29f5d4170119074bc3f183ffb3fdd3df58fcc8d1699224479b707446def3587d

Analysis

max time kernel
49s
max time network
142s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 13:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app1348972.apk
Size

9.6MB
MD5

ab82e8ded42352a5c2c2d5b735dde0b6
SHA1

19b5ca44208e04aad2c2e1720b8f6041b9873bd6
SHA256

29f5d4170119074bc3f183ffb3fdd3df58fcc8d1699224479b707446def3587d
SHA512

8e234bce02a717f0a249d56c8bcfa965ce646369a1ac013d273da87a4d54b30690333f95107f0c6c9a973a6777d58b2c55a065471f0aa8142d5af9f3dedc0273
SSDEEP

196608:hmO4rYye2J4LHARjsz+JCPfvBdae7KVtUBmG8+ZAwzQ6ZLOEmsHzn2:hm1YyT4LgtsaEvBdaeKV1f

Score

7^/10

discovery evasion execution persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

regio.play01

description ioc process

File opened for read /proc/cpuinfo regio.play01
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

regio.play01

description ioc process

File opened for read /proc/meminfo regio.play01

description	ioc	process
File opened for read	/proc/cpuinfo	regio.play01

description	ioc	process
File opened for read	/proc/meminfo	regio.play01

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

T1407

Processes:

regio.play01

ioc	pid	process
/data/user/0/regio.play01/files/audience_network.dex	4261	regio.play01
/data/user/0/regio.play01/files/audience_network.dex	4261	regio.play01

Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

regio.play01

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone regio.play01
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

regio.play01

description ioc process

Framework service call android.app.IActivityManager.registerReceiver regio.play01
Acquires the wake lock 1 IoCs

Processes:

regio.play01

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock regio.play01
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

regio.play01

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo regio.play01
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

regio.play01

description ioc process

Framework service call android.app.job.IJobScheduler.schedule regio.play01

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	regio.play01

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	regio.play01

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	regio.play01

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	regio.play01

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	regio.play01

regio.play01
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
PID:4261

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/regio.play01/databases/appnext_dbs472
Filesize
36KB

MD5
69f9a3cbee94ce51bfd16edf2cbd31ea

SHA1
ad9caf25250503373464772d8d8ff077d98f020a

SHA256
c3757d0124d83163c230f91c1ecf5ec189c1c08f9ab6ac6eaf85594d8008ac92

SHA512
d58ebdcbcdb2f28fc9aa73c80022776bfbcf2521e8e936c88c2446d6507f54762c113e91df04076709efdb9570c8152c1c6bc4d0a32b2632ea8906dc1a21f8c3

Download Submit
/data/data/regio.play01/databases/appnext_dbs472
Filesize
20KB

MD5
54456b099571950985971db57c6b8533

SHA1
346765461f5b5afd18d34106e758d15c4ac072b3

SHA256
aa0f3512361569ad1a4060371c7a42ec84fe5b1a9e10252f105017e7ee3e2850

SHA512
ae3310c72c0d19abf11bf7f8835e8b40459220213395ecc2f4375f747da38f1cc8bc06016da7d53872d8bbfd2e7169f6017d29469cd9c069aa4b3e3ea35b8039

Download Submit
/data/data/regio.play01/databases/appnext_dbs472
Filesize
20KB

MD5
3a2f3dfd10d8c112c1c83fba9db5e403

SHA1
68b6a2298df6f35f3c66baeed4ef2f3d54e8505d

SHA256
bb976b68ce1ae9ed62529cd2c5246048c1f896a5fd78d3c4569d70055065bad8

SHA512
fdf94f846091726ab303d2a196e8a907061540d123feba7176656277dea8f4b129789638d3ff4c8ec7e5ea922ad2945b49b0cc0d8964811c1faabe50a8f8f6f3

Download Submit
/data/data/regio.play01/databases/appnext_dbs472
Filesize
36KB

MD5
d5905a36c865d37ebde8e6f32c5bc959

SHA1
f20e045d2ae1148057cebc4610a354ed9b7f7d84

SHA256
57a0d47aff9c6773d1da83ea4add5133ff1edcf950b5ae0b53530d2fe3325d7b

SHA512
29e31d1fc61d707138cd6ec42bf4588dedefb1ca525750ece07ede46b9cea1c39ee8dd416c4bccf7645fa1242a4e09d4fb86b019b885b20d4c2904e4986847a4

Download Submit
/data/data/regio.play01/databases/appnext_dbs472
Filesize
36KB

MD5
e5671d3af053aea048777fc7a47f9ef2

SHA1
b98d88b0766936626ef8a6a83ae728df10b3f02f

SHA256
d88b7002ce2131adcd01c4945953270ac7f20a370784bbfdeb7eb0232aa9a749

SHA512
aee0946af94875446d05001b54257c67a6c1bc1acbaf497180a12a34d16068d44b381db089606d9ba6520894402011889966f464db179ef585556066a27e38c0

Download Submit
/data/data/regio.play01/databases/appnext_dbs472
Filesize
36KB

MD5
cd2345d4543fbfecca8d2b514c71d85c

SHA1
deecbc1dd345cbc3ff0f4d88085a9f8a75a8c715

SHA256
77a74e78638a96db461e51d9fef951b23432e1a5de3fe163d0e7406712cbf2c1

SHA512
e8d937245cc01886e70027ccc952730bc77b9159353ab369ec89ce0758a27a714b55e0e25ef31752da6df31fdf99db4ed7cbfe75acd782b3f429baf416319275

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-journal
Filesize
512B

MD5
eeaddd33683e48f58c01d32f199a0a88

SHA1
491b071667b81dff1f9a595a897fa327606b4454

SHA256
f6d3cf8e48e5a9428321840586069e039f739743c0ad9fb1ff4dec5ceb710f91

SHA512
91c0c44614143c370f1c3ff86ab13816636bde03507909af74a4e2a169d67f9ae809f1e3196540c7dda175f4e42fd0c43aced6a642d510ab12ed2d675fa1a419

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-wal
Filesize
48KB

MD5
62d75d300eec1544ce5b986f7d669a68

SHA1
cc4833636a21fc429623d328b0f466d2bd003673

SHA256
40a3989ce5081aac4abdc53243a8156ee137220210ffdbd345cf456b5b757784

SHA512
daef3f91d45a55697d75e593d96d142986974e7dd55310108734545277faccf75006d8281f581f9e21170830bb6de2c2df73af76d1cd941188983cd7bbf9b4e0

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-wal
Filesize
4KB

MD5
3a806ca8a341baa307d00ea6c3293599

SHA1
2090542bae65188bf65f7e494a410c5ca4ebd465

SHA256
617e69b59a418d1e39d65ac7fc14f4738350eccd94b483ac4810f5cedf3f3236

SHA512
dc87012e240fbf01c0e63a0f5f32564d2b27a2e75ae2021817bcc2c4bc05e4d02226d06704f227626f203d7cecaec2dc366853169a96172ab6371170110eed1d

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-wal
Filesize
4KB

MD5
7b7cd303885e018fcd82df5962ec7284

SHA1
8a91e7dd3bb3939ffee9952fd1853bed2517d605

SHA256
43a905de82d37aec48808722fa212535c6f5a766e389265ce45357f69633a51e

SHA512
45705d8cb03f238c457700915a4314a9e630af8de6370c152c104b65d3498b0d2bf11818e97aea4b888fd6ec8d4824ef95d97aebc541c0f30cc4781890086ffb

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-wal
Filesize
8KB

MD5
d0ff7e9c8286bf3313212a715d5ac5e5

SHA1
65a01974af60495ab85d91a0fa3575545051e77d

SHA256
32cb3726c732d1f0208e54076c09e1dbbf178a59e17e8cdc98e88e93484ea1d5

SHA512
473854cdbbe4fa31e7e8332df477b2eb75c2b310e878f149398f17e5c90c12898eab31640e82463547136d881348189a7fe7155b544b7950af2bba8bde7dc92b

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-wal
Filesize
8KB

MD5
450a545bf9d8e4d747ed8a96f03b41bd

SHA1
1b69b3fb3c16c4fbec5e39e85f0351270b71bc90

SHA256
3abac3207e0db425a734505b5d874aecb07c5393e5dcba428913a4c76f15f55a

SHA512
179a01024a6dde760b52075bd76113f688da5429471836c84a74e262d2adf4df70b4ee5130a66d53f4e9ce5e1fe556a127f91bc1c5e15e4f3956923df2b39af7

Download Submit
/data/data/regio.play01/databases/appnext_dbs472-wal
Filesize
8KB

MD5
01affabf23301fbebd7c9ff7768f4e20

SHA1
2d6417f486b5c053ce608da01244a99bfe6da277

SHA256
cf5062cb54909dfc6deaf2504bd702039beb49683dceec9b5d4bc89281b69be8

SHA512
5cab1918f925f49ed932d2380351ea162cfbaf0db658f4da13d1ab9d6ae9fbe57d7a1efd62568f8f710ce5cf2e20b18cc202c81b7e1a475ab5ddaf7c8c560e73

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db
Filesize
16KB

MD5
1954adde6379241c1f9312f2863144fd

SHA1
2e758ca5624a53303495d46584a3589561dd0366

SHA256
57e925d0992924ae44981f027a446106de4a6d755fe87dea40f724d3b9869ea9

SHA512
0801655b3555300ca7fdf9f671e80a0b33342517a06f14dd4d952f86e91925d7034098f590fff5a9c75ff0440c5f490d02ae65962cbe7e9bae80ea58add42cd2

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db
Filesize
16KB

MD5
0a1998c5bfe5198cac9f5bc2c1f2643c

SHA1
908334877dbbb6628aafe0befddc73fe5a61282e

SHA256
5f2bf7d408e96aa7cfb679c620cca2cfbc821d27cf98930b76a8e3de41e5e5a6

SHA512
65e70814179af1db1e09bfff42b833613fefde3999fa1eaf4852b61f2968b5e5c4999b14af0a62548f11765da6a425c96cbb9c1d32948864ce879337c1a5ac83

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db
Filesize
16KB

MD5
f036e5bb77751e692155eea94a965a95

SHA1
0ce3c40b49b80b22bc42674e02de43ab486c9a44

SHA256
9e5b6df794be6b1743e12b31f25c48ffe71a96e1779266bbb2cc4ff6e24e7643

SHA512
e54a9a8589c101ee60b00ee76b9e81c4a210f1bca37bc6e1a9d31dfda8b5cc67584faf79ab243de107eddc8088b30f191ba0fc2ddf3ed6b5560c811e3b9d39e2

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db
Filesize
16KB

MD5
5491283852b953da1e7dc32eb3f7a68d

SHA1
fcad89a5c377d488aeab674338c0606ea11292a9

SHA256
f163a0b98e98aa62654c6ab7960b917e5901219933e3216f5ad9f687d637c398

SHA512
fdc7ffa466892feab90f4ea48275ec3d4271c4477d19cb217f7c57ec26972f61ac1347b81000960fb42d32698202209597747f1cba5fee1dd148cc8c75b893ab

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db
Filesize
16KB

MD5
6c63ec68448b2ccb3e73efd3b7431baf

SHA1
f2a90d750c45b2be940af9c2c8c0900dfb106ea2

SHA256
ccb3be23b31dd860264e017d4acade68f0cdb1d89bce1b9fdff8f7050e4a5487

SHA512
fe358a118db55e34ced9a7427fd3e000eddbae1d3f0906a59018e00f06905321a34d112f272d969a76cc6c72502e5447fcb3d3fe05d8ac19c25d09c5234e051f

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db
Filesize
16KB

MD5
4b36cd7f6e56c06286fed634c8fdf1aa

SHA1
e69fdc36d4550f5d539fb7ea5015998bdcf08b76

SHA256
2f7651745c62899a2dbabada36217293dcc1bd3c994b92b6184126cfe65a6088

SHA512
87766d20efd96f7ae328b8432172eda73ddba763c707d7f2682bee2fd3bbabce902ab68acf4bedbd3561142211ac78f9f01df8da1356ea150058f70c64f65216

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
68458c3f185b8de2e8b8a161590d796e

SHA1
5790568cd2a900b7dde052f04a2306ee5e0b7de8

SHA256
5bb57aefe926a7575a18976b6f739828c95c6b287c5e752649caca2c854b2b53

SHA512
a3423db3ade1fdd867d6a5760552ab16aa02ccf96fd37a112d43d5affd0c80f33f7532994ecf4401fc1c0ca276e9d8b232e1ddda030f81a49f00513bdf61aa86

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
4944629ab08db3e984898b6d7c2ddd8f

SHA1
45d8b9451180043ff956de4004cb046011de3517

SHA256
8e301a5a49422a5dd95fb79773d1ec7fcc820230c9c49c896696cac0361a96cf

SHA512
d0d399df6b0873e6fde9e918c2745e92e037b72937fe457f25eb17f62c66fe3f9d8fe748c73d2acd86e6ffc6785995755a83d0cdc124276c4daf54a88bb8afea

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
5436a5adf59e3f6e29e29cfde8498332

SHA1
ffda8371a9c45b05d2e0342dc9cce195dac26cfe

SHA256
a988a2f953fa0ac6dfe8a59a8d1fbad4d3addb8f5ba2f7deefe432c70ff8ed41

SHA512
741e82f1e7ab09de9958a0632f74357eb96619dc9a8b3a698bfa11eec1afa783e7b91b315c63f038bb89e61ac23bf90ada4da11e04d6b1ad05d692085063746f

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
52e003dca87cd44d5e84c586da220bd4

SHA1
82d4fda2e42202caa6ce808b409485954e9f2c4e

SHA256
80904d7ee0723f5ac74e20f495bebe4fc16e64b9e7a17219ccddfbf4ae77b276

SHA512
6d11d6a5addc22720db31d736f59f3ceafded0be8d75203d61843b8cb79565a0d071b315fa6e104020eb4b466fb318c17e6dd5fab44ee35e79755537eff2ec8b

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
c99c6ac7b3a50fb24d9282b38ffc03ee

SHA1
09036a6353c7be6b9dc9cb8ec31ce38c71d47a3b

SHA256
357b17b8ac411232c214ae4eb75983703fb5576c166f223b684b31895c3f4b84

SHA512
c9e51ad5e790746223f326a25dfe685544022e087d0e0d98034ae6b7a784990befc8ff0aebbdd469d6c4a9386b5553fd3f83f85d6ca05b1b9006ad1cd256540a

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
b9b10b1dcaaa82e88c28a727bc6cdab0

SHA1
ac0500dd9def194fdfb656769c7c157fb6652282

SHA256
a7d091c52d05957a0294f7b8ab7f9db72d26e6810e34eda6131bcf83cf2614f2

SHA512
0fd0d0879df950d6109a978f324194c68c66c5d1f4423f89bf82afa201316615ae24d0921666474975520f8a50c08791b44043238db84552c53a62f281b7fbe8

Download Submit
/data/data/regio.play01/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
8f32fd10832da417c71281d87143aefa

SHA1
1e704a015a04094d18a281b0e430728dce38d1b9

SHA256
331095d77ee11173f5e986c71cdc49c7e13c7947ca89ac833ab52be6913977c7

SHA512
b4254352b7b9ac06b3cbb4e5fd3bc6f1f7d54f62053cfa6da25621c1d34f0deb4c7e37365ec76cfa2e825efa841661df64637a3143a8abe56612f5c4c9856aec

Download Submit
/data/data/regio.play01/files/audience_network.dex
Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/regio.play01/files/oat/audience_network.dex.cur.prof
Filesize
353B

MD5
91ed2ababc59198c300965b3652b2532

SHA1
3f271567a0af708acbc8f11516a676045686ec81

SHA256
891f6518cbd8e6b191ccdd75b3bc099118689259a6d070dbe09982a726263556

SHA512
8ad6bdb65bbb66c73a4d54b2ca3931140101fe5b27ba0213ebb856f51ff68358c750d6ba0d2176db8cb50ec6beb2f704d43f1dad8f6b2ca5f38044b4ed8c5261

Download Submit
/data/data/regio.play01/no_backup/com.google.InstanceId.properties
Filesize
2KB

MD5
2707af854ebcc0a4e6b7e40dc2744c01

SHA1
f6cbef835e3562330ca3817160d23250fb6ab5c8

SHA256
0718e3bbf662a9c799f5ee3f52d8980e026886a24d9594122de3ae412ada8a7a

SHA512
58de45f532353caa56d6588f75d11330e0055487c5f03c2b64e5a2265a02699ae51cdc3ff0caee909ccbadcb2c55fb81a596d7ed4e42acd1ec3b64dd0d3feee9

Download Submit