ebd45f2c42a49f46aca69b686dfeeb13e7c1e523139ce5c1f8667da5196c4d78

Analysis

max time kernel
13s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
25-05-2024 02:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vlocker_default_theme.apk
Size

768KB
MD5

07c4fe4c0133afe38c2e6e73237c7071
SHA1

c4043c11ed2e28e43d637f95e9f19d763ba5d37c
SHA256

de74e14818f4313157aaf3544e3627ad3c76277625f64e1e0321dc445dc5afc6
SHA512

a61fafdea86410ed64a8e40be48e899e62c35b8f76e350f5fd5d77bd120507495c052b81833a5e357e9a5ac3651b3e325c033b21fcfbe1064752cd31ab9ed953
SSDEEP

12288:NEXVh9x8WUfyAfPf8fyfaNf6fZf3fofU9fffffffffffffNfa+ElGiLKK6U5+Ff/:KXVhH2fhEoeP4pdr84ru+/oNwn

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93
1⤵
- Checks CPU information
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
PID:4287

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93/files/mobclick_agent_cached_aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93

Filesize
107B

MD5
7305c63dd8b39ee68d2f394d9311896f

SHA1
f05ad782bcc1f0e3a1208f672e5600a3a209005e

SHA256
b36ebd65769e0aee08b020287a3c158f5b5fd6bba4e15b914e9852d3e379a6fa

SHA512
610ae467e94a27df50c39602dbf97ccd842dacf5fc39cfae93c43018b5dc6f22773d23f801311e06e6b5f5a82cf12a201f529e12be70645899c9ac685c0bd48a

Download Submit
/data/data/aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93/files/mobclick_agent_cached_aimoxiu.theme.mx6b80629bef74ccd8725887f0a44b2a93

Filesize
192B

MD5
f0681ef132bd17fb19a0bacfe0ea5418

SHA1
4975d1309aa2fe71a8e6ca7adaf3f24c9bb0828b

SHA256
3c8ab4dbb4850e6a1862bfc570bca99b0c1f14d271ad0540e2470ba040223685

SHA512
2aaca2013ad817224ce1ca43e77728434bc4af8862ca14665d482b234bf1a0d6cfea39291b15c7ed84a36563146c38ea83cc633803e473f5cb5a89d521932b80

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads