0614226cde4e557699919924f92df3ef72ed24f396b21b333803436ba7a59130

Analysis

max time kernel
329s
max time network
361s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
01-06-2024 06:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

tsuki-odyssey-1.9.79-mod.apk
Size

573.6MB
MD5

f741a1484ecd9f86373fc552cde9b12b
SHA1

929fa42c2916acc100942bb76f5358783a140bfa
SHA256

0614226cde4e557699919924f92df3ef72ed24f396b21b333803436ba7a59130
SHA512

6d7a92b447bee78afcfe5a1e3c41d06ed0816dde54e65baed35253965a383fbed0269f9ca2c688440e9b3c153c4dc1decd826ace5be8fb3c9bdabdcf5bae3433
SSDEEP

12582912:a104oF7GOgGkESuYWGwzZYFyIDOLtZmSyM:R7GpESuYWFzZYFyKOB7

Score

8^/10

discovery evasion

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 1 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.hyperbeard.odyssey

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.hyperbeard.odyssey

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.hyperbeard.odyssey

Loads dropped Dex/Jar 1 TTPs 3 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.hyperbeard.odyssey/files/cc0df23e/cc0df23e	4680	com.hyperbeard.odyssey
/data/data/com.hyperbeard.odyssey/files/cc0df23e/cc0df23e	4680	com.hyperbeard.odyssey
/data/user/0/com.hyperbeard.odyssey/[email protected]	4680	com.hyperbeard.odyssey

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.hyperbeard.odyssey
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
PID:4680

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a334957fe98afc35a53bcb4223511d70

SHA1
0e940d830a150be1d2c6e9cb4eeaced69683ac9e

SHA256
1125c55abf1ca72aa75b5cb2c9e7feb10d3294293af9ea1d371b7ba2b46e3fa5

SHA512
a09c349fbfa9683b04d0cca6cfb7980ebd0a6eb95f184aae02ed273a2bd5dd825a79d3e2cfbd35164420ce43269d445c93c857ab2f514dfe428b2160bd25d2c3

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6678200147963001166bbdb039becb0d

SHA1
87861bd8638f94d2c92598346bf84b2890539463

SHA256
0c0597fd3b0c1321030dbbd5f7e20f9b1fbb62d3bbf7d4222a10a478967763c6

SHA512
81907c3201b457c682683caa877421b5fef10d79649fb0d7efe815c9672e91b2a7afa50894a287e660f25ea1e12db0c295716a0084e0aa47ad9b2f45877ca595

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db

Filesize
16KB

MD5
57db0be5802718c72be4124846f24810

SHA1
eb87ec0cb326be1a24a87ec4f2f35418c730710a

SHA256
cbaae52191dbf1c41acb78e342fdf19e6cc0313a98396a528c0e93863e33a979

SHA512
f888060cbadce79398d4b6b008cad66847521e0e3f29f770cb06d355f20388bce418f671b9f583df0b8b3016d7d97b9bef9b0a1298599b5ec92da57e1c9ad9ef

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b6ea8ed42035cd9a4f8fff05f27c1238

SHA1
18d281da6c1a031e6bd3e591921f82aa8360f513

SHA256
7b445c854b78d24f210033de815d7c8c915f85431170e7badc0a11cf151f8168

SHA512
c7d2da71a3921d79cd92c18a778b3f71763c8b405708ae495b47ba85ff399ebb71fe5d06db70408b397386be3880ce0ed7a789727314c7434da8ed62bec53ea9

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db

Filesize
16KB

MD5
96c97542c6cd8ffa7d6e17cb7ac302d6

SHA1
bdcf08fe94ebd04e447c69d6f7db6cf4cdd20e7d

SHA256
25af9fd7be8c86d65406720be06afdebf793499c561d913f7c8a9ae5869877a7

SHA512
5030805f0b022da45e6bb2ef792bfd3f2bc2a18ef2e6ef57f540a6c1a20647c3d4da6e5f344962c34407fea063a398a31bd304e4c4de4f8a2e874b0dd41baba6

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2e77132e7392ef41e9c168ec3be15c49

SHA1
9ea10cb14d6510c475d2289c73e5feabe53e28c3

SHA256
8e5c03de351ca71ce7d2170ae16ce7ff73b0288d2a1042fbdd16b6a910d7324b

SHA512
f98eb10cbc2e4ac25484c36e0e556c9b7257d9d4b31dc1743bb50c9402785a26fc08ed890271f26774e9a5d69e68a4f143463594cfd5f2011b26b34460fcf660

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
82525bd67f5eb525ef6aaf0519e6a30b

SHA1
2a533bbdb4d4c14727b14603a126fdbf54dfdd5a

SHA256
68060fa96a4190493eddda7eefc8b9b38c3a5afc0fb4e69efe86981eacfb84b6

SHA512
80a81352fa56f37ecf5b84671ab3ccf3e9e4459dad9fb11e8822db0c59d7b52cc846a05fa319c17a997ff2a645b7f827615fcadd9739eebda5352eb5642de0e8

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
a650ab59cb810445f166b009bd055277

SHA1
d2b11b86107e5845e0f05486509488cd9887074a

SHA256
15709265719ecfd6ce0fa0702bb245c0127bfe37c6e42c89ca3b07cc29845b83

SHA512
e80be643ccd0f9977d1a1fc9994948e9854034c4824563bb1b8f1903dc0845c7b29804c714299398e29800d5a438840ebe52b3ea77f98b901d21cdd1a5588237

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0d621848f026488b9dd9960a5e5287e2

SHA1
dcf1c51cdf7283178d74562b491922a4bceb3d5a

SHA256
0a0c9e3087f9dc12ff02f8dc5d5683a1b50bd72e3edb6bebe3ae5440ee6d61a1

SHA512
e7241b399d3b676882eb4995fc2e47a8180d7799a2bae667c0852ecc62bf3c1fdde5eedb1f0a9ec8175e36ce7b1f6cc5909b2542b0fc5305de8fd1b6a2812fc9

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3da4fdaa438d15aedd09ede551c1818c

SHA1
a0f8f2384645ad17271fc3df15b66ac61fc382d8

SHA256
85eb01549362fe5f909a87bb4c7e176c440bbcceba474847ffa2c7a8b10dd7bf

SHA512
ec4772a0516564f0b648916386fb1d42a7c25c555ead1e1eae0507966d4873f5283b0cad649819f552215009674a48b56f42aa0665517ace6e705757bde3105a

Download Submit
/data/data/com.hyperbeard.odyssey/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
91b7b222c5980b5d0484103e2f681539

SHA1
a0d590f13697c5f4dc1473f274968f8dae58e659

SHA256
ba1230cd5fa0fce7ef8c8e56abb7e7ec0689fdc2e6d0daefd17fb66a4784243a

SHA512
6bfddce5415014ae28a9d05c775d1c0043604721e9024e8da225af79530ef3153a9e6c03bac1bfa3e55361cf6146910b750d4b28eb98132f82b0d173f1420859

Download Submit
/data/data/com.hyperbeard.odyssey/files/6c255c4fe852798e78b27793047bd122

Filesize
125B

MD5
9807b9f5a5386875aa8d62eced368895

SHA1
b707c33f73e03de95e2a279af5cc3c679953fb40

SHA256
9239bb1ed77d8843631def7dab296cc31ea880340383db64494c0af93fada947

SHA512
bbce67a2b09779ac5bd2ed4ce215963c83af7a40cbbf5f7447beeda6d4ba3fbb97f238deebdd3ddc1d47777dfcf4567bd25204f30933663a173fe89f12fce662

Download Submit
/data/data/com.hyperbeard.odyssey/files/cc0df23e/cc0df23e

Filesize
234KB

MD5
b73b5935e521303f007d17f0fc8a95ff

SHA1
3f104866d06a7519ac683fb12c460044525381be

SHA256
3606fd9f3ff41975e6378263b75735f1c860be42abf921628c5b44f264576900

SHA512
33e755126745da69e446747fc9550d472bf68463c7c9d827e054d407d223e2af49c90dc16bdb4ab71c0d40b87c5e9ee7228a4aeed495e714c7806468845a81e7

Download Submit
/data/data/com.hyperbeard.odyssey/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
7c7367c55c5ff87681f447ef687c3390

SHA1
f16d14297a798a60fd893e47f3f62e6f2467334f

SHA256
77cb2ca8098806343753769b380157dcbbfb35aef5d22d84c0e093488b1f7bf0

SHA512
a477641175a8531f1cbe9fe8272951b0738f44b7784e4bf8c5b875112e1702ac4307da7899da3f1849cd54fb8b16a95c701936e2ddf721d28ab3f8a6fb1a68fa

Download Submit
/data/data/com.hyperbeard.odyssey/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.hyperbeard.odyssey/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
b98423fd2de0c35f0a68145e788df68d

SHA1
3217c8fab38683af3637e1d2bf126798534a8f13

SHA256
4b48909b6446e76665977bf22b1c587efb76b67c42cdbb5ba11bc5cd5c489037

SHA512
2ac7d72c957cfb62bc6112a72919c937411b0a5f54d9d6e19b5d38252b7558ff7c3ba41cc7f5e034f013bb9c3b5e342a2f7a98f3eccf51244a4cf581f18903a4

Download Submit
/data/data/com.hyperbeard.odyssey/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.hyperbeard.odyssey/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
1de53e0c7a1f3de8bc11c38beddf62ec

SHA1
bf0fa54a0e01d57641c3aed78266e00cd6fe1ed5

SHA256
9f0ec6eee6232a9a81dd88e3dfddcea09afcd91b58b710edf563bb6e4e584a1f

SHA512
84d3d40c9f0bceb3d840ad24d2bf57a1d6f7312e0d9b59a9ae776bd08f5d48e0f1705e089578d17ef1c92f3b69a7455577f9900f0025c33880448c123b2f6aa7

Download Submit
/data/data/com.hyperbeard.odyssey/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
5e9fccd8e6113ed9b61f823ddb2df13b

SHA1
b0720f2d25c1dd9b47b1ed688375c4a3f9d606e0

SHA256
69ae5abb55a395756a83255e08642e593e583c06f8b0e686194bd84d2535a2c6

SHA512
b7bcef31d208564d487f7037eb413e47724cea60d49f2941e8c7ada8ee0f35819ab6100b494b1cbbdeb5db43a38e8ca77f754327855196021a7e91a82ec9d6f4

Download Submit
/data/data/com.hyperbeard.odyssey/oat/x86_64/[email protected]

Filesize
951B

MD5
16bea3329e0e5fb8f8c0f99986a2a4df

SHA1
302eccd4a303ecaaad75ec5845e58bfaa5b33b83

SHA256
e5d6bac684273e93f0ac785b7c0b83ac36d2a9478b68ca6ea844cdddee6bf9d1

SHA512
7fbbb9d0b53f2e6c75a760ba20476ef5b479bfc204c381206a888272c2acf7579f6ac1632f4b021af1ac65a1ffdfd643e8fff4580c5208a3cc16b226c5e573a8

Download Submit
/data/misc/profiles/cur/0/com.hyperbeard.odyssey/primary.prof

Filesize
1KB

MD5
16a83c973e3688bdee3dc30b480feae7

SHA1
8f682fb4446d6c3a3772160e5a43724326d0d6e8

SHA256
5eaaaaa6186f8ff25de4b6599e8b6e04472d0053658126fdc4483db8fa0a58de

SHA512
72c1bc142d9f9836c74a00be2c6a75915eabd42d8b70d2f38874c931cbe00dac957bb0c0ead9b79c917997e0a91c3caed908be0373a8b80c110a9678f3cf754f

Download Submit
/data/misc/profiles/cur/0/com.hyperbeard.odyssey/primary.prof

Filesize
5KB

MD5
b8a20ad24eae2fa35e5654141bb3a34c

SHA1
227c2eb53abb73273128c7a38fc9b93818f3cc34

SHA256
444c425dd99d5c9b06daa3e0de967a75fe4cbc3befb8f40ecc686aaec7354e59

SHA512
dc361f71d223aca3e9ff2da35c1b323f5fb3b1e7215621ebb26d6048fd02a2b9c0b36724eabbdef0c0056702432afebdb4cc488240e7b33c14f065173752bc19

Download Submit
/data/user/0/com.hyperbeard.odyssey/[email protected]

Filesize
3.1MB

MD5
9b8164be4f0ffaedadc82125e5346c14

SHA1
c4bf7a6383958b493ed5c4dd6a19862d366fca4a

SHA256
8e632284c9b0180ef28e309b4b0f282ef608cfb9d9046df899d8bdac227ea9ce

SHA512
352b3e9ef70839d0850ff7ca4a1f19f3df546412ae5cac1243a80588e573fea6371edd4c408a2edf1b48d70a10a5cb579513d3cd38a4b5ccf4b7528dd28704a4

Download Submit
anon_inode:[eventfd]

Filesize
8B

MD5
33cdeccccebe80329f1fdbee7f5874cb

SHA1
3da89ee273be13437e7ecf760f3fbd4dc0e8d1fe

SHA256
7c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8

SHA512
991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20

Download Submit
socket:[98390]

Filesize
48B

MD5
c7c5fa41de02c603bdedbbe274bad404

SHA1
7adc886633d1b01579e12055f3cb75e8e4ff64b6

SHA256
2cc0dc0a12498e1e5764195e2f2653b920fcc422a06304009e642d35d6bee02c

SHA512
ab67bbbf1542649529419df48af11de455b4d1a59fbc64220fdcaf1542ec8cbf602d5396cdde07fbbec447d1b310ada2b031dec926eccb7d5736331ac93ec743

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads