Overview

overview

10

Static

static

10

dad371ac05...1e.apk

android-9-x86

7

Analysis

  • max time kernel
    31s
  • max time network
    146s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    24-05-2024 12:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dad371ac05fcaee039d6dc6ee76886362dc890fee5dd2fe63eff21219c04fe1e.apk

  • Size

    10.2MB

  • MD5

    4ec1ec4dbcb62e5a6821046d5c6d771e

  • SHA1

    7730695d5a5dd63e3b985b5b5e91f5ddcb90512a

  • SHA256

    dad371ac05fcaee039d6dc6ee76886362dc890fee5dd2fe63eff21219c04fe1e

  • SHA512

    7d007c62f77412b42f799d5b21a271b7105c94b9ff9c3b0716d6f1d04c3428f96b593c315ca0e925bd6a4f23192d3b5a2efc4edb7ee5abc14726e1b103be8d63

  • SSDEEP

    196608:iO9FHhdTaDVQ0QdH4ZnKqZY6FmTfNMpeRjO3E+DsChFhJ/2QFCpsqE2DZtLMA:iO/BdTaDa0TZFoTfNo3LsCD7/2T1ZtB

Score
7/10
discoveryevasionexecutionpersistence

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 8 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • com.frvr.fieldgoal
    1⤵
    • Checks memory information
    • Loads dropped Dex/Jar
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    PID:4266
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.ext.jar --output-vdex-fd=47 --oat-fd=48 --oat-location=/data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/oat/x86/fieldgoal.ext.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4296
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.dat.jar --output-vdex-fd=47 --oat-fd=48 --oat-location=/data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/oat/x86/fieldgoal.dat.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4393
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/TrgdqwyZd.dex --output-vdex-fd=47 --oat-fd=48 --oat-location=/data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/oat/x86/TrgdqwyZd.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4416

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/TrgdqwyZd.dex
    Filesize

    2KB

    MD5

    6811dfa770557f944be36ac93c63c2c4

    SHA1

    22f054735adff9a6cb8f5e9cfa5110ff3bb10ebe

    SHA256

    07d1612e55d00e224d35b545da1f8aeaa9ba013596b742e77cfe7c00890c1d56

    SHA512

    e86f011f86211296323c33a255665a43d50ecca77d0d69b31af2861de1a1ca6e9451a55e8e260644d749d23afae9233330ec4f81e791e0f01788ca069b8e6d84

    Download Submit

  • /data/data/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.dat.jar
    Filesize

    3KB

    MD5

    fd327e01fc71821d2b808a03ebfc49e6

    SHA1

    f6b8aebf25afce834c25678f9dd1726953d3bd67

    SHA256

    947c7fc669b674017cb19e2e4385bf2715de711dc023d07846cfb6daa4bc058f

    SHA512

    ce538c9ab72bff998d56fd802a96bcf6d97da6b0997f170ad89f7958f0bf988af528c9501533ca39d57ba861fee2c70d0755b420f4a96aea2e50760e67b1f433

    Download Submit

  • /data/data/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.ext.jar
    Filesize

    2.5MB

    MD5

    cca8ec13c13cafcb9230b5db2c37e0c1

    SHA1

    f891a725b712ff1e0597edc80d4c74785fac8763

    SHA256

    6362050b9e2e27525fccc94fbacf783b92244a74a215cd0c6e015325e360cf77

    SHA512

    7615bd27b5dff92bad6647161d1502a4d623b2999562e3e84d6ff4295581e656623c69357a003369e8c451c5f5e9fa356fcfb28b49fe7011fae0b6d30165e3b1

    Download Submit

  • /data/data/com.frvr.fieldgoal/databases/fieldgoal.db
    Filesize

    2.7MB

    MD5

    9307d0c700ed10ec34e88d5452c15559

    SHA1

    0e88a847262b673cd4c5f9c0e80b11c640f93458

    SHA256

    9de3421e7a29f38dd4b924e49919ee8c30ae6c8ffb4c30101e67e835b97db935

    SHA512

    8505c3a3c78a139e02e3f690d1a9dcb8d89451c07a4a535b8e3308fa29fe8a6d0e7865ced69c037420be73809de2494fbc3dd2735d6ec6b6305cd4cfb9648fda

    Download Submit

  • /data/data/com.frvr.fieldgoal/databases/fieldgoal.db-journal
    Filesize

    1KB

    MD5

    797264137e6f50ef8c698fb24ebf0d4e

    SHA1

    076b6ba63d045c0f71e8783de748c652c330ce34

    SHA256

    c65db19323b26c1a4e5435732dc38df1da1db6ab2d00fedad64adf5daac28b6e

    SHA512

    be09f703bad807fdc92ce6a5817a45d205b913019f4b12cc2707dbba24e0cdeafd920588d55e2031b3dcd5867ded06b3d49406215ecc67f33053fd8cff4ec623

    Download Submit

  • /data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/TrgdqwyZd.dex
    Filesize

    4KB

    MD5

    3e031fe2a5ad88f1d6b0ea2838a76006

    SHA1

    c1a7648c2e81c9f5199320c3962d481cfaf44b11

    SHA256

    3dd829063b0617a6ea0defbccc0dd393e7076bc06850602503be0802b869a268

    SHA512

    a29ac2f858d3ebb1a47e6299e3fa86a92c89276f8c387f91b1dc4c3045cab2803fce662aaded488be484a4188df6e100a75027a961af3010cd0c2cf4ce6619e3

    Download Submit

  • /data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/TrgdqwyZd.dex
    Filesize

    4KB

    MD5

    e5b0a16308cd121d14e68c347546aac9

    SHA1

    7160f500ae51054f102670f0223085b878f4b44d

    SHA256

    0e1035c6e70c499a336494f0b63ec80fd0e88b00f37e41e239d1ad010dc4ae6b

    SHA512

    140be091484aed9133f27b7fbf647fc402b66c351ccba3ad2d142a58fc2cc47526b10d2adf5153362dba718b6ae4329c724133ec099c82792008fa46b08aeb97

    Download Submit

  • /data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.dat.jar
    Filesize

    7KB

    MD5

    ed1ff72138ad0f8f58ce4a52c24b61ed

    SHA1

    f8bfcca12b5c1fd2f840be30bbc3437f2f657114

    SHA256

    a06bddce82a5b4b1a184853b16a44114c65bb9028c3945094c00082af0fd5a86

    SHA512

    b7e27457083d451ea1f0400faec6d2d668ec270bdb091888c6c31340c4f9fe8493168bc40910996f4e4fcec69db697f547d9d0f4864fca524355d72eb705aa5b

    Download Submit

  • /data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.dat.jar
    Filesize

    7KB

    MD5

    8eb3649c30fe58d5e53f5b6dee8a07d3

    SHA1

    fc9222a04810a11662e28c8272d26e6173be968b

    SHA256

    d0973f99cdc7f38a25171f854c61a0e78ccbd9b6bb2157a9bb4aab27f3920294

    SHA512

    a6d557b01d176916eec95d70efc63942e53b38281b88e7eed8ed1e17267c377cfa720fa2f0421c65d23352a57812bd9b9c91e6ba1b189c2213e1e4f2d48ee31a

    Download Submit

  • /data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.ext.jar
    Filesize

    6.4MB

    MD5

    a7d1b5a55bc8a575559b536b87a114eb

    SHA1

    92917c3426de89184f41a861ad19047f029f48b9

    SHA256

    35863cfff0124d51308475c5f6b933688cd96ad879804348527639a253bcf7fe

    SHA512

    0ccc617268736d42de04cc8d2bff9c196fe685f16b601707a9c09c1383f2190b24dbaf77b61f6b49f7a2e6c24461df14769efd68ec5769cfdeb0957680fb0051

    Download Submit

  • /data/user/0/com.frvr.fieldgoal/app_jjcf7u96t3hu9578ehfr/fieldgoal.ext.jar
    Filesize

    6.4MB

    MD5

    859ab3d16841688db70f2879bdae6032

    SHA1

    6df811a0651ece59664c35992093fe12a25aa739

    SHA256

    6eb4d474c75a3c355c59f0b433910d9552f98aa8ac177d27e4d87acb76b7fbb2

    SHA512

    b2101f07de37c61dcd52e5c156277d5a7f8f562708da682056b0481da7fd6f7f53244cbeda8d2e1226624b5533c3b183196182bf6153701e1f5ecf6dd3c695b0

    Download Submit