsoft.videomanager
Checks the presence of a debugger
evasion

ioc	process
/system/app/Superuser.apk	com.liskovsoft.videomanager
/system/xbin/su	com.liskovsoft.videomanager

description	ioc	process
File opened for read	/proc/meminfo	com.liskovsoft.videomanager

com.liskovsoft.videomanager
1⤵
- Checks if the Android device is rooted.
- Checks memory information
PID:4626

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0BeginSession.cls_temp
Filesize
77B

MD5
03867cd2c3a811a46a2fc1190d7f9a31

SHA1
348b0e2df293cd0c4b59ffbeaab412ff074893a7

SHA256
1371e41ae088c268036391e3059b0bea651e160f50c7db4e73a4f926fd6de37a

SHA512
82512b9dd74b346f1af3f53a2bbf1198f9ba81e9e35bdc4b0b4a456f18c2f3710d2b055114eddc661245c31c2099eb55dbfc1b069b7d915e9a4e8bf799399d39

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0BeginSession.json
Filesize
132B

MD5
906c4c3ca5695bfcd4f3d70b926d9f6a

SHA1
8508c231d8cd84a9dbc225cc4d0799077734d84e

SHA256
c0391c6c706ec569ee51e80c6a3c86f4a7b062cbcf0824e87df443881129b71e

SHA512
ceb7e5be68153a292dc2ac2d1e8d31aae8e619565a6008616a66e788bd3d1a00d9a890fd8ab12c426cc4b5b9521568854d974e32d0ecb3952bf0b0e7b7fdd585

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0SessionApp.cls_temp
Filesize
125B

MD5
e783f2d35693bb9ce501f3b8c7caa034

SHA1
bcebbf8193dc465bb7ae9ce38126a57e355379ca

SHA256
6fbf5a30be11c5a2c1ec0eeb452fed77909e61f3e1ccac2d6afe6d69495e9b40

SHA512
86e8257b15b662dc8a497945ca89eeda74a3081d8b34efa622dba961cf5245c81ff985fb4b6a1b481349ca321b971d1d172efcab76318721aafe71aabbf50d96

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0SessionApp.json
Filesize
239B

MD5
60c7db206648bc76d05021d61e2aa8b9

SHA1
aa3f855e0486eb8617b8ccd2f5a311cf5eb52fc8

SHA256
a217ab469254338cf964aeeb8c6c33bd1d5cf9a77c7299b9400655a852aa1818

SHA512
ebc66ebed16a232ae6550bb9f405c1e0bc7d8ec42f7352007a194599fcb7e65353d0b20c1bf7c4b0e15e0dabb00b0df8cd79276e5f2a7dc7b993f7ba2ff35ebd

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0SessionDevice.cls_temp
Filesize
48B

MD5
fd6372364a5c5c9cf8945ac3ea7a5d94

SHA1
3c798cab71f6ae7a81e71e58712368231230588a

SHA256
7400bf714ca32b64dd89440c9d5ace4e0115ddce44d169839e465df0e1638641

SHA512
a18b18d061dfd979bce1e0b769009668c322300e7174f51d2532e86dc6018769194507a106dd30b97317f8c1a7539d13a7baeab2900c1e00da7c74e899dab276

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0SessionDevice.json
Filesize
202B

MD5
eeeb942571fa704cf8ae49731fbe9789

SHA1
b5989c4cb932ffc779ee25bb3f7bfb79cf720427

SHA256
78809f7ae96de01e3922b6d3a134c3f7e9a0cbdacef313f70e8d9345bf5fbd71

SHA512
71e55c16f9f8fc936f8607448916bbfa1ba233b7120b8676fe11552916ac4dd3e3a7b0f9c31e14048933c8bb9c9d6d630ab7d28389f31749640cc965b2636565

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0SessionOS.cls_temp
Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6650830500E9-0001-1212-28D951FCD4D0SessionOS.json
Filesize
55B

MD5
fc1dcee4e422d77e7fab7c08c8a41344

SHA1
d5340127e9d5f735b9d33b9dc61c772fb0e2dc15

SHA256
b843f05ed78cd137c272ba7f0ce8ede3aa853098a856863e51d5c223b58f21c7

SHA512
3ec07617e3e1008572f6f2528de9d4b827050cc5a7cf19a1604c961f9ec370ede6f5fd83bfcc252c0ee286fe244ee6734046ef1aa638dcfc689cd4407a6a8f61

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
949B

MD5
d19ebe50176d87f7ee0a526b7ac0d133

SHA1
5f59819d000ecc67ea714a4c0bd4cdd2659392b2

SHA256
466c51aa9ca61c482f60624929819725a5bf61fdd8566e3bdad23957ab829dc6

SHA512
9f6badc3ed0270c087390eb966a90e6a10e1c87355ac0f2c57b4c6a9128775797cabeea69fdd5fb51b60b19180476dea5cb6a77e43a2a351efc474ec17375e18

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap
Filesize
443B

MD5
b92d057cedebc28a8765897bdc2fa73e

SHA1
e495ea27e3648153d96b161ecf943366188060e9

SHA256
92716bfe287f942b38f3eecba414927d753cdc5cbce1e710c3122da025caa1ea

SHA512
b90723dee1e8ca54f08192b40282f0d12ea43f2f40d0034fd70fcf30fd5bbdf0bdefa560e2b9399d75c5e7ba102d78a7b44afc8faab7b259233768fe79aa4a72

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.liskovsoft.videomanager/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_26f65c6d-9748-47fc-b207-200c6cb0ffa9_1716552454324.tap
Filesize
356B

MD5
704309d74a3a7073e6d9e3a81093badd

SHA1
a043fd9b30eb37b25d3ef202234461af301e5367

SHA256
0d6feec841faffcd7562b549db2b3c9e4125365e9d280ad26528154255942d99

SHA512
469c7bdbebea44471ba31435a7ab5a0b516f95221dd184c94b7a27fc0d0337a4b4c74fc753451b8e0789beabde41b88518ef17b259451896f626d9ba658eb73b

Download Submit