Overview

overview

8

Static

static

6

b2livecam.apk

android-9-x86

8

b2livecam.apk

android-10-x64

8

b2livecam.apk

android-11-x64

8

Analysis

  • max time kernel
    67s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    24-05-2024 12:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b2livecam.apk

  • Size

    3.9MB

  • MD5

    c9f96cf69638d9644e2a31ca656ac8f4

  • SHA1

    afae9b0c961119acf66d977c0d22814b58f32451

  • SHA256

    f69b553926e56ee3790db11d05464c31e9ad14e561842590f7ba2e155999ba19

  • SHA512

    8c53b239230cc2ef98082a6e0cc6723b10f6195e0e1e96e8bd934ca5b3357d6c2425c91e7fc8faa03f10f3b23380a71130206dd9c36506e374c64fd316fec851

  • SSDEEP

    98304:wrL0Vvg9pn6hnEG4hx7+FNFbEbW4u5UXLbZ+Or2p+:wr36hEG4+jFoC4uGLN+gL

Score
8/10
bankercollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks the presence of a debugger
    evasion

Processes

  • com.b2livecam1.appdeploy
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:5102

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.b2livecam1.appdeploy/databases/OneSignal.db
    Filesize

    20KB

    MD5

    372fe282421bc6428982711c5d55df1d

    SHA1

    9078e7129d36d71c7ca7aec22de943aa48c35c51

    SHA256

    22256171fa702f6f63896f2073485fbe6c3443f8078102e215409af85949a171

    SHA512

    55fb906cf45f476c049b2fa5036d8a0c42b44c7adbbbf8b0aa853b4313f94d3b884c8c7cc1d5c341a1c79bf0ff1e4739239dbc6d30b6ab8124bd1d63a43f4487

    Download Submit
  • /data/data/com.b2livecam1.appdeploy/databases/OneSignal.db-journal
    Filesize

    512B

    MD5

    264076a97da811dcbb42edff70f7c2cd

    SHA1

    8735dc3554dbbc10772d329c868f5b6d852b7521

    SHA256

    9c0b403a702373370f3a3d8cebe9da59d82b7ee186118eb321f4ecec70008b15

    SHA512

    4a0ef39aba80ccbbac387721fafa5e0475592d01df84e47cbbeb70a58339bc482a032a0cec7e18cf25a125961642ee59219d1e7f73af1e39f7a45a027aed5ab2

    Download Submit
  • /data/data/com.b2livecam1.appdeploy/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    3de28bac604fb1001dcb58fe736f4b25

    SHA1

    f4d416856a81c6909c3ec8d731eacf74bb5320a0

    SHA256

    c7e1ea815795b389c03f2a94c10aa8730529f2259c6890b094df90239d5f9a81

    SHA512

    7101c5dd481464e45e6bc89894824def98cb1914ecddbe657122c99ca8b2e53a022c289cf2ceb2bb5352e08d7ed218d3a9b2d4857b11aab949caba443235cf1a

    Download Submit
  • /data/data/com.b2livecam1.appdeploy/databases/OneSignal.db-journal
    Filesize

    8KB

    MD5

    ce667a20c8da9d779f37519ca69fbb08

    SHA1

    269f51967f035962938f739145cc07aabddfcda1

    SHA256

    1cfe3da7986621249a126ed332fb26c6a64e33641800dafafe27b99f394f3964

    SHA512

    861d13b6b3139050a521d0042b6fae3ea40839aa77714a9d94d1be3b27f263e4a6e7fee494f7935f9b7cfa3d4dab45536494f95856d28b411f1d66732bc1de0a

    Download Submit