561e4a360da1048aad44d97a4eff10c7a95133126316bfe93f6b5061aba9f6aa

Analysis

max time kernel
19s
max time network
152s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
26/05/2024, 13:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Boosted.apk
Size

5.9MB
MD5

064975c19037a3085b6d845a6f8d0f05
SHA1

131410e2de2a82f3ff533f81e9a8a6ae9214c10e
SHA256

561e4a360da1048aad44d97a4eff10c7a95133126316bfe93f6b5061aba9f6aa
SHA512

1b7074c72b82e0d3f60231f01969bb4a10c3b3da435a45da9c924b826f92f4f672f96775341df4ae3819240475fe17b3892e51f04c03ca2c01885996a295688e
SSDEEP

98304:A608kAmt3Bm9CAG+c1DNNrw9Hr3QANyFn7UsuqSOhMi64ag1BhfExcji6NsWmg92:S8kRtxICAG+YxYsAEnueSJyM2ji8JQr/

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.boostedproductivity.app
/system/xbin/su	com.boostedproductivity.app

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.boostedproductivity.app

Checks the presence of a debugger
evasion

com.boostedproductivity.app
1⤵
- Checks if the Android device is rooted.
- Checks memory information
PID:5118

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
e777e8658a3d2a04de646c4d807b8038

SHA1
665a4b482197a9b67b30dd9efcfc44d7b02fedfe

SHA256
4a61884e88d953ca9bed7cc784a56e9f7cb45ec6a6f13dc93b008d4cba97ef27

SHA512
d34539be9cc61f05e5ceacc886f36e12ceed8074ccfce65f6d0ab9d7b8e3fdfba2e55901c16140d28f8bed2e5704a89192f6b24a072fec2a7e061f23ae72d43f

Download Submit
/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
91e105c6f80d39c9b8473a80379fafb6

SHA1
d2f8c7217d0875e03252e08d832a8d2a6f646fd6

SHA256
e6f0e17586eb69ad431cbf2c44471145f2a8e21332ed8f29cefb3acc4cb263c1

SHA512
3f19d66bd83a46555ca16b04adaaf9fb8753f3ac325ae0e793fb85c6597e4dcfef23223089c379164cc381fc4ada575fc867168adc47f928d5742b4bfb55f553

Download Submit
/data/data/com.boostedproductivity.app/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
bfc1842d9ac5d6ec11474857e072a9f0

SHA1
fd0420e9265473b911e70bbcf41da52792814c00

SHA256
94052d7819bbd7168b9b202adcb715529549aa0a90a55d9065caf36aa88f03fe

SHA512
e85edeb9ab78c3082f690150fc25b75671b70e052648e2c9ca25159b96c391480a1a04a5dce2f903307a16f43fd6ab31f22be14acb9334637dbd403a0fd49903

Download Submit
/data/data/com.boostedproductivity.app/files/.com.google.firebase.crashlytics/report-persistence/sessions/66533E7402B9000113FE7CC384F7527A/report

Filesize
747B

MD5
e5669860d5e4864fa7cee1a860276499

SHA1
22913b1bff2bd324e1b23c2f85f1b569251a775b

SHA256
90dba52145f6e25ae8bce82c29274633dfd66333cb8817dc5867d9b3107b7169

SHA512
06d6cd36fa862389207601506a8f8ec3ef3e7285736e7fcd7f3c9bf8af20a4eda82511c833dd1a2c797b4c9dd4d4de6743d03621962465ac0fba3ba6ca133113

Download Submit
/data/data/com.boostedproductivity.app/files/PersistedInstallation7781837035638746852tmp

Filesize
90B

MD5
3647c7019c7ee8e2cd1b8b5dea303093

SHA1
3f71faa4cc34c6cd9cad09c03f801f664ea505d4

SHA256
f475d355d16e9b61799625bfeba414dafbf6db36d839de17a80aa1f4dbfa04f1

SHA512
519128e91b9e0e0a80f2a6caa191b568e473f26bfb0d5e74e535f816b25ba075c44bf535672c42eae16b38a8f07304db317626598b9648f101073daa23cee5b5

Download Submit
/data/data/com.boostedproductivity.app/files/PersistedInstallation796563889647100073tmp

Filesize
560B

MD5
70fc561a30c16249192c76579ce30846

SHA1
584c6da5d16472d7236c73838b8cd2e689c7c7f0

SHA256
c060fc4a3dbcf7de332f600725d3607d5bcddde1fdfa2b98ef4584e87daf205c

SHA512
f73ddaad6428e99809b80b7abe6eae2f31e3afc64523205810c9cdf82a3e20746dfa88264a32e70c437f9f5c4cb16bf28309e6859242ca3dd3dfb7930e8a0043

Download Submit
/data/data/com.boostedproductivity.app/files/frc_1:142007999268:android:4aa819f34c0ab1aa_firebase_defaults.json

Filesize
887B

MD5
4a10b2c26e65d15a34ba6572f2d8ab18

SHA1
df6db7ec186b1d0d2dc28fe6026bd354293f1303

SHA256
531df969c1ec647a5527e7e118e1b6af3a232d562b4edf23bf0d79abbcba9fdc

SHA512
26a5d41fb24fb951a4b4fa0af943c80470a8457e2ca276cda4866a70db5698331ac2afe6c7d0c2fe4915cd788abc6c5c3ee86fd3c9c351602aaaec2e2c7d85e7

Download Submit
/data/data/com.boostedproductivity.app/files/frc_1:142007999268:android:4aa819f34c0ab1aa_firebase_fetch.json

Filesize
450B

MD5
c3b5a4a5c126c15d497c86aff6346f2b

SHA1
49ec259656ab60c6a4d899455b1f284be6fa6b8f

SHA256
13ae82e99a611a02c1d6572831f7ab7e9c6de1302aaa42f84f44e314364a503c

SHA512
076054226a47adad1c8baceddc6b76a4c2a544e97b333c8f1bb34fe29b97f1d9d99e4d481c777e33a09ddffce62542402095034d0f2627fdb5e51c265d8a45b3

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
99016010bb5e79206c3c7b62cf071061

SHA1
a27ca781756b95d3d5b5aff762b4c745b57aeb7b

SHA256
7f5373a0bc569a6d2ef7bee8d0498addb09119bd6234726204159440246fcf79

SHA512
98713016dec3890e2809d4eb265f188abb6ea86664c30bcac23d5971b8c5ed1198ccea09247dbb094bef4db6d2f27879928235d26ed3a2670ec3485839874a13

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
9c1caba267352fc4109252f30dd74971

SHA1
7fb1d346677b795c2b653983019343248bd940ca

SHA256
4ad290433c10bd31daacf35f33e09f7de3b6e45784aa215e480db6324ece5473

SHA512
74ad62d4052b40558a3d177c8060a9b05b25ee205851afbed6f11be312c55b6f607c4cd6253fa5f117c32b0f7d3a1b889af918c99a2a5dbd775fa0a99d5b7d20

Download Submit
/data/data/com.boostedproductivity.app/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
3ade617209e171513999180174db5b5d

SHA1
8f13bac6359a83ee703c30918302d83637c84741

SHA256
5ed29776aa7e52e3aee40dbda4385d4954aa029fb5a6c77730cf2fa23f826aa0

SHA512
6291426d41328ae6f3086603471364d45ac573b1db2fa17ede58cb8757c5fcdec2d0fb49bffed8d4d34222edad6b34c4816bb1e3dea5d814cd8639485f354502

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads