Analysis
-
max time kernel
3s -
max time network
326s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
30-05-2024 07:03
Behavioral task
behavioral1
Sample
test.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
test.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
test.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
test.apk
-
Size
4.4MB
-
MD5
87de9061f79da31d75a0da923a8c2f6b
-
SHA1
80c4e8751fd135290506274bab4fb7c684d189e5
-
SHA256
cc3888c8f3f86da0ef2371aa60f12b6497dafaf46e9ec0f075d01558f8504eb2
-
SHA512
0b56dbfa91284d9a827a6d0966e11c962e43c69ab05a5c3cca58b8ffe8811df502eaa4e63c074f0d900305f8869ebfaba09b632a560214ca5bd4274df56220a4
-
SSDEEP
98304:VQKFyvdoilLUBGo7hD49YY170fHwmzIzBhTq0tAW2K2o9Br:VQayvdoilQDMYYpWHPzaJz7
Malware Config
Signatures
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.whh.premiumdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.whh.premium -
Acquires the wake lock 1 IoCs
Processes:
com.whh.premiumdescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.whh.premium -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.whh.premiumdescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.whh.premium