cce4fef97f4082f8f650d01ffc894f0dc952ac9860d6c6e4bec75c65f3837525

Analysis

max time kernel
3s
max time network
181s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
24-05-2024 12:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

enjoy_sdk_test.apk
Size

4.9MB
MD5

32a01ae95fe645d4475c62c635127724
SHA1

c2af9057bc9cb588216e8069452658cad640c1b0
SHA256

cce4fef97f4082f8f650d01ffc894f0dc952ac9860d6c6e4bec75c65f3837525
SHA512

914013167e7e71b66a25fe866aa4ead606faf0fe07f16290e20fd616fa4b3e744f04de17567750d968a9d1700b28dc539c61918d1568b66279dec726c87ffa03
SSDEEP

98304:UboEqpeyEW7FZPT37cXYHzIGhv+4U2f1T5MkKrD8k39Q8MgmO5:kmECZcUzVtCnD/9hMgmI

Score

8^/10

banker discovery persistence

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

link.enjoy.medium

description ioc process

Framework service call android.app.IActivityManager.registerReceiver link.enjoy.medium
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

link.enjoy.medium

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo link.enjoy.medium

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	link.enjoy.medium

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	link.enjoy.medium

link.enjoy.medium
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5216

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/link.enjoy.medium/databases/google_analytics_v4.db
Filesize
12KB

MD5
6da302a2e5fc0263420684f38a00e3fd

SHA1
9e1c35e91c3b84600dd8ebc10e072ccb91b5895a

SHA256
a9b2f6227429fd83edc4db9e62c5e3f8c45b55598f7b10c3132d6b339283c8d2

SHA512
6e91d3076e4f382a5e4119e6429b90bd4d604c858acb4914e8b67226f4ad0626e29726e09d12965f075ac6aebc49eb22faf0f5c6a286913aad9515887f91fa1b

Download Submit
/data/data/link.enjoy.medium/databases/google_analytics_v4.db-journal
Filesize
512B

MD5
1f9ffa1a8adc1d463c0207c51137555d

SHA1
ca23aa630b63cef94ab55cea78e6253d9ac9d56d

SHA256
9efdf3abe57031d01ba2674018ea28d80eac65f705617db4eb5fb12fb678823f

SHA512
012066a0ef2f7ee4e04d4f1a4fd6ebc8025ac5f99ce31facd7eec64bfab2525fe227ecdcd03b5251c14b465ac864703c220c88e295c24311a5ca0f16f18a715e

Download Submit
/data/data/link.enjoy.medium/databases/google_analytics_v4.db-journal
Filesize
8KB

MD5
b9357b7fa7cb1db4e20be894e3547b36

SHA1
09ada9b5c49dfc1ffc9897d033f870186e31ec56

SHA256
f191ebb8fa13686cbf86a8b85d058119f097da72f09d1eec83e4cf258b33a1b9

SHA512
ed02987f27aeccf341d715adf2ab921a742330dd2f83d36b1057be092c1ffcfbd0f9901d5f6df7d8113e0b6119c4ea275ee08cec71b3a311a17c5087db1f77df

Download Submit
/data/data/link.enjoy.medium/databases/google_analytics_v4.db-journal
Filesize
4KB

MD5
92a300e1d05b1e2a032319bd34b1c632

SHA1
fec7b0fd879c1923b434ed7b017ca84baef6bab2

SHA256
b9d941e9816a77b572dcef9baaea6816e4f83dc2f7e2e0c677dd53f1a906c656

SHA512
f8dec360a98a96a74ae852f25c15a5133080be573318ed2ab3dde92e3a343c657a176c9b662d74755391514e43e0d200c4da0ac0064295b358c4fb754cb57e94

Download Submit