069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466

Analysis

max time kernel
123s
max time network
155s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
02-06-2024 23:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466.apk
Size

3.5MB
MD5

0745501a1a2b190983832460e999f1a3
SHA1

913220e033309c7eb6f3dea22d0784786bd3e76a
SHA256

069d6258fdcf9b13fc9065fa58d4d6cf5a65849bcf74d5bdb154786c74577466
SHA512

570ba89fbdd180c761d924247361f49c322a5379e3a9212b284c6a30a486d92937bf0106c7e5f602f991bc731af1742eb87d7298409599c56bb0067512acc15c
SSDEEP

98304:RRyzvEWAG0/BrC1q5JmShKKlWqwiqddfYswZ:RRyzvBF0/BmA5JmOFWqw7dxYl

Score

8^/10

discovery evasion persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ticketcreator.barcodechecker
/system/xbin/su	com.ticketcreator.barcodechecker

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ticketcreator.barcodechecker

Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ticketcreator.barcodechecker

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ticketcreator.barcodechecker

Checks the presence of a debugger
evasion

com.ticketcreator.barcodechecker
1⤵
- Checks if the Android device is rooted.
- Checks memory information
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4301

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
38a43bd21e44366cbdb49af8ba6a7b63

SHA1
2ef8d7c62f1958c294ec7ed5f0f00839ac6dfd09

SHA256
e36597134dc196e1b5c5cc5f8b7545e8cf3a0a5d1daf451d139efc982551d31f

SHA512
b0a02bf2f37b1fae2a18473b215300f6e67a173776542f4f2a80c0d42f123a3fa6d3128731404bc719c4d2c95a0e8420d5a8ba8e6636b4437201db6df42b1cfa

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/com.google.android.datatransport.events-wal

Filesize
68KB

MD5
05f5f03084a2b6cdbfd85e7a7a2dfd18

SHA1
459a59958b080f7eee804d4fbfac26563db88a6f

SHA256
6e1a9ece1825ff355d7108b81a207a4a4d66462c743a75529bccb4ac57c32ba2

SHA512
b7a39d97552846c6282128dae3c45e1bef70a1998e4b4c4327f5d65f96b0037b4a373ac1ecc5240aac5b5a319792803fbe2f66765b7404320a568aa15ce7a952

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c9f148f75a827f319ed838d4e53b3ec6

SHA1
0ce8adabeb5a0b1ea17595954876c19a1927f066

SHA256
1328f2d339b6397fae517278e0145c113533322e120c41bb2a6afda34b6f26d7

SHA512
351f06b7757917082ef2515cf5dc175d4415f9cfdf5de0ad11ccda2e1939af5944980014e8565683d59fd4e76adb7b609e9fe35ef590c8e12975c8248872c2b3

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7d219e8ddc50c51b6310d920be029b31

SHA1
0c97a8c2425a3dcf24587923b9f37dd8f76cb749

SHA256
6230f38213a3defa5e223a547eb063bbff595be00d3d69dac80880913c6e185b

SHA512
a5e83c4c357dd027bbc7c7918477b5a6aaa9ae2b31c56304e0cd6b62954e0160fa5e111c293dbb4f69bb8732b62c05694e80f39c3c31c10284ba1b7c7cebf149

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6cc67ab98b8733a790505b1d465902f6

SHA1
0b39f1dd5de955e11a3bccc14bf78834a6392a53

SHA256
b47d72a4931a1881cbd85e8f80887d4734495f7079b752198da1c7a3b65111ca

SHA512
433f63126539bd4deae2bcbf9eba8cb4535694fe5d85c4dedff6fd3108fa5da27d72aba46664a38ad36471cc5f058921dc906f34f4e05c79c041e63a84bb1bf2

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ddd7659eaa79710045194ea4a412f9e1

SHA1
3317fe467031d81b824038b09fb76c6d5c6f804d

SHA256
fbeba768d37b7cb50c9f6fcaf6e1b2cbf7918ae23ffcc2c9f0b44b290286416d

SHA512
45f9ad31a5a619f1d857e7f3cafe9d19f4e47883f9c52fb9085e75a229ef62a0959c3ac93dbfd925cda9b3b5f4034e60e201cf3a051bd0c9d25f28f210f77e51

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e881d9a01ca707bed38018ac69f4518

SHA1
5820f9351d7cc8082de6e5686eb9f8fedf6fb830

SHA256
4a5bf9bfe9b032546f886dd5fe6717de78716734aaadab620c0444ed6df5151c

SHA512
8f0395c94b3a449f3c61e7117f400c7b8a12c23d3655be6772bce2c8aa0ec8d8be8000c5cd2c6e10b334ef54a4add5583717393c3239da80c334c45b8b392db8

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
56a668084615af13a12cec2b1dc3b4cc

SHA1
5b3049c776858b64cf9398982e2bf267d9025f9e

SHA256
5485259e7f7b114307e134898ea1edffbcd1777c9a8748190fbddba24a52a30c

SHA512
0214499c69c125495bcdbe43dd058950c9461af6e646fe78ce3e1b9d1c84e40cd8f2f2d15c0afe595445e5a41fca565d3db2846a8f5e16cfefdbb46fc51018a8

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
190e0eac6c223b3363f616756750942e

SHA1
f401ea616c34160445a1ccd1a5ae1584a62d5b2c

SHA256
9030dcbcf28df669d8ea6a627c7d3c24aefc75aa66559ac8211ba75894d7a692

SHA512
53b287319b420933396c6b7c70e14c2ca744b02ac589ea78187eb0d7424cfe449d6bccf2cff0e78812afcad996ef3e542c62a0159a230c1001f4f78444c19e6d

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
3b4ae1c9cd764891e1b2f7380cd05474

SHA1
ec7afe1016cef9766a6d7d6dec34eb7565f7cf7b

SHA256
60424cd95475a1a6cbbc8a33a795a062c5abc28197cdd24f259e933ca417f32d

SHA512
165ee2a90b5bbec3373fe2a73d97c2a76905de923c785c7005764f5ea8c42df89d9f558052852674220af5861fc1b6672c85c5030fee261d27695bdcbcbed8c4

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
0cad5be14567536d580bbfd3a793c787

SHA1
9f8fc6d13fcff3190b52ba969717d013ae1f896b

SHA256
09046080b50212156efff4129dc0e70fa86b9f965a20799c86362bccefbcc8a9

SHA512
eb21e1a6f1a75e700f2f96ea1168bbfc25c24d5c5fe89a14feddab72057c974846424f77d8395fee2c8798f86f6471b0b02a496cdf6a24a09a9cbeecb2239502

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
90fdeb9dcfa24bb7f43a5a2201940bc1

SHA1
b581ac81400f31a2c0a3337fe7e93d4d8cf8fd9d

SHA256
2febb3744c1444f0546242aa3482b9066e005f17072a4143014a3ab95994e447

SHA512
de724a9bf488815f78e6350dfd5ac00bd2a0590212f03d573392877a3a0033fdf99738669e61e902e8aea05cd0f7aa57d7dd55f50c4cb55a80f397ea127255cc

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bd5a4bdae4576217e0c0eeffe055c34b

SHA1
d0a23e60d0b57b07371a5a70e5eb203380c31360

SHA256
271b48cfa97d7ed9ca1490205d20ebdac97c40e376568eee62c5281c129ee66d

SHA512
62434d3f11af9d132939becb802b68092c363d272a5866fd534230c71a7a275c1708a411202bf6e25a0cc120deac4d9503761572509a669571583c21994dd705

Download Submit
/data/data/com.ticketcreator.barcodechecker/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
7d6a14c9068a424f4e369239d0af3b87

SHA1
00c19a98a288db5e546b13006ad566d82d671975

SHA256
b62a49864666067a0ba6e60b179c4e8a9209d143f0f6b986db6f202ace627dbd

SHA512
22fef0039fb91ad86d2c92d3e98fd0229583c4249ac68247cfe8e6703ee4bf3743cf32f5730791f2bdb32ab0166a1e09d08771543427d4ec7e4bac803a7aee8a

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/com.crashlytics.settings.json

Filesize
728B

MD5
313e1174eb652bb27d86d64b6c4d5c0b

SHA1
d29ce8508dacdebf385be40aca9cd5ac5a613e85

SHA256
55f740279316d1789fefca62d203e906178e7a52dd6d30a4b9afe0e830da3a11

SHA512
44684230b98d50676cfa6093a73879382ac89d7499d5aedc7fd3c957d7b3802d96a145ee1ded2383d7a4e05d22b45476e46eb20c333abd05b8af80c2cdbc1977

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D056702D2000110CD86180E044962/report

Filesize
741B

MD5
fca6e5fdbe9876481e7f33442920196f

SHA1
e8de375c2e02c63ced8761f4882ed182992ce1f3

SHA256
e372c00c06279a1c7737dd1e8e82d80038e855edb4cfe2a4aa38c668b2b8e9d6

SHA512
959cd1c2609f3556475c5d38b89ad8e395304133bd898eaff66262ed795144910fc8389afb63f60cea655f7d31f483253aabd813255caf0bf47bef31c6ee5f4b

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D056702D2000110CD86180E044962/userlog

Filesize
182B

MD5
105f65e61db6fca8f51ac044d3ad49f1

SHA1
fa025ddf6f4b5800f0b1207f0db5794caff9dc87

SHA256
bc6aac276b03fb19da8cfceaa7441003f9cb0668d8b4d2df543b273e13ba1ce4

SHA512
53437596cce0ba24eac2abe0c567c0f73cfa5876d5c54041ba3ef2ff80d6a595cb405b6e4c264d0097802f8a3abc6c2d5de419efba5d945311a14a6a104cb63c

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/.com.google.firebase.crashlytics.files.v2:com.ticketcreator.barcodechecker/open-sessions/665D056702D2000110CD86180E044962/userlog.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/PersistedInstallation2457685328973801563tmp

Filesize
559B

MD5
38082908fc95c5eac6b603e4cf65cd0b

SHA1
c4cb8cee96e8bdfc10acf06f626f9de998fa247c

SHA256
49271be12157dc9df51c7f79f959a1a26618c54a85b6a8d4f7730b1427580a9c

SHA512
9ed4905d06b2c5d6daaf89d0fe702930fcccb0f525702e81f119b551acd6932bb2aa4aceb5e49e306237cce7f176d06000bfcf1ee42fd1d345e085557cf9f621

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/PersistedInstallation3423657791003451145tmp

Filesize
90B

MD5
7ae0b64cf9a4dc520bbdc9057d3e2cca

SHA1
a54d282832d5271084254d6d658563640f6a7892

SHA256
3b1a6c3458fbd450be468d4998f3ea30d3b77f2c0ce5b4deda4ad8e66722ec78

SHA512
6861c87c5aa5500b9f25c3b1b4d7af1289fd55e4ffed0c30c010f348e35645a231a6a5975eea781808a588b6ef669a9a782e0180fb56b8509eaece871fca3688

Download Submit
/data/data/com.ticketcreator.barcodechecker/files/uid.txt

Filesize
44B

MD5
9e4cff13f418594b769af01efe6bc888

SHA1
b54a5f55b468e314d39845d0562d2e573d02a65e

SHA256
1f41d77df2b14e9f00718c2b1af6082f7159dce34c7221202cfd66f95317ccc3

SHA512
3576592d2290b186aee532c08454220f45766de1a59162f01420ecbc72e3c6d6435fe206b353ee96bcbbc0b1d4169152c7eabdc4853b71ace1e4f0763c6372f7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads