Overview

overview

7

Static

static

6

app-release.apk

android-9-x86

7

app-release.apk

android-10-x64

7

app-release.apk

android-11-x64

7

Analysis

  • max time kernel
    27s
  • max time network
    144s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    24-05-2024 13:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app-release.apk

  • Size

    6.7MB

  • MD5

    f09627217b4ca1f93b56266f013ee174

  • SHA1

    8c796ce5affc20a4a1f494dd7d2b0a141c263c30

  • SHA256

    b6cd78d2dfbf8c5cb285ff5843d9f840c25c5c6a0f4d20a66ad492849fa11be1

  • SHA512

    3664d60461dbd0e4569905fb9dc835c91e5b4ba5efa2b44ea9d3a9bc715e30d9e8b3258c3b1803012cc79b64a7dd36fcfbdef26362c09fdb84db215a94d0c04a

  • SSDEEP

    196608:Jq4mrUCkzxdlm9IdMeMAfMCTx0qWEOOdlICV1H:Jq4m7kVdlK4Mc0qW9OhH

Score
7/10
collectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Checks the presence of a debugger
    evasion

Processes

  • com.elmecano.fleet
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.elmecano.fleet/databases/com.google.android.datatransport.events
    Filesize

    56KB

    MD5

    dca1dcfb60314081492e680b4b266f91

    SHA1

    4b0d3cfc543743964b8b0579fcd2625e9bd80b1f

    SHA256

    6e1e772a3eca5a41404d4d47fb9445f3f5e09db7af5d5b9aa2ebb06a18c9b734

    SHA512

    67a9b32f21643032192ddba61e27218f0c2a6c40d8963fbec77798330f43901e88fcbff1792173dbb7b160194461d157dfe726e95bf3f3e326a02767be634f9d

    Download Submit
  • /data/data/com.elmecano.fleet/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    a38e7f645ef9b52e0ab9b36026fa9b11

    SHA1

    13ee8277188fe411afe51e9ff259cec935b8f0f6

    SHA256

    f2a45546b34737e8570883f8b61dafc132c17bfae53b0ce64965e3c6f1123f19

    SHA512

    2012acf77d69723a564e33030a397b11be8bc3ba96a06f401f66fad2075b4605648c33cf94ec9ae7858736e7d43bfa9c9d5926ad4b27b551b0a84e12c3bae40d

    Download Submit
  • /data/data/com.elmecano.fleet/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    cab6ed18aff739a43f49e08f822688ba

    SHA1

    244b493f4ede9ba438f5656d21d42bc2f38e687c

    SHA256

    9235af12e4b7354d6b7fde09fcd6c049f13ee23b26d0b790e68a5481fadcb71b

    SHA512

    301e7b129c1a1f4849a9ea79257da84dd66f57f86c853eca1df78fded01b34f188d78bf04068db5fe0eb88407e7f53d8c5d5122e024b50b06d72dc2c3c9014ee

    Download Submit
  • /data/data/com.elmecano.fleet/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    8d75eba282e4fde1be5f800fe1598221

    SHA1

    13b16bbaadd4e01d5c3cb04fdf6438c5285025ec

    SHA256

    fe7edf1d1be1da8893b65c2906aa7182a8e8d8c3fdf6aa591808275746a98f94

    SHA512

    c0b3c601b2f24f36c7c2dea3b33581a84274b6cd4837978c0786a9badd1a1e021a0513f6ce636cd915ff1f47dd9128362af8601fb0e87038d1e2fb3df52880de

    Download Submit
  • /data/data/com.elmecano.fleet/files/PersistedInstallation3631741545932509352tmp
    Filesize

    90B

    MD5

    43d83782149062c17879ac348f93a62b

    SHA1

    8bf4712822aa7eb33f42fbd2f862a0f975cf6edb

    SHA256

    903c6f762581b594d0f5e2c234731888af3722c88b4e33b283017c5d01448a29

    SHA512

    2beac2f6ecc0d85c10e6cc30cc666696c0e92f352395acf154f6f06438c27b2a3b01897be2b4aac4a3c9e21a6e1082678568be21281366fb7d663ced009f9264

    Download Submit
  • /data/data/com.elmecano.fleet/files/PersistedInstallation5683289634683138082tmp
    Filesize

    567B

    MD5

    8064c45f788b246b74434b6ec4d58508

    SHA1

    cf24a036f1fc9ad2eac4d04d058ce4d58264a2f7

    SHA256

    cd8840f84e3c0ee648045377400120d5a2bd0d3f5476c6a8ba756b57180fef10

    SHA512

    16c820c0962cf33420e48e960ec325fb7f119eea9e43adc7f28cded9c93e0ff5490c8d3e9a6aa93671b6e705976117729715f72f422c7f483fd40dc622b268ce

    Download Submit
  • /data/data/com.elmecano.fleet/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    e727ff9b5c2a5f3cdba0dc086eec033a

    SHA1

    40448282dda8951aff91874465e4fc5f6570fa3a

    SHA256

    6d0c7e6cd6393a01772dcea39d29d947b3d97f944984247cdea19c059e72ef0d

    SHA512

    a096786435b369d2d5f70cc44781ebde90ac7b231c23f2c1b185abf3209564237f264ab9a620a0ec3b990866de9384601e97c2727f5e2841a5005a05887cc1fc

    Download Submit
  • /data/misc/profiles/cur/0/com.elmecano.fleet/primary.prof
    Filesize

    2KB

    MD5

    89aa87754c70a0ab40db027133c8a296

    SHA1

    dcf61e3423a31635298d6af542c731ccf3ae9253

    SHA256

    85a8a2c0b5fd719632987a1836878daf5f24f28b1afc9ede9dc907a7825b191d

    SHA512

    7705706793f989e2621804bbcccb9ce8e11ff19a3a49f0df83866250899d766e104c99f2da52d1734ef22d28cc278eb9268b210317cea9601702a62bc2d22610

    Download Submit