9c068fa63a0a9c28a8b592a6cb68b155d657274cc87e2dd96b54471feb84b4ef | Triage

Analysis

max time kernel
47s
max time network
177s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 12:40

Sharing

Report Analysis Logs

General

Target

aa.apk
Size

12.5MB
MD5

a984c7b9ebb9b8b294b72eb82992fc4a
SHA1

7047659db4fae7a900c3f63bb9121cf6ba0b86b6
SHA256

9c068fa63a0a9c28a8b592a6cb68b155d657274cc87e2dd96b54471feb84b4ef
SHA512

5488558bbad789446e14289aaa001856e8692576a89865546e6e56736d57a57259992e6260105e92c25fcfafd04c8d70a9507e03400359c6804fa383ed72d04f
SSDEEP

196608:T/JuA0wv1RVvr7ouI3x1WUYKpoUnhQrXFIMBM3rWwXaAqwqOSkq5o13ATRgUDj:T/Juv23Vvr7o1xLxrk1IWeqIqT5C3F4

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

System Information Discovery

Processes:

com.companyname.app1

description	ioc	Process
File opened for read	/proc/cpuinfo	com.companyname.app1

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Broadcast Receivers

Processes:

com.companyname.app1

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.companyname.app1

com.companyname.app1
1⤵
- Checks CPU information
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4279

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads