dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387

Analysis

max time kernel
179s
max time network
147s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 12:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387.apk
Size

1.6MB
MD5

b92d6293a171226e6b932c71a1dddbbf
SHA1

79664108e90d144fa109143f91a5e297ba20da80
SHA256

dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387
SHA512

3965314e69d4c52758b76fbe605bc1be6cc70b191fdb50be0c6d55f3fe1fbfb6af603cc3fc72fdeb53e8d686e186d0d6574e3b44961b8217f8bb1d8f30b095a4
SSDEEP

24576:32PiBPX83UMau1jKjbjEgyI/zV0C3FyqoEhpMjQ4OFXiWV7ALtmX9bFd:3LX8+uYjbjLyY1miLCLtmBr

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.greencity.highdive

description ioc process

File opened for read /proc/meminfo com.greencity.highdive
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.greencity.highdive

ioc pid process

/data/user/0/com.greencity.highdive/files/7a5955f0.dex 4310 com.greencity.highdive
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.greencity.highdive

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.greencity.highdive
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.greencity.highdive

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.greencity.highdive
Acquires the wake lock 1 IoCs

Processes:

com.greencity.highdive

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.greencity.highdive
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.greencity.highdive

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.greencity.highdive

description	ioc	process
File opened for read	/proc/meminfo	com.greencity.highdive

ioc	pid	process
/data/user/0/com.greencity.highdive/files/7a5955f0.dex	4310	com.greencity.highdive

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.greencity.highdive

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.greencity.highdive

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.greencity.highdive

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.greencity.highdive

com.greencity.highdive
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4310

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.greencity.highdive/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.greencity.highdive/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
3f163ada6479df75c00572ff69a9c93b

SHA1
f2ce07240dc285d85ae2621e53724f2dd415fe85

SHA256
559482d070b9f2b07ffbca59fe456b1b13cd230996fed66ab0210c80d116ccec

SHA512
897707341b9f88aed357f615ca616ec33a5739dc237887b3dd39cffe4b1fe8537f8bc1905f9c405e1a9964b77a75d24169ae8521ada8c21bb099e9dddcb9a99d

Download Submit
/data/data/com.greencity.highdive/databases/com.google.android.datatransport.events-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.greencity.highdive/databases/com.google.android.datatransport.events-wal
Filesize
52KB

MD5
d438ccd80f5aad9b40b7a27d6a85b145

SHA1
20285f1852e32b3e1bd7533f3b34cc2515cde976

SHA256
b0e93cb9ea38a611a40397748223bd922373ab4b2945baea9a0c19e06c54334a

SHA512
4b50ec63df3115761e648461913c55a00bdfd818ef129c02447330e8037158c5ef3dd905201e44911885cbfa158d722d447c0e6ffda9d40bbbce01e7a383202d

Download Submit
/data/data/com.greencity.highdive/files/7a5955f0.dex
Filesize
261KB

MD5
6541f54e96e194c048387b57f9422f28

SHA1
d5e6cdfa18ff910ee848e498edcb57190a346770

SHA256
c25c28bd3de1b460f42aa6210f77df7f605f7e1bf4ae78d72531d9dbd453bf31

SHA512
153e393a1631e4bd06a5147ff004a8d854805da71d7325cbe586edc6ddf1499a408b63cd0f1217231fefa532003f347d0fe076d199cad7a52ce3b0325e7cf5a2

Download Submit
/data/data/com.greencity.highdive/files/BGEaUZrY
Filesize
495B

MD5
b52101b975342797f31e5ddd674cb32c

SHA1
267368b2ea5acd703e990b2ed129795dd82f3bf1

SHA256
0d27cf2882e0439a1c52c165d711645f712471d15bf7e02f40313c2c3a88408c

SHA512
cce10e376601eae7a49d6d3f627fd91ddf3234ca8c15c5ce648af89393f2d9ec47af4af2a5bf8f80baef27c6804b3859436069d7e5ceccc88fabcfb728904e55

Download Submit
/data/data/com.greencity.highdive/files/BGEaUZrY
Filesize
743B

MD5
385fb5930d25df3bf6cfb5dd696ee152

SHA1
4000fcf7b3b7abed09edbd99de9720ab96f2a632

SHA256
e6df7f45bf239ebed06ff894e36edb1fd58b0c3f990fa635115f6f2bab023556

SHA512
178bc0ea995e8da0d04965cb4dbb9b5c102880ec25c9064d8613c8d4ae11fcb7c0c42730f38b3c1aa3a564214d9dd4f2fe092dd81ff3e2eb5e24c57062b23588

Download Submit
/data/data/com.greencity.highdive/files/PersistedInstallation4988131926035807111tmp
Filesize
90B

MD5
a2a8302b00774f9159328fb9ca2f660e

SHA1
d62f844bf32c1d0a3cd170251f03603e0195eb79

SHA256
50fef815c0a215e93258e0d5ed993798cab5ef089b056b0a07864c80e1b98e9f

SHA512
b5514107dd4473e446e9980ef38566f5d6f115a3afd2cdc2db501e4eaf9df362edcc283a8eed581cf94cff28417c38574b6b9969520d6fa8b851082da4cc0201

Download Submit
/data/data/com.greencity.highdive/files/PersistedInstallation8457414724973253321tmp
Filesize
570B

MD5
3392c3c74416aa6bcf9630bcd81d7e28

SHA1
74fc57fbfe2a3f3fec804b7995794892f1081e64

SHA256
009a83577baffeb396c8071517f443f2549d69300e4a43ad3f9586b741d78ca5

SHA512
58ee272d68bdd969cb85420f2d22570ba7fb287567b3a0103eedd46ec21b18226c9a06c8e4095a394a2477f27004f58d7d14e77c5dbb6ce4850c21929d62ca14

Download Submit
/data/data/com.greencity.highdive/files/TrPJFdsN
Filesize
336B

MD5
1d4609284914f71c47af19533a460464

SHA1
a6014ef15541337cda17c14d39e88ff6d823e430

SHA256
aab931c323b30d9f415c7109fb995caa80a1014ac101732c29cf727f017fe42e

SHA512
a79eecd7d5735416a723ec92990d55b46901fc02dc8723965ade130a2ba272971aa027ad74203ffc0fff41df1758248b286356e0ee5971317a3e40e298ab426e

Download Submit
/data/data/com.greencity.highdive/files/TrPJFdsN
Filesize
336B

MD5
830a971ce2cb8d62be1e532cfe77bf46

SHA1
ba69c9ed8664d0335f0d83e8f0e51fcad91e85af

SHA256
1737a5623b7c9916fbce857bb39cdaedce2a6184215d2db4ab9960d089033bd8

SHA512
c23ba430584dba61b46027fbf2423f93e2fe75238cef75baa88cf8849c477ac60c3ec9f581494cf16eec3b096a88925551ba0b319acf08652d5375b1c1ff62bf

Download Submit
/data/data/com.greencity.highdive/files/TrPJFdsN
Filesize
336B

MD5
75fc68ddb9ef4c174c1951cea83e7567

SHA1
b1a48938651e649f721031ba3c3322513412a094

SHA256
8411243688d380f6f9fca0661873685b68a71289db0500c4541b5cd9bbe5c2d1

SHA512
eef03c8314ce7fc06ca27717e617adcd91bb4193e8f637f26ec4c31eda68a6cb1743d833b1775df772e9b8177fed72a271f755ae68b05da30288ca5d30d18bd8

Download Submit
/data/user/0/com.greencity.highdive/files/7a5955f0.dex
Filesize
613KB

MD5
fe14e95f31460cd2332e4ffb8e4957f5

SHA1
04caa3638ac98987e15070a97f8789b7a62ed0c6

SHA256
65cb45562d19755d4e7b4828389f4ac6df804d80188d43759255f50ef72a0b5d

SHA512
403b053a3aa7314f928cd6cb89a36346e23edb074f72064607b3d2c6ad419a3679b5110ad63a06a25b5df0ca30b78f025301d218d7eb204e719577318b12f2bb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads