561e4a360da1048aad44d97a4eff10c7a95133126316bfe93f6b5061aba9f6aa

Analysis

max time kernel
18s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
26/05/2024, 13:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Boosted.apk
Size

5.9MB
MD5

064975c19037a3085b6d845a6f8d0f05
SHA1

131410e2de2a82f3ff533f81e9a8a6ae9214c10e
SHA256

561e4a360da1048aad44d97a4eff10c7a95133126316bfe93f6b5061aba9f6aa
SHA512

1b7074c72b82e0d3f60231f01969bb4a10c3b3da435a45da9c924b826f92f4f672f96775341df4ae3819240475fe17b3892e51f04c03ca2c01885996a295688e
SSDEEP

98304:A608kAmt3Bm9CAG+c1DNNrw9Hr3QANyFn7UsuqSOhMi64ag1BhfExcji6NsWmg92:S8kRtxICAG+YxYsAEnueSJyM2ji8JQr/

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.boostedproductivity.app
/system/xbin/su	com.boostedproductivity.app

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.boostedproductivity.app

Checks the presence of a debugger
evasion

com.boostedproductivity.app
1⤵
- Checks if the Android device is rooted.
- Checks memory information
PID:4315

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
a6857399288aff07ffd1cb0b92419ad4

SHA1
b13ac91a5ab10996d302165a7b8ad3d55b1c12c2

SHA256
c51c12ec947a7638d7b178cdbf06a376e920c95f1899c46adb890238999ad9b9

SHA512
1243ee48e2a56fabe5a6120623a5bf5a9377200f14b926d69099751e118d8aedb523e9d9d50818a7083ab32ededc963b22f26f85c1ee666d20d5106d115a4da3

Download Submit
/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events-wal

Filesize
52KB

MD5
8318ec7b607f2fbbf4da7b27a9481572

SHA1
d96eeec491bf9f5c5ec5b5b96b34c5e396aa243d

SHA256
00a0208cd8399c449947f4841f17fafdf3f36d0bdf2a10e8fd8a9fc36990709c

SHA512
dcd98e8d1809f7ccb4596a404f097d8750414962dbc85157d7f7a6eeb580000e019c4e5b17bcd8b70c77469865a4cb1afbaa090c03075c2572a097088f199c60

Download Submit
/data/data/com.boostedproductivity.app/files/.com.google.firebase.crashlytics/report-persistence/sessions/66533E6D010B000110DB58AC3417E3A8/report

Filesize
746B

MD5
b9a9d7e98a5bd565f5ca4abb54597c86

SHA1
219dca410b250eb38bc7b0d13dab43ab147f1939

SHA256
b62b2d0a18605133b862545324ee6f99893e6f8160568785ff55412ab39a6117

SHA512
b0a4b2d80a1dc0bbde68eaf4fdb37943887c2016b60f6d6b160797ba5591e5e23a588cfcf24049791becc5c02cb1cc7e6f3a395918dc909d062d25640ce103a3

Download Submit
/data/data/com.boostedproductivity.app/files/PersistedInstallation1206537608973235720tmp

Filesize
90B

MD5
0cfcd50149723de94641eb0178b19323

SHA1
836e48b93edbc19ae322b0954e59793010d8a417

SHA256
e1144940faded43ef62358c35f00f65e3312e9ba6622879fe0d12c28d6a6b4a2

SHA512
ba477c2cc51955b5dba8db0a0a1f34d006ae90c137eab4864d39ae2d58f103f2bdde0626ff50a2cd4732adedeb3cc46fc0b217792d51cd65853ec32a4d68adcf

Download Submit
/data/data/com.boostedproductivity.app/files/PersistedInstallation924636997187883901tmp

Filesize
562B

MD5
280399b4fc055640110a33e463ba0fb6

SHA1
a4ab729dc7d0de5d30d5fec4c99ca7cb27a0dad3

SHA256
43e001e3daa03e913d175475e84d6aae7b301d72ceb86275951f59591c031ca6

SHA512
44cf751f70da8c9443997bc79f63c06ec9f309453bd1a3528602ecea15521812d6582c143b17475626dfc5095c578cda5bf5f00843db0021d37d46fcc5dd6568

Download Submit
/data/data/com.boostedproductivity.app/files/frc_1:142007999268:android:4aa819f34c0ab1aa_firebase_defaults.json

Filesize
887B

MD5
4a10b2c26e65d15a34ba6572f2d8ab18

SHA1
df6db7ec186b1d0d2dc28fe6026bd354293f1303

SHA256
531df969c1ec647a5527e7e118e1b6af3a232d562b4edf23bf0d79abbcba9fdc

SHA512
26a5d41fb24fb951a4b4fa0af943c80470a8457e2ca276cda4866a70db5698331ac2afe6c7d0c2fe4915cd788abc6c5c3ee86fd3c9c351602aaaec2e2c7d85e7

Download Submit
/data/data/com.boostedproductivity.app/files/frc_1:142007999268:android:4aa819f34c0ab1aa_firebase_fetch.json

Filesize
450B

MD5
6ae926cd32816ce0d2942ba33100f9f3

SHA1
147f91a7cd98a0611adeb05e64aa4faab1e153a0

SHA256
14c3f771ca07bef6ca58fd82119591203b67f4b351483245118a35cdc5dec15d

SHA512
40897f77fef871d84bd34189ca1786e5fa84088f1cb81ac00a0a3b0d48d722f3ea21f719cd3134eeb73dfa9804002e15796dcb0374d9e9834442054aafdb2806

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
2fc9329e5220906f725d6fd97541871b

SHA1
75209e3e06da94ccc321d6b1b375be976e43dd26

SHA256
eca9fe15055ad7aa0f6e4f5eb985c56b56b5de21905d83b3835955ed5ac5749c

SHA512
d555de755e78213c0dcb42b0e7cc3a26687bf02e7e926e60ceddffd82fb0ef4c21e4bd6ba259b110d6b7c98de566b89fed64be984af515ddfcd658870fc51bf6

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
9e96fabc801d1f3da5eb79a102871de0

SHA1
73cbfa71bbe21ac15341f1912ae9862b8f41eed8

SHA256
4ecc939317bb1e2d361ec0a1866a0ffd286e8cec776f0e4110092d5f307f1b11

SHA512
8efa9ad500f12efaab706fc4727d7008ef3cbb69f711866b672950b465d82b358d8435f15685908d598b4e8a4a36a30d66f07dbe9ef57cebebdd09092b8242eb

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
f91e9c8abcd03f3528bc747e3b0a0598

SHA1
27dbb46302934c1b0dfc16d60a20296cedddfe55

SHA256
d1a7369d4084817d0f7aa0006b7315d304a17f2c327c160734d8bba0135ab48c

SHA512
18301c36ca546bfb9645a144745beaa52448736a32783ca1b62b1c519bc989db1da5d29ce56178661a1dd826107a4bf33158784cd4577a267982c3a35e548650

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads